sfexpress.via-fps.shop Open in urlscan Pro
2606:4700:3034::ac43:ded2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sfexpress.via-fps.shop/196482452
Submission: On August 08 via api (August 8th 2024, 12:25:10 pm UTC) from HK — Scanned from US

Summary HTTP 27 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::ac43:ded2, located in United States and belongs to CLOUDFLARENET, US. The main domain is sfexpress.via-fps.shop.
TLS certificate: Issued by WE1 on August 1st 2024. Valid for: 3 months.

This is the only time sfexpress.via-fps.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SF Express (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3034::ac43:ded2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	58.250.0.54 58.250.0.54	17623 (CNCGROUP-...) (CNCGROUP-SZ China Unicom Shenzen network)
1	43.152.134.54 43.152.134.54	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
27	4

18 2606:4700:3034::ac43:ded2 (United States)

ASN13335 (CLOUDFLARENET, US)

sfexpress.via-fps.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.250.0.54 (China)

ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN)

szcert.ebs.org.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.134.54 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

htm.sf-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	via-fps.shop sfexpress.via-fps.shop	235 KB
1	sf-express.com htm.sf-express.com	2 KB
1	ebs.org.cn szcert.ebs.org.cn — Cisco Umbrella Rank: 769393	16 KB
0	s-wallet.ai Failed s-wallet.ai Failed
27	4

	Domain	Requested by
18	sfexpress.via-fps.shop	sfexpress.via-fps.shop
1	htm.sf-express.com
1	szcert.ebs.org.cn	sfexpress.via-fps.shop
0	s-wallet.ai Failed	sfexpress.via-fps.shop
27	4

This site contains links to these domains. Also see Links.

Domain
htm.sf-express.com
baggageservice.sf-express.com
v.sf-express.com
www.sf-tech.com.cn
www.sf-airlines.com
intl.sf-express.com
www.sfbuy.com
www.sfgy.org
www.miitbeian.gov.cn
webcert.cnmstl.net
www.sznet110.gov.cn
szcert.ebs.org.cn

Subject Issuer	Validity	Valid
via-fps.shop WE1	`2024-08-01` - `2024-10-30`	3 months	crt.sh
*.ebs.org.cn Xcc Trust OV SSL CA	`2024-06-18` - `2025-07-18`	a year	crt.sh
*.sf-express.com DigiCert CN RSA CA G1	`2023-09-27` - `2024-10-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sfexpress.via-fps.shop/196482452
Frame ID: CE014375EA43C0392D578A19F65C05E4
Requests: 20 HTTP requests in this frame

Frame: https://sfexpress.via-fps.shop/supportChatFrame/196482452
Frame ID: 876E74A27D6125D57AA04967685A32BC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track & Trace

Page Statistics

27
Requests

74 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

252 kB
Transfer

1074 kB
Size

1
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://htm.sf-express.com/hk/en/index.html

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Standard_Express/
Title: SF Speedy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/SF_Drop_and_Pick/
Title: SF Drop & Pick

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/E-comm_Box/
Title: E-comm Box

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/SF_Locker_Mailing_Service/
Title: SF Locker Mailing Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/SF_Return/
Title: SF Return

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Alcohol_Delivery/
Title: Alcohol Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Economy_Express/
Title: Economy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Heavy_Freight_FTL/
Title: FTL Direct Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Standard_Express/
Title: SF Speedy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Economy_Express/
Title: Economy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/SF-eship_C2C_Personal_Postal/
Title: SF-eship

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Heavy_Freight_FTL/
Title: FTL Direct Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Ground_Parcel_BBX_Model/
Title: Ground Parcel (BBX Model)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/E-commerce_Standard_Express/
Title: E-commerce Standard Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/Standard_Express/
Title: Standard Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/SF_Economy_Express/
Title: SF Economy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/SF_E-Parcel/
Title: SF E-Parcel

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/SF_E-Commerce_Express/
Title: SF E-Commerce Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Shipment_Protection_Plus_SPP/
Title: Shipment Protection Plus (SPP)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Cash_on_Delivery_HK/
Title: Cash on Delivery (Hong Kong and Macau)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Pickup_Authorization/
Title: Pickup Authorization

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Change_Payment_Mode/
Title: Change Payment Mode

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Address_Correction/
Title: Address Correction

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Return_Proof_of_Delivery/
Title: Return Proof of Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Special_Warehousing/
Title: Special Warehousing

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Hong_Kong_Import_and_Export_Declaration/
Title: Hong Kong Import and Export Declaration

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/SF_Packing_Materials/
Title: SF Packing Materials

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/SF_Cold_Chain_Insulated_Materials/
Title: SF Cold Chain Insulated Materials

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/SF_Retention_Service/
Title: SF Retention Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Secret_Key_Authentication_Service/
Title: Secret Key Authentication Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Surcharges/Resource_Allocation_Fee/
Title: Resource Allocation Fee

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Surcharges/Fuel_Surcharge/
Title: Fuel Surcharge

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Surcharges/Remote_Surcharge/
Title: Remote Surcharge

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Warehousing_and_Distribution_Services/Warehousing_and_Distribution_Services/Standard_Warehouse_Distribution_Center/
Title: Standard Warehouse Distribution Center

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Warehousing_and_Distribution_Services/Warehousing_and_Distribution_Services/Warehouse_Management/
Title: Warehouse Management

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Warehousing_and_Distribution_Services/Warehousing_and_Distribution_Services/Powerful_Distribution_Support/
Title: Distribution Support

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Cold_Chain_Services/Cold_Chain_Delivery_Services/Temperature_Controlled_Delivery/
Title: Temperature Controlled Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Cold_Chain_Services/Cold_Chain_Delivery_Services/Temperature_Controlled_Delivery_Alcohol/
Title: Temperature Controlled Delivery (Alcohol)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/download/Packaging-Guidelines-for-Cold-Chain-Shipments_EN.pdf
Title: Packaging Principles for Cold Chain Shipments

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/sf-buy/sf-buy/Mainland-HK/index.html
Title: Mainland China to Hong Kong China/Macau China

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/sf-buy/sf-buy/USA-HK/index.html
Title: USA to Hong Kong China/Macau China

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/Order_Now/
Title: Shipping

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/price/
Title: Rates & Transit Time

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/range/
Title: Service Coverage

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/store/
Title: Service Point

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/cooperative_consulting/index.html
Title: Cooperation Inquiry

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/intelligent_cabinet/marketing_services/
Title: About SF Locker

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/intelligent_cabinet/grid_sizes/
Title: Grid Sizes

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/intelligent_cabinet/user_guide/
Title: User Guide

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/airportdeliveryservice/airportcourierservice/
Title: Airport Courier Service

Search URL Search Domain Scan URL

URL: https://baggageservice.sf-express.com/aabaggage/en
Title: Airport Baggage Check-in and Delivery Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/premiumlogisticssolution/e-grow/
Title: One-stop e-Commerce Logistics Solution E-Grow

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/premiumlogisticssolution/gift-redemption/
Title: Gift Redemption Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/Exhibition_Logistics_Services/Exhibitor_Exclusive_Offer_for_Move_In_and_Out_and_Replenishment-/
Title: Exhibitor Exclusive Offer for Move In & Out and Replenishment

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/Exhibition_Logistics_Services/Exclusive_Delivery_Offers_for_Visitors/
Title: Exclusive Delivery Offers for Visitors

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/quick/#normalCargo
Title: Shipping

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/waybill/
Title: Track & Trace

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/accept/
Title: Pickup/Delivery Standards

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/exchange/
Title: Currency Exchange Rates

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/airport_express/
Title: Airport Express Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/clearance/clearance_pictureUpload/
Title: Customs Clearance Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/Customer_Zone/Scheme/
Title: Customer Area

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/packaging_principles/
Title: Packaging Principles

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/Types_of_Vulnerable_Fragile_Valuable_Item/
Title: Types of Vulnerable, Fragile and Valuable Item

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/CcrnSearch/
Title: Customs Cargo Reference Number

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/send_introduced/Weight-and-Size-Restrictions/
Title: Weight and Size Restrictions

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/formdownload/
Title: Useful Forms

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_business_station_address/
Title: SF Business Station Locations

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_store_address/
Title: SF Store Locations

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_service_partner_address/
Title: SF Service Partner Locations

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_Locker/
Title: SF Locker Locations

Search URL Search Domain Scan URL

URL: https://v.sf-express.com/web/portal/
Title: Business Clients

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/about_us/
Title: About Us

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/about_us/about_sf/company_introduction/
Title: About SF

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/news/
Title: Announcement

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/information/
Title: News Information

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/talent_recruitment/
Title: Careers

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/contact_us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/we/ow/#/hkmo/en/cooperative-consultation
Title: Cooperation Inquiry

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/promotions/
Title: Promotions and Events

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/quick/
Title: Shipping

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/sf_care/
Title: Service & Support

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/opencms/system/modules/com.sf.portal/elements/hk/footerNavigation/footer_help_center.jsp

Search URL Search Domain Scan URL

URL: http://www.sf-tech.com.cn/
Title: SF TECH

Search URL Search Domain Scan URL

URL: http://www.sf-airlines.com/sfa/zh/index.html
Title: SF AIRLINES

Search URL Search Domain Scan URL

URL: http://intl.sf-express.com/
Title: SF INTERNATIONAL

Search URL Search Domain Scan URL

URL: http://www.sfbuy.com/index
Title: SFBuy

Search URL Search Domain Scan URL

URL: http://www.sfgy.org/
Title: SF Foundation

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/use_clause/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/Privacy_Policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.miitbeian.gov.cn/
Title: 粤 ICP 备08034243号

Search URL Search Domain Scan URL

URL: http://webcert.cnmstl.net/cert/code?sn=c6cc6af3fac440c28901c15a104582fe

Search URL Search Domain Scan URL

URL: http://www.sznet110.gov.cn/webrecord/innernet/Welcome.jsp?bano=4403101900826

Search URL Search Domain Scan URL

URL: http://www.sznet110.gov.cn/index.jsp

Search URL Search Domain Scan URL

URL: https://szcert.ebs.org.cn/B943BEFD-EF5E-4747-AD73-B875A1FC5CC7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://sfexpress.via-fps.shop/assets/images/index/header-phoneicon.png HTTP 302
https://s-wallet.ai/

Request Chain 12

https://sfexpress.via-fps.shop/assets/images/index/order-button-background.png HTTP 302
https://s-wallet.ai/

Request Chain 13

https://sfexpress.via-fps.shop/assets/images/index/order-button-arrow.png HTTP 302
https://s-wallet.ai/

Request Chain 14

https://sfexpress.via-fps.shop/assets/images/index/whatsapp-gray.png HTTP 302
https://s-wallet.ai/

Request Chain 15

https://sfexpress.via-fps.shop/assets/images/index/label-top-r-btn.png HTTP 302
https://s-wallet.ai/

Request Chain 17

https://sfexpress.via-fps.shop/assets/fonts/sf-express-icon.woff?hash=1478076975980 HTTP 302
https://s-wallet.ai/

Request Chain 22

https://sfexpress.via-fps.shop/assets/fonts/sf-express-icon.ttf?hash=1478076975980 HTTP 302
https://s-wallet.ai/

27 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request 196482452 Show response sfexpress.via-fps.shop/	98 KB 34 KB	756ms 678ms	Document text/html	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e922e3484aa8fe678e2a498b460655e67021d4de68d0debfc56ce2565367959d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8aff7cab2bd472a4-EWR content-encoding br content-type text/html; charset=utf-8 date Thu, 08 Aug 2024 12:25:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yN87dYAJiY2oT%2BVW7D%2F8C6ZXNUCs62vsDAbbI3btGGxOnrruJg3W1ZSsdzMW1pRnagxbsyNm5xbHe1sewnfEgJrrcZSruV%2BlOZuHb4Ap8YKCTnoLTYcFqlN7pPjWSKLAT4JWQDUQo65%2BY0HuLQAjmvf4tq3y"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H3	200	main.css sfexpress.via-fps.shop/assets/sfexpress/	735 KB 111 KB	188ms 188ms	Stylesheet text/css	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/assets/sfexpress/main.css Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `0065f72f9d0f2421a4c54c9f411e645c2fb8e6d66d279df5d4c72975a2bf24be` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"b7cd6-18dc0d1e4ec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hh1gfmfmz7XrIXESyetBNMhQwo%2FycUO2yih9Ir0%2FaTJajaFafJLopfPgwAeG6PkGvQ83KnsUd%2Fygz1XQPnnwdQLyfENVGF3JJ3XlKsVY7%2BckLRMznfjA%2BpxsQJbYFgmsU%2BNWzrjv9nS4kcp81%2FfhluXsQ%2BO2"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 8aff7caf6e6272a4-EWR alt-svc h3=":443"; ma=86400
GET H3	200	support_parent.css sfexpress.via-fps.shop/css/	4 KB 1 KB	182ms 181ms	Stylesheet text/css	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/css/support_parent.css Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `78c8c71fea5b45069746367cedf2585a47793ef26ced047dbb4ed4d6c758b902` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Jun 2024 03:09:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1053-190339f43ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rPPInGUB3qd%2BU1Tx%2BryUCobDyp43qvk5fqYTOTyD3bD269Yict%2BTlCsPQijLTjx7rF6NkOs9uRa7NC6ectV2wYwAwLD03vsD%2Bbn5hc5YP0Um0uln3Pt2UIJZm0K6HJKCZ0ebzyWxB6NkVi8dX%2FYVzyhU56N"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 8aff7caf6e6472a4-EWR alt-svc h3=":443"; ma=86400
GET H3	200	logotc.png sfexpress.via-fps.shop/assets/sfexpress/	4 KB 5 KB	181ms 180ms	Image image/png	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/assets/sfexpress/logotc.png Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `246fac7dcc264259f436808fc3321842a95c91b3f32ed7a5882f9a817b82858a` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"11a0-18dc0d1e722" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fInKfzXvpc4ZmB2oCKaqDvwQFXOnM%2BXwh%2FXRvu%2BKRRvrgoeXpKNwWsRfgUrCZp1nOx1M7ES8OZA83YFXyjFOIMuuntJLcS2BMsxF1boTQ3AlnnS9A9TFL2roUjQZCnwBHfdVgyzAaXiJbvk4dg4LHyi6EnML"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 8aff7caf6e6672a4-EWR alt-svc h3=":443"; ma=86400 content-length 4512
GET DATA	200 OK	truncated /	24 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c99696a5fad2e45e74b48c6705034bf1945c577a5ad2efeaa5fdbb4186917162` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	order-button-icon.gif sfexpress.via-fps.shop/assets/sfexpress/	895 B 1 KB	180ms 179ms	Image image/gif	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/assets/sfexpress/order-button-icon.gif Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `73d4e2bc1d520806978d442cc192c7856b88449cd109d1a6551a18879bb81e19` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"37f-18dc0d1e829" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08cga9ZpZBLfyF04SLJOBabXPpvDDc8MJsaYntVBqIlXn5sQGI9rnWoQOE5uqZJS4xmred3saWr5LYZOmzLApljYyGzyrdcAK1psszbbeexVpI3fCQEG4rlMwjXUuZybaqdF0eMUypFOCaMbpogUxWPWDWow"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=14400 accept-ranges bytes cf-ray 8aff7cb06f1972a4-EWR alt-svc h3=":443"; ma=86400 content-length 895
GET H3	200	196482452 Show response sfexpress.via-fps.shop/supportChatFrame/ Frame 876E	23 KB 7 KB	115ms 114ms	Document text/html	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/supportChatFrame/196482452 Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `16a55edb9b36bb62cb40a197be44c7e1357562e789f24e9de373aed54cb98c38` Request headers Referer https://sfexpress.via-fps.shop/196482452 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8aff7cb06f2072a4-EWR content-encoding br content-type text/html; charset=utf-8 date Thu, 08 Aug 2024 12:25:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qjGsE46FbjoUKsTxuIQPOx%2BI3ut2CcsKUGmnAaj2d8d1UWHJ%2B9yJmpJTPmaoJCZvsx%2BqfjKb%2FshvYcI9oZVx96zl7s2%2F%2FnNxNv8z%2Fb2QPJ%2FpV2uXEEvkN3qPqqOkzsE2yaBYrASN5mJXkAmaz2DREK3UkLM"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H3	200	hk_suyuntong.jpg sfexpress.via-fps.shop/assets/sfexpress/	38 KB 39 KB	182ms 182ms	Image image/jpeg	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/assets/sfexpress/hk_suyuntong.jpg Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `be0f09e385ed5b8745751b3fefe56db002a55118ab5fd80111c89255aa485f5d` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"981b-18dc0d1e8b5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmp89HOnExc%2BPONr5ZTkTeM7Q3h8XUuxrZ5BouQd%2BajzOcZE1AcRYErmtwwB%2BygLTVzQ0BMj92iZnMSvWTCRjyXNRYQ7%2BZb3%2Fa068pg6yL9hxzhDbsJffuT3lgYu9yCMwiLcPyu2JooDsZYOLE6yaABufxRm"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 8aff7cb06f1b72a4-EWR alt-svc h3=":443"; ma=86400 content-length 38939
GET H3	200	officialbrand_small_h_img.jpg sfexpress.via-fps.shop/assets/sfexpress/	3 KB 3 KB	183ms 182ms	Image image/jpeg	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/assets/sfexpress/officialbrand_small_h_img.jpg Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"a3c-18dc0d1eb14" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3w0XXCkBNnJK3K5AYA%2BiwqL92I4n89LXlT41%2B0J%2By%2FPIPHrPwGYqlO2lRrIkOzGITDzVbaHJq0TZz%2BgiI%2BKElgenzJEAyu0MTAqRsKS3hd9woLlZnfJCkPV72DbK6t7WhqmEtXUXUN3SlcTTWXrGuzGFXDLo"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 8aff7cb06f1c72a4-EWR alt-svc h3=":443"; ma=86400 content-length 2620
GET H3	200	security_site_1.png sfexpress.via-fps.shop/assets/sfexpress/	3 KB 4 KB	185ms 184ms	Image image/png	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/assets/sfexpress/security_site_1.png Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"cc6-18dc0d1eba0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xG1AeXv8bo%2FuNJELw9qfznEOvxKVBU1%2FmzhEy93zYI7%2BCJ9nMSOw8IEgPWUsCZj%2BLssbrueM64hRAiNKp24vtHSCE9Vhfufvh5fyGG2WjT1XUcV9E%2FAgU6RU1fmAyowUFQjcT4vms7UvUQhutClqDvTb04Zd"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 8aff7cb06f1e72a4-EWR alt-svc h3=":443"; ma=86400 content-length 3270
GET H3	200	security_site_2.png sfexpress.via-fps.shop/assets/sfexpress/	3 KB 3 KB	184ms 183ms	Image image/png	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/assets/sfexpress/security_site_2.png Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d` Request headers Referer https://sfexpress.via-fps.shop/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status REVALIDATED last-modified Mon, 19 Feb 2024 10:03:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"a93-18dc0d1ec29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlKA%2F9awyR%2FPsar7%2BLfHFkCZCJwRsqVaPPBQF8MkHSGF%2BkVbLo7BjfjF4nZwpxDAiOTqv4V0iurLpGBiBhITRyoRFix16sRAtUVRPe9Jq0HINQHwUIjm5CAKZvu%2B2nyREOlNQyV8q6u5Ftqw4pVeSaHnJiA2"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 8aff7cb06f1f72a4-EWR alt-svc h3=":443"; ma=86400 content-length 2707
GET H/1.1	200 OK	govIcon.gif szcert.ebs.org.cn/Images/	15 KB 16 KB	2319ms 717ms	Image image/gif	58.250.0.54 CNCGROUP-SZ China...
General Check archive.org Show headers Download Go to Show image Full URL https://szcert.ebs.org.cn/Images/govIcon.gif Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/196482452 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 58.250.0.54 , China, ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN), Reverse DNS Software / Resource Hash `74f553ec7aa4457024310378fd3eac8573d86f767579ad371bbf64d32ed96df8` Request headers Referer https://sfexpress.via-fps.shop/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 08 Aug 2024 12:25:07 GMT Last-Modified Fri, 01 Mar 2024 07:13:31 GMT ETag "805f16f7a76bda1:0" Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers content-type,api_key,Authorization Content-Length 15504
GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/images/index/header-phoneicon.png https://s-wallet.ai/	0 0

GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/images/index/order-button-background.png https://s-wallet.ai/	0 0

GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/images/index/order-button-arrow.png https://s-wallet.ai/	0 0

GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/images/index/whatsapp-gray.png https://s-wallet.ai/	0 0

GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/images/index/label-top-r-btn.png https://s-wallet.ai/	0 0

GET H3	200	supportIcon.svg sfexpress.via-fps.shop/img/	1 KB 1 KB	195ms 195ms	Image image/svg+xml	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sfexpress.via-fps.shop/img/supportIcon.svg Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/css/support_parent.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59` Request headers Referer https://sfexpress.via-fps.shop/css/support_parent.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 26 Jul 2021 10:21:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"4d3-17ae255677b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PL80JcTx%2FfVHdSOTYvWG5eXGTBKXeqEAOVHRf8QJ4zCXCNne2IKBEBa2hD3nsZwHHEVvq2gUK9o%2F5gI1SAeSSoId9C%2F2D85jyHkoKVhSnGZ%2BLppFmX35McrQz13fUnhUpfBJXIFJznra3xpPKvY9SynIVuLh"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 cf-ray 8aff7cb0ef7572a4-EWR alt-svc h3=":443"; ma=86400
GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/fonts/sf-express-icon.woff?hash=1478076975980 https://s-wallet.ai/	0 0

GET H3	200	support_chat.css sfexpress.via-fps.shop/css/ Frame 876E	101 KB 17 KB	181ms 180ms	Stylesheet text/css	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/css/support_chat.css Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/supportChatFrame/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f` Request headers Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 26 Jul 2021 10:21:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"195ce-17ae2556772" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2pBRw2llgwiiZiUqx4NESc4vfmVSQMDAN5ZSELSA%2BZZtXsjQlNDintUhFhVTWi6ZVI0nNpIvlxPp5W03GnMGFBAZdP5TXT9FSXwoVr1xubWGnf7Epfa8W7K1irIKRDlbJLSaSk4RJlFdpbpGLerEyoZHBsV"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 8aff7cb14fcb72a4-EWR alt-svc h3=":443"; ma=86400
GET H3	200	axios.min.js Show response sfexpress.via-fps.shop/js/ Frame 876E	14 KB 5 KB	183ms 182ms	Script application/javascript	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/js/axios.min.js Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/supportChatFrame/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0` Request headers Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 26 Jul 2021 10:21:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"3815-17ae255677d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WA0DBZj6R9Yv4JpmTlhTuGRfYVqr55o683U8Keigqjbj4%2BwWOimTQiuQOM6aa8ewcSklVcGSNgIbRBUImvKExNFm799B8Xi0KalwWUdlEZuX66RPwF6TSdZYiO%2BfrU9UFd2Y2xyf4Q5jm43oX4LWq1wnzMP0"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 8aff7cb14fcc72a4-EWR alt-svc h3=":443"; ma=86400
GET H3	200	support.js Show response sfexpress.via-fps.shop/js/ Frame 876E	5 KB 2 KB	181ms 181ms	Script application/javascript	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/js/support.js Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/supportChatFrame/196482452 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2ca32d461e4105aa8337ce1559b9f399527acb7be62124bae03a0106dc2d9a4b` Request headers Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 12:25:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 13 Mar 2024 02:25:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"12d5-18e35a096e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zE6G0%2B5MPo6iv5rIjIV%2BkvHIPjELDgk57lYU3dCrR10uUnbCiVBB2zs4FDwLSn9gJQDz6Mx1VUsZQpuo8qQmdhOMWM%2Fm6z9KJ2GCmEF9eBsWgeIjJymqE4JlVZyrV5B1IiGh%2FfPsuLUY%2BWG%2BEAwMDXGiSMjR"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 8aff7cb14fce72a4-EWR alt-svc h3=":443"; ma=86400
POST H3	200	getMessages Show response sfexpress.via-fps.shop/api/support/ Frame 876E	15 B 484 B	111ms 109ms	XHR application/json	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/api/support/getMessages Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a` Request headers Accept application/json, text/plain, / Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Thu, 08 Aug 2024 12:25:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kYHRJGz8TTKVhnsUF0GVvZLDwuO6oFzhZmupwzMjRrLFUgGMAV1Mo094D2hXOxLUWW1QZc5FGj%2FTajul9F8F9Ga8121dJJ3fLtaVPcWLv062ZDazmltxc%2BDbomlCSdbWD3R2dBAvDoHUKPV6LywENnuG1Yp1"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 8aff7cb2888b72a4-EWR alt-svc h3=":443"; ma=86400 content-length 15
GET		/ s-wallet.ai/ Redirect Chain https://sfexpress.via-fps.shop/assets/fonts/sf-express-icon.ttf?hash=1478076975980 https://s-wallet.ai/	0 0

POST H3	200	getMessages Show response sfexpress.via-fps.shop/api/support/ Frame 876E	15 B 484 B	208ms 206ms	XHR application/json	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/api/support/getMessages Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a` Request headers Accept application/json, text/plain, / Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Thu, 08 Aug 2024 12:25:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXkTRcS7JaSdmB%2Ftt%2F36vzVhugPb2bk7Evr3LbakWxvX85aPFxL518ASIVgBX1VlGW8TjwI8ZTOLBT0%2Fe6HslHBk65a7itIfwaAVeF8raSNi2jetRTfbuoot%2Fx6iDnAA5DpcM0ka6Ir0ZAAeNA2IB3TPmO0b"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 8aff7cbc98aa72a4-EWR alt-svc h3=":443"; ma=86400 content-length 15
GET H2	200	favicon.ico htm.sf-express.com/.gallery/	1 KB 2 KB	931ms 15ms	Other image/x-icon	43.152.134.54 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://htm.sf-express.com/.gallery/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash `51227899986140fb72aed65d35e19bd3a8c8db4f8c3afa07f29451360e723e6c` Request headers Referer https://sfexpress.via-fps.shop/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 09:46:58 GMT x-cache-lookup Cache Hit last-modified Thu, 01 Aug 2024 02:58:58 GMT server openresty etag "66aaf9f2-549" vary Accept-Encoding, User-Agent, Accept-Encoding, User-Agent content-type image/x-icon x-nws-log-uuid 16972627763296761180 accept-ranges bytes content-length 1353
POST H3	200	getMessages Show response sfexpress.via-fps.shop/api/support/ Frame 876E	15 B 487 B	111ms 109ms	XHR application/json	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/api/support/getMessages Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a` Request headers Accept application/json, text/plain, / Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Thu, 08 Aug 2024 12:25:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUkwNb8a8678C3sfKtXH2EebPRyv9y7gjaYwoWfUBP02Y4zbh89m%2BLi01ppjAXoh0X5tu4vTRLUfTDZb58l1816uRuoARyAB%2BwjHiG4QZn9%2BRev%2BCEmhm5fjEx%2FXGVnOX0dAPbMjI0FDM3MrIBZLrcn2V0L5"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 8aff7cc7486a72a4-EWR alt-svc h3=":443"; ma=86400 content-length 15
POST H3	200	getMessages Show response sfexpress.via-fps.shop/api/support/ Frame 876E	15 B 492 B	108ms 108ms	XHR application/json	2606:4700:3034::ac43:ded2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sfexpress.via-fps.shop/api/support/getMessages Requested by Host: sfexpress.via-fps.shop URL: https://sfexpress.via-fps.shop/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:ded2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a` Request headers Accept application/json, text/plain, / Referer https://sfexpress.via-fps.shop/supportChatFrame/196482452 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Thu, 08 Aug 2024 12:25:10 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BZygtjwHa9qW7GNMzPCF0SD%2BLZ7PaaRor%2FwCHjEu6XbaFLiQE6BCefRd1QmWyi%2Fz1%2BqCspb1D6YHucRjZd7%2FexfYFSXCIPXpMH8tj2cfWbZb15AqPzfFGr0khYt4%2B%2FLdg0%2BTufz8coJoAH9zCJxDrET86fb"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 8aff7cd15edd72a4-EWR alt-svc h3=":443"; ma=86400 content-length 15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SF Express (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sfexpress.via-fps.shop/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A8uN2FLHDl_mpvnSskhfy8Cz7xE7QCtRS.fK%2BlqlHtbQEEnkxomzuVpQLivVruR7KJys9UQDc%2BNLU

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sfexpress.via-fps.shop/196482452 Message: Mixed Content: The page at 'https://sfexpress.via-fps.shop/196482452' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://sfexpress.via-fps.shop/196482452 Message: Access to font at 'https://s-wallet.ai/' (redirected from 'https://sfexpress.via-fps.shop/assets/fonts/sf-express-icon.woff?hash=1478076975980') from origin 'https://sfexpress.via-fps.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s-wallet.ai/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sfexpress.via-fps.shop/196482452 Message: Access to font at 'https://s-wallet.ai/' (redirected from 'https://sfexpress.via-fps.shop/assets/fonts/sf-express-icon.ttf?hash=1478076975980') from origin 'https://sfexpress.via-fps.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s-wallet.ai/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

htm.sf-express.com
s-wallet.ai
sfexpress.via-fps.shop
szcert.ebs.org.cn
s-wallet.ai
2606:4700:3034::ac43:ded2
43.152.134.54
58.250.0.54
0065f72f9d0f2421a4c54c9f411e645c2fb8e6d66d279df5d4c72975a2bf24be
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
16a55edb9b36bb62cb40a197be44c7e1357562e789f24e9de373aed54cb98c38
246fac7dcc264259f436808fc3321842a95c91b3f32ed7a5882f9a817b82858a
2ca32d461e4105aa8337ce1559b9f399527acb7be62124bae03a0106dc2d9a4b
51227899986140fb72aed65d35e19bd3a8c8db4f8c3afa07f29451360e723e6c
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
73d4e2bc1d520806978d442cc192c7856b88449cd109d1a6551a18879bb81e19
74f553ec7aa4457024310378fd3eac8573d86f767579ad371bbf64d32ed96df8
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
78c8c71fea5b45069746367cedf2585a47793ef26ced047dbb4ed4d6c758b902
be0f09e385ed5b8745751b3fefe56db002a55118ab5fd80111c89255aa485f5d
c99696a5fad2e45e74b48c6705034bf1945c577a5ad2efeaa5fdbb4186917162
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f
e922e3484aa8fe678e2a498b460655e67021d4de68d0debfc56ce2565367959d
ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4

sfexpress.via-fps.shop Open in urlscan Pro 2606:4700:3034::ac43:ded2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

27 Requests

74 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

252 kBTransfer

1074 kBSize

1 Cookies

96 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

5 Console Messages

Indicators

sfexpress.via-fps.shop Open in urlscan Pro
2606:4700:3034::ac43:ded2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

74 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

252 kB
Transfer

1074 kB
Size

1
Cookies

27 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!