www.sf-international.com Open in urlscan Pro
211.152.154.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.sf-express.com/us/en/dynamic_function/waybill/#search/bill-
Effective URL:
https://www.sf-international.com/us/en/dynamic_function/waybill/
Submission: On December 26 via api (December 26th 2024, 2:39:11 pm UTC) from TR — Scanned from NZ

Summary HTTP 25 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 211.152.154.226, located in Melbourne, Australia and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.sf-international.com. The Cisco Umbrella rank of the primary domain is 553494.
TLS certificate: Issued by DigiCert Basic OV G2 TLS CN RSA4096 S... on September 9th 2024. Valid for: a year.

This is the only time www.sf-international.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SF Express (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	211.152.154.242 211.152.154.242	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
23	211.152.154.226 211.152.154.226	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	123.56.12.94 123.56.12.94	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	58.250.0.54 58.250.0.54	17623 (CNCGROUP-...) (CNCGROUP-SZ China Unicom Shenzen network)
25	3

1 211.152.154.242 (Melbourne, Australia) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.sf-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 211.152.154.226 (Melbourne, Australia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.sf-international.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sfimcdnupdate.sf-tech.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.56.12.94 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

webcert.cnmstl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.250.0.54 (China)

ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN)

szcert.ebs.org.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	sf-international.com www.sf-international.com — Cisco Umbrella Rank: 553494	2 MB
1	ebs.org.cn szcert.ebs.org.cn — Cisco Umbrella Rank: 524792	16 KB
1	cnmstl.net webcert.cnmstl.net — Cisco Umbrella Rank: 313991	3 KB
1	sf-tech.com.cn sfimcdnupdate.sf-tech.com.cn	52 KB
1	sf-express.com 1 redirects www.sf-express.com — Cisco Umbrella Rank: 164609	518 B
25	5

	Domain	Requested by
22	www.sf-international.com	www.sf-international.com
1	szcert.ebs.org.cn	www.sf-international.com
1	webcert.cnmstl.net	www.sf-international.com
1	sfimcdnupdate.sf-tech.com.cn	www.sf-international.com
1	www.sf-express.com	1 redirects
25	5

This site contains links to these domains. Also see Links.

Domain
www.sf-express.com
kefu.sf.global
iuop.sf.global
weibo.com
www.youtube.com
usshipweb.sf-express.com
cashipweb.sf-express.com
beian.miit.gov.cn
webcert.cnmstl.net
www.sznet110.gov.cn
szcert.ebs.org.cn

Subject Issuer	Validity	Valid
*.sf-international.com DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1	`2024-09-09` - `2025-09-08`	a year	crt.sh
*.sf-tech.com.cn DigiCert CN RSA CA G1	`2024-01-12` - `2025-02-07`	a year	crt.sh
webcert.cnmstl.net DigiCert Secure Site EV G2 TLS CN RSA4096 SHA256 2022 CA1	`2024-10-30` - `2025-11-25`	a year	crt.sh
*.ebs.org.cn Xcc Trust OV SSL CA	`2024-06-18` - `2025-07-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.sf-international.com/us/en/dynamic_function/waybill/
Frame ID: 13313AD8FA795B316C4D0EC79B60C771
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track & Trace

Page URL History Show full URLs

https://www.sf-express.com/us/en/dynamic_function/waybill/ HTTP 301
https://www.sf-international.com/us/en/dynamic_function/waybill/ Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

1848 kB
Transfer

6585 kB
Size

1
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sf-express.com/us/en/product_service/Service/International_Oversize_and_Overweight_Shipping/
Title: International Oversize and Overweight Shipping

Search URL Search Domain Scan URL

URL: http://kefu.sf.global/webim/im.html?configId=060d52d3-ab8a-4664-a271-9d02683989e4
Title: Online Service

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/?lang=en#/customer-online
Title: Cooperation Inquiry

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/?lang=en#/
Title: Login

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/?lang=en#/register
Title: Register

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/cn/sc/
Title: 顺丰速运 SF Express

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/cn/en/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/tc/
Title: 中国香港/中国澳門 HongKong China /Macau China

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/sc/
Title: 简

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/en/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/chn/en/waybill/list
Title: SF Express website

Search URL Search Domain Scan URL

URL: https://weibo.com/p/1006067507964367/home

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ANhCeJEEw3Y

Search URL Search Domain Scan URL

URL: https://usshipweb.sf-express.com/
Title: SF International Online Order Website (United States)

Search URL Search Domain Scan URL

URL: https://cashipweb.sf-express.com/
Title: SF International Online Order Website (Canada)

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/?lang=en&gjUtm=K2%3AsfIntlOs,K3%3AsfIntlOsUsCa
Title: SF International Business System

Search URL Search Domain Scan URL

URL: http://beian.miit.gov.cn/
Title: Company License: ICP-2020077802

Search URL Search Domain Scan URL

URL: http://webcert.cnmstl.net/cert/code?sn=c6cc6af3fac440c28901c15a104582fe

Search URL Search Domain Scan URL

URL: https://www.sznet110.gov.cn/webrecord/innernet/Welcome.jsp?bano=4403101900826

Search URL Search Domain Scan URL

URL: https://www.sznet110.gov.cn/index.jsp

Search URL Search Domain Scan URL

URL: https://szcert.ebs.org.cn/B943BEFD-EF5E-4747-AD73-B875A1FC5CC7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.sf-express.com/us/en/dynamic_function/waybill/ HTTP 301
https://www.sf-international.com/us/en/dynamic_function/waybill/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.sf-international.com/us/en/dynamic_function/waybill/ Redirect Chain https://www.sf-express.com/us/en/dynamic_function/waybill/ https://www.sf-international.com/us/en/dynamic_function/waybill/	88 KB 19 KB	1578ms 666ms	Document text/html	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `ef16a2623a43c9cc176a5f9fede0a1afeeeffa8cd75402380c55d788a4613d3b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-origin * content-encoding gzip content-type text/html date Thu, 26 Dec 2024 14:39:04 GMT etag W/"66ad76d9-1601e" ip_region Auckland last-modified Sat, 03 Aug 2024 00:16:25 GMT server elb vary Accept-Encoding x-cache-lookup Cache Miss Cache Miss Cache Miss x-nws-log-uuid 12973483227270822849 Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 182 Content-Type text/html Date Thu, 26 Dec 2024 14:39:03 GMT Location https://www.sf-international.com/us/en/dynamic_function/waybill/ Server openresty X-Cache-Lookup Cache Miss Cache Miss Cache Miss X-NWS-LOG-UUID 6605728751408441564
GET H2	200	main.css www.sf-international.com/resource/styles/	705 KB 109 KB	79ms 77ms	Stylesheet text/css	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `63dbec27bfd3dd053dc841b1239b5e6847f8a6806b7f679861a0ed5523d22c53` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 746280603253454101 content-encoding gzip etag W/"6618e875-b0401" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 110830 ip_region Auckland date Tue, 24 Dec 2024 09:40:54 GMT x-cache-lookup Cache Hit last-modified Fri, 12 Apr 2024 07:53:25 GMT content-type text/css vary Accept-Encoding server elb
GET H2	200	jquery-1.11.3.js Show response www.sf-international.com/resource/scripts/old/	87 KB 31 KB	79ms 78ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/old/jquery-1.11.3.js?v=2024-08-03_8 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 9387494724899394881 content-encoding gzip etag W/"62f20b31-15d43" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 31077 ip_region Auckland date Wed, 25 Dec 2024 17:07:19 GMT x-cache-lookup Cache Hit last-modified Tue, 09 Aug 2022 07:22:25 GMT content-type application/javascript server openresty/1.11.2.5 vary Accept-Encoding
GET H/1.1	200 OK	scp-jssdk-v1.8.js Show response sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/	183 KB 52 KB	1300ms 77ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/scp-jssdk-v1.8.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Lego Server / Resource Hash `b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/ Response headers X-NWS-LOG-UUID 16091988096406195156 Content-Encoding gzip Etag "62cbba70-2da29" Connection keep-alive Accept-Ranges bytes Content-Length 52612 Date Thu, 26 Dec 2024 14:39:06 GMT X-Cache-Lookup Cache Hit Last-Modified Mon, 11 Jul 2022 05:51:44 GMT Content-Type application/javascript Server Lego Server
GET H2	200	ex-sf-logo.png www.sf-international.com/resource/images/index/	6 KB 7 KB	77ms 76ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/ex-sf-logo.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `24a932a0369cd3871127a55d0e37d9a89cffda17f85361bd53ea5a25d1c6f9b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 3496851228365397386 content-encoding gzip etag W/"664b0591-1990" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 6572 ip_region Auckland date Mon, 23 Dec 2024 09:45:52 GMT x-cache-lookup Cache Hit last-modified Mon, 20 May 2024 08:10:57 GMT content-type image/png vary Accept-Encoding server elb
GET H2	200	order-button-icon.gif www.sf-international.com/resource/images/mail_service/	895 B 1 KB	78ms 78ms	Image image/gif	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/mail_service/order-button-icon.gif Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `73d4e2bc1d520806978d442cc192c7856b88449cd109d1a6551a18879bb81e19` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 7362606770916095181 etag "5d15ae84-37f" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 895 ip_region Auckland date Mon, 23 Dec 2024 09:47:58 GMT x-cache-lookup Cache Hit last-modified Fri, 28 Jun 2019 06:07:00 GMT content-type image/gif server openresty/1.11.2.5
GET H2	200	sfapp_international.png www.sf-international.com/resource/images/index/	388 KB 202 KB	78ms 77ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/sfapp_international.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 12600231651337868253 content-encoding gzip etag W/"5d3554f3-60e25" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 206153 ip_region Auckland date Wed, 25 Dec 2024 09:46:56 GMT x-cache-lookup Cache Hit last-modified Mon, 22 Jul 2019 06:17:23 GMT content-type image/png server openresty/1.11.2.5 vary Accept-Encoding
GET H/1.1	200 OK	officialbrand_small_h_img.jpg webcert.cnmstl.net/images/cert/code/	3 KB 3 KB	2317ms 344ms	Image image/png	123.56.12.94 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.56.12.94 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/ Response headers Transfer-Encoding chunked Access-Control-Allow-Origin * Content-Encoding gzip Date Thu, 26 Dec 2024 14:39:07 GMT Content-Type image/png; charset=utf-8 Vary Accept-Encoding Connection keep-alive
GET H2	200	security_site_1.png www.sf-international.com/.gallery/other/	3 KB 3 KB	84ms 83ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/other/security_site_1.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 3350025920571253675 content-encoding gzip etag W/"593a5fdc-cc6" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 3298 ip_region Auckland date Mon, 23 Dec 2024 09:47:53 GMT x-cache-lookup Cache Hit last-modified Fri, 09 Jun 2017 08:44:12 GMT content-type image/png vary Accept-Encoding server elb
GET H2	200	security_site_2.png www.sf-international.com/.gallery/other/	3 KB 3 KB	82ms 81ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/other/security_site_2.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 6163470995414366293 content-encoding gzip etag W/"593a5fdc-a93" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 2735 ip_region Auckland date Mon, 23 Dec 2024 09:47:57 GMT x-cache-lookup Cache Hit last-modified Fri, 09 Jun 2017 08:44:12 GMT content-type image/png vary Accept-Encoding server elb
GET H/1.1	200 OK	govIcon.gif szcert.ebs.org.cn/Images/	15 KB 16 KB	2542ms 1297ms	Image image/gif	58.250.0.54 CNCGROUP-SZ China...
General Check archive.org Show headers Download Go to Show image Full URL https://szcert.ebs.org.cn/Images/govIcon.gif Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 58.250.0.54 , China, ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN), Reverse DNS Software / Resource Hash `74f553ec7aa4457024310378fd3eac8573d86f767579ad371bbf64d32ed96df8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/ Response headers ETag "805f16f7a76bda1:0" Connection keep-alive Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 15504 Date Thu, 26 Dec 2024 14:39:07 GMT Content-Type image/gif Last-Modified Fri, 01 Mar 2024 07:13:31 GMT Access-Control-Allow-Headers content-type,api_key,Authorization
GET H2	200	modernizr.js Show response www.sf-international.com/resource/scripts/vendor/	50 KB 16 KB	79ms 79ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/vendor/modernizr.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 12327797520948439922 content-encoding gzip etag W/"60e160c3-c951" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 15881 ip_region Auckland date Thu, 26 Dec 2024 10:37:10 GMT x-cache-lookup Cache Hit last-modified Sun, 04 Jul 2021 07:18:27 GMT content-type application/javascript vary Accept-Encoding server elb
GET H2	200	configs.js Show response www.sf-international.com/resource/scripts/	6 KB 2 KB	78ms 78ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/configs.js?v=2024-08-03_8 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `04d7d022f9ac73b9649748eb81374799f6e56eae2fc02cd51a30b6e763c6ddf2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 1037953922448818735 content-encoding gzip etag "6618e91b-192a" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 1715 ip_region Auckland date Mon, 23 Dec 2024 20:15:08 GMT x-cache-lookup Cache Hit last-modified Fri, 12 Apr 2024 07:56:11 GMT content-type application/javascript server openresty/1.11.2.5 vary Accept-Encoding
GET H2	200	require.js Show response www.sf-international.com/resource/scripts/vendor/	86 KB 21 KB	78ms 78ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/vendor/require.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 15034770144651247619 content-encoding gzip etag W/"60e160c3-157f2" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 21457 ip_region Auckland date Thu, 26 Dec 2024 04:32:48 GMT x-cache-lookup Cache Hit last-modified Sun, 04 Jul 2021 07:18:27 GMT content-type application/javascript server openresty/1.11.2.5 vary Accept-Encoding
GET H2	200	frame.js Show response www.sf-international.com/resource/scripts/	314 KB 92 KB	78ms 78ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 1658221080336504594 content-encoding gzip etag W/"62bad07a-4e870" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 93515 ip_region Auckland date Wed, 25 Dec 2024 21:00:38 GMT x-cache-lookup Cache Hit last-modified Tue, 28 Jun 2022 09:57:14 GMT content-type application/javascript vary Accept-Encoding server elb
GET H2	200	main.js Show response www.sf-international.com/resource/scripts/	4 MB 1 MB	79ms 79ms	Script application/javascript	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/main.js?v=2024-08-03_8 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/us/en/dynamic_function/waybill/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `b4ad750b74043a4a58525a8dcc093258b3bb71441851fc635e5f5f1030740bdd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 183248529092690195 content-encoding gzip etag W/"674578fd-3fd05a" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 1101363 ip_region Auckland date Thu, 26 Dec 2024 02:57:10 GMT x-cache-lookup Cache Hit last-modified Tue, 26 Nov 2024 07:30:05 GMT content-type application/javascript vary Accept-Encoding server elb
GET H2	200	header-phoneicon.png www.sf-international.com/resource/images/index/	12 KB 12 KB	78ms 77ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/header-phoneicon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Response headers x-nws-log-uuid 13168522056189993320 content-encoding gzip etag W/"62bad059-310a" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 12582 ip_region Auckland date Mon, 23 Dec 2024 09:45:54 GMT x-cache-lookup Cache Hit last-modified Tue, 28 Jun 2022 09:56:41 GMT content-type image/png server openresty/1.11.2.5 vary Accept-Encoding
GET H2	200	order-button-background.png www.sf-international.com/resource/images/index/	76 B 216 B	80ms 79ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/order-button-background.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `d8a43f1f6a82b88c59fec78119535cabe197150ab7b51624385bb8a82bb50744` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Response headers x-nws-log-uuid 4036289217987725687 etag "5d15ae96-4c" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 76 ip_region Auckland date Mon, 23 Dec 2024 09:47:54 GMT x-cache-lookup Cache Hit last-modified Fri, 28 Jun 2019 06:07:18 GMT content-type image/png server elb
GET H2	200	order-button-arrow.png www.sf-international.com/resource/images/index/	137 B 278 B	79ms 79ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/order-button-arrow.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `7052adb87b51d290803901fffc34c229f4972dc95c6162510790559e4399265f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Response headers x-nws-log-uuid 9119996687068726056 etag "5d15ae96-89" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 137 ip_region Auckland date Mon, 23 Dec 2024 09:46:05 GMT x-cache-lookup Cache Hit last-modified Fri, 28 Jun 2019 06:07:18 GMT content-type image/png server elb
GET H2	200	to-top-red.png www.sf-international.com/resource/images/index/	2 KB 2 KB	78ms 77ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/to-top-red.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Response headers x-nws-log-uuid 13779306609707811589 content-encoding gzip etag W/"5d15ae97-9a2" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 2200 ip_region Auckland date Mon, 23 Dec 2024 09:45:57 GMT x-cache-lookup Cache Hit last-modified Fri, 28 Jun 2019 06:07:19 GMT content-type image/png server openresty/1.11.2.5 vary Accept-Encoding
GET H2	200	label-top-r-kr.png www.sf-international.com/resource/images/index/	463 KB 132 KB	79ms 78ms	Image image/png	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/label-top-r-kr.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Response headers x-nws-log-uuid 17644721539167928179 content-encoding gzip etag W/"5d15ae95-73dc4" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 135372 ip_region Auckland date Wed, 25 Dec 2024 11:08:38 GMT x-cache-lookup Cache Hit last-modified Fri, 28 Jun 2019 06:07:17 GMT content-type image/png vary Accept-Encoding server elb
GET H2	200	i18n_universal.json Show response www.sf-international.com/resource/i18n/	67 KB 31 KB	78ms 78ms	XHR application/json	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/i18n/i18n_universal.json?lang=en&region=us&translate= Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software elb / Resource Hash `a9d73b15d6e94183c5e51fdccf7840794f865cf512fa13d6e34b579714e2e293` Request headers Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Response headers x-nws-log-uuid 7030437339435613481 content-encoding br etag W/"673d948f-10ccd" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 31784 ip_region Auckland date Thu, 26 Dec 2024 10:04:30 GMT x-cache-lookup Cache Hit last-modified Wed, 20 Nov 2024 07:49:35 GMT content-type application/json server elb
GET H2	200	i18n_us.json Show response www.sf-international.com/resource/i18n/	607 B 521 B	78ms 78ms	XHR application/json	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/i18n/i18n_us.json?lang=en&region=us&translate= Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `21684cf6cfc45d17dbf6c10aecad024bfa813a004b04cc739aaf5e81783a2ce6` Request headers Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Response headers x-nws-log-uuid 6666140308287204414 content-encoding gzip etag "63f21892-25f" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 365 ip_region Auckland date Mon, 23 Dec 2024 09:46:08 GMT x-cache-lookup Cache Hit last-modified Sun, 19 Feb 2023 12:39:46 GMT content-type application/json server openresty/1.11.2.5
GET H2	200	sf-express-icon.woff www.sf-international.com/resource/fonts/	16 KB 16 KB	734ms 733ms	Font application/font-woff	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/fonts/sf-express-icon.woff?hash=1478076975980 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `f82fe3262a0508ccfc4c6d51f5a2e241bfb43f4dfe7ed46336fdcbd59b91833b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.sf-international.com Referer https://www.sf-international.com/resource/styles/main.css?v=2024-08-03_8 Response headers x-nws-log-uuid 5450793218956307155 etag "5f97fe7b-3fcc" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 16332 ip_region Auckland date Thu, 26 Dec 2024 14:39:07 GMT x-cache-lookup Cache Miss, Cache Miss, Cache Miss content-type application/font-woff last-modified Tue, 27 Oct 2020 11:03:23 GMT server openresty/1.11.2.5
GET H2	200	favicon.ico www.sf-international.com/.gallery/	1 KB 2 KB	78ms 77ms	Other image/x-icon	211.152.154.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/.gallery/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.154.226 Melbourne, Australia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty/1.11.2.5 / Resource Hash `dad40f107de8cf7ca3ea4c78bc952cbc9a179404d44b3778004c09f8bbc23e36` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.sf-international.com/us/en/dynamic_function/waybill/ Response headers x-nws-log-uuid 11421659957400281668 etag "66ec136b-571" access-control-allow-credentials true accept-ranges bytes access-control-allow-origin * content-length 1393 ip_region Auckland date Mon, 23 Dec 2024 09:55:01 GMT x-cache-lookup Cache Hit last-modified Thu, 19 Sep 2024 12:04:59 GMT content-type image/x-icon server openresty/1.11.2.5

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SF Express (Transportation)

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.sf-express.com/	1970-01-21 02:00:25	Name: tgw_l7_route Value: 21578487d8864a4303cdd1694d8e8ed3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill- Message: Mixed Content: The page at 'https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill-' was loaded over HTTPS, but requested an insecure element 'http://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill- Message: Mixed Content: The page at 'https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill-' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill-(Line 3480) Message: Mixed Content: The page at 'https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill-' was loaded over HTTPS, but requested an insecure element 'http://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill-(Line 3480) Message: Mixed Content: The page at 'https://www.sf-international.com/us/en/dynamic_function/waybill/#search/bill-' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sfimcdnupdate.sf-tech.com.cn
szcert.ebs.org.cn
webcert.cnmstl.net
www.sf-express.com
www.sf-international.com
123.56.12.94
211.152.154.226
211.152.154.242
58.250.0.54
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
04d7d022f9ac73b9649748eb81374799f6e56eae2fc02cd51a30b6e763c6ddf2
084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f
0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad
0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992
17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276
21684cf6cfc45d17dbf6c10aecad024bfa813a004b04cc739aaf5e81783a2ce6
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
24a932a0369cd3871127a55d0e37d9a89cffda17f85361bd53ea5a25d1c6f9b4
510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7
63dbec27bfd3dd053dc841b1239b5e6847f8a6806b7f679861a0ed5523d22c53
7052adb87b51d290803901fffc34c229f4972dc95c6162510790559e4399265f
73d4e2bc1d520806978d442cc192c7856b88449cd109d1a6551a18879bb81e19
74f553ec7aa4457024310378fd3eac8573d86f767579ad371bbf64d32ed96df8
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce
a9d73b15d6e94183c5e51fdccf7840794f865cf512fa13d6e34b579714e2e293
b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df
b4ad750b74043a4a58525a8dcc093258b3bb71441851fc635e5f5f1030740bdd
d8a43f1f6a82b88c59fec78119535cabe197150ab7b51624385bb8a82bb50744
dad40f107de8cf7ca3ea4c78bc952cbc9a179404d44b3778004c09f8bbc23e36
e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4
ef16a2623a43c9cc176a5f9fede0a1afeeeffa8cd75402380c55d788a4613d3b
f82fe3262a0508ccfc4c6d51f5a2e241bfb43f4dfe7ed46336fdcbd59b91833b

www.sf-international.com Open in urlscan Pro 211.152.154.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

1848 kBTransfer

6585 kBSize

1 Cookies

21 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

89 JavaScript Global Variables

1 Cookies

4 Console Messages

www.sf-international.com Open in urlscan Pro
211.152.154.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

1848 kB
Transfer

6585 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!