www.sf-international.com Open in urlscan Pro
43.132.64.26 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sf-international.com/th/th/
Submission: On November 14 via manual (November 14th 2022, 7:28:27 am UTC) from TH — Scanned from GB

Summary HTTP 27 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 43.132.64.26, located in London, United Kingdom and belongs to ACE-AS-AP ACE, SG. The main domain is www.sf-international.com. The Cisco Umbrella rank of the primary domain is 570267.
TLS certificate: Issued by DigiCert CN RSA CA G1 on September 29th 2022. Valid for: a year.

This is the only time www.sf-international.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SF Express (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
2 26	43.132.64.26 43.132.64.26	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	43.152.137.30 43.152.137.30	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	123.56.12.94 123.56.12.94	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	183.136.225.4 183.136.225.4	58461 (CT-HANGZH...) (CT-HANGZHOU-IDC No.288)
27	4

26 43.132.64.26 (London, United Kingdom) 2 redirects

ASN139341 (ACE-AS-AP ACE, SG)

www.sf-international.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.137.30 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

sfimcdnupdate.sf-tech.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.56.12.94 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

webcert.cnmstl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.136.225.4 (China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)

szcert.ebs.org.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	sf-international.com 2 redirects www.sf-international.com — Cisco Umbrella Rank: 570267	2 MB
1	ebs.org.cn szcert.ebs.org.cn — Cisco Umbrella Rank: 269603	10 KB
1	cnmstl.net webcert.cnmstl.net — Cisco Umbrella Rank: 172301	3 KB
1	sf-tech.com.cn sfimcdnupdate.sf-tech.com.cn — Cisco Umbrella Rank: 369642	52 KB
27	4

	Domain	Requested by
26	www.sf-international.com	2 redirects www.sf-international.com
1	szcert.ebs.org.cn	www.sf-international.com
1	webcert.cnmstl.net	www.sf-international.com
1	sfimcdnupdate.sf-tech.com.cn	www.sf-international.com
27	4

This site contains links to these domains. Also see Links.

Domain
iuop.sf.global
www.sf-express.com
weibo.com
www.facebook.com
instagram.com
www.linkedin.com
beian.miit.gov.cn
webcert.cnmstl.net
www.sznet110.gov.cn
szcert.ebs.org.cn

Subject Issuer	Validity	Valid
*.sf-international.com DigiCert CN RSA CA G1	`2022-09-29` - `2023-10-19`	a year	crt.sh
*.sf-tech.com.cn DigiCert CN RSA CA G1	`2022-02-23` - `2023-02-23`	a year	crt.sh
webcert.cnmstl.net Secure Site Extended Validation CA G2	`2022-10-27` - `2023-11-13`	a year	crt.sh
*.ebs.org.cn XinChaCha Trust SSL Organization Validated	`2022-08-01` - `2023-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.sf-international.com/th/th/
Frame ID: 43B493FD39C421F5A2570EB5821FDC04
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SF International

Page URL History Show full URLs

https://www.sf-international.com/th/th HTTP 301
http://www.sf-international.com/th/th/ HTTP 301
https://www.sf-international.com/th/th/ Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2256 kB
Transfer

7100 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://iuop.sf.global/?lang=en#/
Title: การขนส่ง

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/?lang=en#/customer-online
Title: ติดต่อสอบถาม

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/#/?lang=en
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/#/register?lang=en
Title: ลงทะเบียน

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/cn/sc/
Title: 顺丰速运 SF Express

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/cn/en/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/tc/
Title: 中国香港/中国澳門 HongKong China /Macau China

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/sc/
Title: 简

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/en/
Title: EN

Search URL Search Domain Scan URL

URL: https://weibo.com/p/1006067507964367/home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SF-Express-1575716475820824/

Search URL Search Domain Scan URL

URL: http://instagram.com/s.f.express

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/953921/

Search URL Search Domain Scan URL

URL: http://beian.miit.gov.cn/
Title: Company License: ICP-2020077802

Search URL Search Domain Scan URL

URL: http://webcert.cnmstl.net/cert/code?sn=c6cc6af3fac440c28901c15a104582fe

Search URL Search Domain Scan URL

URL: https://www.sznet110.gov.cn/webrecord/innernet/Welcome.jsp?bano=4403101900826

Search URL Search Domain Scan URL

URL: https://www.sznet110.gov.cn/index.jsp

Search URL Search Domain Scan URL

URL: https://szcert.ebs.org.cn/B943BEFD-EF5E-4747-AD73-B875A1FC5CC7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.sf-international.com/th/th HTTP 301
http://www.sf-international.com/th/th/ HTTP 301
https://www.sf-international.com/th/th/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.sf-international.com/th/th/ Redirect Chain https://www.sf-international.com/th/th http://www.sf-international.com/th/th/ https://www.sf-international.com/th/th/	115 KB 23 KB	488ms 488ms	Document text/html	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash `860f26094b85dc2800a83664ba73fe32a286f2adc224ff9e88ada51b63f8f06b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html date Mon, 14 Nov 2022 07:28:20 GMT etag W/"635127c2-1cdb8" last-modified Thu, 20 Oct 2022 10:49:38 GMT server openresty vary Accept-Encoding x-cache-lookup Cache Miss Cache Miss x-daa-tunnel hop_count=1 x-nws-log-uuid 9c29d66d-38f6-4b74-8ec7-bb91d109b1d8 Redirect headers Connection keep-alive Content-Length 28 Date Mon, 14 Nov 2022 07:28:19 GMT Location https://www.sf-international.com/th/th/ Server NWS_Oversea_AP
GET H2	200	main.css www.sf-international.com/resource/styles/	700 KB 108 KB	43ms 39ms	Stylesheet text/css	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `515a29a2fa44c94bada73335163d9a558d92eb99666d02c78334e2954efce976` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:20 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:57:36 GMT server NWS_Oversea_AP etag W/"62bad090-aefed" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 7eb7be4f-7545-460b-ab85-3afe62acc639 accept-ranges bytes content-length 109914 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	jquery-1.11.3.js Show response www.sf-international.com/resource/scripts/old/	87 KB 31 KB	71ms 68ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/old/jquery-1.11.3.js?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:20 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 09 Aug 2022 07:22:25 GMT server NWS_Oversea_AP etag W/"62f20b31-15d43" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 08217217-4543-426f-9197-3014c07d7739 accept-ranges bytes content-length 31077 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H/1.1	200 OK	scp-jssdk-v1.8.js Show response sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/	183 KB 52 KB	580ms 42ms	Script application/javascript	43.152.137.30 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/scp-jssdk-v1.8.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.137.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash `b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Mon, 14 Nov 2022 07:28:21 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit, Hit From Inner Cluster Last-Modified Mon, 11 Jul 2022 05:51:44 GMT Server Lego Server Etag "62cbba70-2da29" Content-Type application/javascript X-NWS-LOG-UUID 8770346301997962574 Connection keep-alive Accept-Ranges bytes Content-Length 52612
GET H2	200	intl_logo.png www.sf-international.com/resource/images/index/	6 KB 7 KB	30ms 30ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/intl_logo.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `9b45db7c406797d773c59e2e0df1bf0bff722643bad169839fb730cf131caa8f` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT x-cache-lookup Hit From Disktank3 last-modified Wed, 16 Dec 2020 08:36:02 GMT server NWS_Oversea_AP etag "5fd9c6f2-18d9" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid c802aef3-a2d4-45a8-904e-888ce20522aa accept-ranges bytes content-length 6361 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	homepage-website-banner-th.jpg www.sf-international.com/.gallery/th/index/	289 KB 289 KB	506ms 505ms	Image image/jpeg	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/th/index/homepage-website-banner-th.jpg Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `246b5b36e0b8ecd53041f1129de0aea5c10065d5bbcf7d8427f468b555bf7065` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Upstream, Hit From Disktank3 Gz content-length 294927 last-modified Wed, 24 Jan 2018 13:07:00 GMT server NWS_Oversea_AP etag W/"5a6884f4-48302" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-daa-tunnel hop_count=1 x-nws-log-uuid a00128ef-6f91-48eb-805b-54c2ad2d82b9 accept-ranges bytes expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	News-banner-web.jpg www.sf-international.com/.gallery/th/news/	46 KB 46 KB	408ms 408ms	Image image/jpeg	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/th/news/News-banner-web.jpg Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `4fdc23fac07329a5d13f0fc899170a61808e079ae7cf70571df54325cb61648a` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Upstream, Hit From Disktank3 Gz content-length 46803 last-modified Wed, 24 Jan 2018 13:07:00 GMT server NWS_Oversea_AP etag W/"5a6884f4-b7f9" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-daa-tunnel hop_count=1 x-nws-log-uuid 1a6ccc89-b3c1-4c86-9a51-805ac8c7e4a3 accept-ranges bytes expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	jwplayer.js Show response www.sf-international.com/resource/scripts/old/jwplayer-7.9.1/	235 KB 66 KB	30ms 30ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/old/jwplayer-7.9.1/jwplayer.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `3b10f832c4dc813c90a0ebd33aaf593a096fb9e0b30d023999dd684d489166cb` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Sun, 04 Jul 2021 07:18:27 GMT server NWS_Oversea_AP etag W/"60e160c3-3ace7" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 93885805-74ea-45bd-a6b4-a64bfe256601 accept-ranges bytes content-length 66794 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	sfapp_international.png www.sf-international.com/resource/images/index/	388 KB 202 KB	31ms 30ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/sfapp_international.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Mon, 22 Jul 2019 06:17:23 GMT server NWS_Oversea_AP etag W/"5d3554f3-60e25" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid da75f0d0-6630-4b70-a2db-e594d6b3157c accept-ranges bytes content-length 206153 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H/1.1	200 OK	officialbrand_small_h_img.jpg webcert.cnmstl.net/images/cert/code/	3 KB 3 KB	1478ms 179ms	Image image/png	123.56.12.94 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.56.12.94 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Nov 2022 07:28:22 GMT Content-Encoding gzip Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png; charset=utf-8
GET H2	200	security_site_1.png www.sf-international.com/.gallery/other/	3 KB 4 KB	31ms 30ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/other/security_site_1.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT x-cache-lookup Hit From Disktank3 last-modified Fri, 09 Jun 2017 08:44:12 GMT server NWS_Oversea_AP etag "593a5fdc-cc6" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 4c4f1d19-d1c3-4ab2-b32f-5cca69ccfd9b accept-ranges bytes content-length 3270 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	security_site_2.png www.sf-international.com/.gallery/other/	3 KB 3 KB	45ms 45ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/other/security_site_2.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 09 Jun 2017 08:44:12 GMT server NWS_Oversea_AP etag W/"593a5fdc-a93" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 38b8cdba-962d-485f-8312-9c9452946035 accept-ranges bytes content-length 2735 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	govIcon.gif szcert.ebs.org.cn/Images/	9 KB 10 KB	1055ms 296ms	Image image/gif	183.136.225.4 CT-HANGZHOU-IDC N...
General Check archive.org Show headers Download Go to Show image Full URL https://szcert.ebs.org.cn/Images/govIcon.gif Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 183.136.225.4 , China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN), Reverse DNS Software Waf / Resource Hash `6879f6200421154baabd4682320d1a1ff600830520ff73697f61c1c8759a6a3f` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:22 GMT last-modified Fri, 30 Oct 2020 03:26:52 GMT server Waf etag "a4aec9826caed61:0" access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type image/gif access-control-allow-origin * accept-ranges bytes access-control-allow-headers content-type,api_key,Authorization content-length 9481
GET H2	200	modernizr.js Show response www.sf-international.com/resource/scripts/vendor/	50 KB 16 KB	30ms 30ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/vendor/modernizr.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Sun, 04 Jul 2021 07:18:27 GMT server NWS_Oversea_AP etag W/"60e160c3-c951" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid fb1ec4ba-5cd7-4237-9615-8f5f77e8be55 accept-ranges bytes content-length 15881 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	configs.js Show response www.sf-international.com/resource/scripts/	5 KB 2 KB	30ms 30ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/configs.js?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `f42368ca2b4c73e934f7d417ea218d3d816f3410ccce6f7487b48d71248ba999` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:57:14 GMT server NWS_Oversea_AP etag W/"62bad07a-1445" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 9fa7d923-41f3-4ad7-a75c-1c673c4cf117 accept-ranges bytes content-length 1630 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	require.js Show response www.sf-international.com/resource/scripts/vendor/	86 KB 21 KB	30ms 30ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/vendor/require.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Sun, 04 Jul 2021 07:18:27 GMT server NWS_Oversea_AP etag W/"60e160c3-157f2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 28a06a15-87bb-4d11-81fb-8b3e15a481a1 accept-ranges bytes content-length 21457 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	frame.js Show response www.sf-international.com/resource/scripts/	314 KB 92 KB	30ms 30ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:57:14 GMT server NWS_Oversea_AP etag W/"62bad07a-4e870" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 65cc77cd-9bd6-46a3-aaa5-de0cc65e6d27 accept-ranges bytes content-length 93515 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	main.js Show response www.sf-international.com/resource/scripts/	4 MB 1 MB	32ms 32ms	Script application/javascript	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/main.js?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `291d8ceff871e6408034083c3dcee07c5fb153b8d19b5b9097f57f97ecb07457` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Mon, 26 Sep 2022 10:12:43 GMT server NWS_Oversea_AP etag "63317b1b-3eb7f4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid c39c829a-34ec-4c19-b891-99381e6cba3e accept-ranges bytes content-length 1074521 expires Mon, 14 Nov 2022 07:38:20 GMT
GET H2	200	header-phoneicon.png www.sf-international.com/resource/images/index/	12 KB 13 KB	30ms 29ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/header-phoneicon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:56:41 GMT server NWS_Oversea_AP etag W/"62bad059-310a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 4f7dfcc9-f3be-4025-a1de-f3833593d7fa accept-ranges bytes content-length 12582 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	warning_prompt_icon1.png www.sf-international.com/resource/images/index/	5 KB 3 KB	34ms 33ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/warning_prompt_icon1.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `60ffbdf73741c4f186b2d15707701d9809527288bc94bee8e34d5889c5139835` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-1588" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 632fad17-efac-421b-9b9f-8e19226bfcbe accept-ranges bytes content-length 3135 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	pb-wrapper-line.png www.sf-international.com/resource/images/index/	928 B 1 KB	30ms 29ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/pb-wrapper-line.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `a7a1e0f6508e3dcfa85855fb8787916259e1d3fbd60f95b59aa4282c132efb80` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT x-cache-lookup Hit From Disktank3 last-modified Fri, 28 Jun 2019 06:07:18 GMT server NWS_Oversea_AP etag "5d15ae96-3a0" content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 2eec1633-08c6-45f9-82fe-614364b884d8 accept-ranges bytes content-length 928 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	smallBanner-icon.png www.sf-international.com/resource/images/index/	6 KB 6 KB	34ms 33ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/smallBanner-icon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `34c3501386e849c21bfd981f8b7e0973090fe3341f364f2798b9560bd180b36c` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-1852" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 6a3a5842-fac3-4083-b30e-07e046f9696c accept-ranges bytes content-length 6254 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	smallHeader-searchIcon.png www.sf-international.com/resource/images/index/	1 KB 1 KB	34ms 34ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/smallHeader-searchIcon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `3611a84781e70db572fa5f1562a314fb3d0dc5c5217ecb2008d32a8a9c69c488` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-5b9" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid c3931711-a926-4a4e-aa6f-53eb2dc1bcbb accept-ranges bytes content-length 1183 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	to-top-red.png www.sf-international.com/resource/images/index/	2 KB 3 KB	30ms 30ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/to-top-red.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-9a2" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 7ce12d46-78db-4f10-86fb-a04b16f440cc accept-ranges bytes content-length 2200 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	label-top-r-kr.png www.sf-international.com/resource/images/index/	463 KB 133 KB	30ms 30ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/label-top-r-kr.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:17 GMT server NWS_Oversea_AP etag W/"5d15ae95-73dc4" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid e7f2967f-01c6-45d9-b7df-6f058a1cf470 accept-ranges bytes content-length 135372 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	th-sf.png www.sf-international.com/resource/images/index/	6 KB 6 KB	32ms 31ms	Image image/png	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/th-sf.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software NWS_Oversea_AP / Resource Hash `3e53f5da010112b52d915774bab7b44fc3bf77d1f3c64fd212d9de0c2998e366` Request headers accept-language en-GB,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:21 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 14 Apr 2021 11:47:40 GMT server NWS_Oversea_AP etag W/"6076d65c-1820" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 8d0cce67-5177-4526-b56c-5f7aed369402 accept-ranges bytes content-length 5813 expires Mon, 14 Nov 2022 07:38:21 GMT
GET H2	200	i18n_universal.json Show response www.sf-international.com/resource/i18n/	66 KB 66 KB	806ms 806ms	XHR application/json	43.132.64.26 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/i18n/i18n_universal.json?lang=en&region=th&translate= Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.132.64.26 London, United Kingdom, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash `fdf07543929392ef396c8bef289833271b85654992b8947282f60d0c33891df0` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://www.sf-international.com/th/th/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 07:28:22 GMT x-cache-lookup Cache Miss, Cache Miss last-modified Mon, 14 Dec 2020 10:00:55 GMT server openresty etag "5fd737d7-106da" content-type application/json access-control-allow-origin * cache-control no-cache access-control-allow-credentials true x-daa-tunnel hop_count=1 x-nws-log-uuid 9dcfc84c-0b48-42cf-b811-f0c9279fcd42 accept-ranges bytes content-length 67290

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SF Express (Transportation)

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.sf-international.com/th/th/ Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/th/th/ Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/th/th/(Line 3792) Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/th/th/(Line 3792) Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sfimcdnupdate.sf-tech.com.cn
szcert.ebs.org.cn
webcert.cnmstl.net
www.sf-international.com
123.56.12.94
183.136.225.4
43.132.64.26
43.152.137.30
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f
0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad
0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992
17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
246b5b36e0b8ecd53041f1129de0aea5c10065d5bbcf7d8427f468b555bf7065
291d8ceff871e6408034083c3dcee07c5fb153b8d19b5b9097f57f97ecb07457
34c3501386e849c21bfd981f8b7e0973090fe3341f364f2798b9560bd180b36c
3611a84781e70db572fa5f1562a314fb3d0dc5c5217ecb2008d32a8a9c69c488
3b10f832c4dc813c90a0ebd33aaf593a096fb9e0b30d023999dd684d489166cb
3e53f5da010112b52d915774bab7b44fc3bf77d1f3c64fd212d9de0c2998e366
4fdc23fac07329a5d13f0fc899170a61808e079ae7cf70571df54325cb61648a
510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7
515a29a2fa44c94bada73335163d9a558d92eb99666d02c78334e2954efce976
60ffbdf73741c4f186b2d15707701d9809527288bc94bee8e34d5889c5139835
6879f6200421154baabd4682320d1a1ff600830520ff73697f61c1c8759a6a3f
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce
860f26094b85dc2800a83664ba73fe32a286f2adc224ff9e88ada51b63f8f06b
9b45db7c406797d773c59e2e0df1bf0bff722643bad169839fb730cf131caa8f
a7a1e0f6508e3dcfa85855fb8787916259e1d3fbd60f95b59aa4282c132efb80
b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df
e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4
f42368ca2b4c73e934f7d417ea218d3d816f3410ccce6f7487b48d71248ba999
fdf07543929392ef396c8bef289833271b85654992b8947282f60d0c33891df0

www.sf-international.com Open in urlscan Pro 43.132.64.26 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

2256 kBTransfer

7100 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

www.sf-international.com Open in urlscan Pro
43.132.64.26 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2256 kB
Transfer

7100 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!