urlscan.io logo urlscan.io
SecurityTrails logo

sfnf.icu Open in urlscan Pro
104.253.249.3  Public Scan

Go To Rescan Add Verdict Report
URL: http://sfnf.icu/
Submission: On November 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 104.253.249.3, located in San Jose, United States and belongs to EGIHOSTING - EGIHosting, US. The main domain is sfnf.icu.
This is the only time sfnf.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.253.249.3 18779 (EGIHOSTING)
1 222.216.30.115 4134 (CHINANET-...)
2 103.235.46.191 55967 (CNNIC-BAI...)
1 220.242.182.12 54994 (QUANTILNE...)
1 183.131.207.66 136190 (CHINATELE...)
7 5
2    104.253.249.3 (San Jose, United States)

ASN18779 (EGIHOSTING - EGIHosting, US)
sfnf.icu
1    222.216.30.115 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
yczm.iis7.com
2    103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    220.242.182.12 (China)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
js.users.51.la
1    183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
ia.51.la
Apex Domain
Subdomains		 Transfer
2 51.la
js.users.51.la
ia.51.la
3 KB
2 baidu.com
hm.baidu.com
14 KB
2 sfnf.icu
sfnf.icu
2 KB
1 iis7.com
yczm.iis7.com
7 4
Domain Requested by
2 hm.baidu.com sfnf.icu
2 sfnf.icu sfnf.icu
1 ia.51.la sfnf.icu
1 js.users.51.la sfnf.icu
1 yczm.iis7.com sfnf.icu
7 5

This site contains links to these domains. Also see Links.

Domain
yczm.iis7.com
Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-05-09 -
2020-06-25		 a year crt.sh
*.users.51.la
GlobalSign Domain Validation CA - SHA256 - G2		 2018-01-15 -
2021-03-19		 3 years crt.sh

This page contains 2 frames:

Primary Page: http://sfnf.icu/
Frame ID: 8F7501AB9534AEC96922B8B5E79DCF7C
Requests: 6 HTTP requests in this frame

Frame: http://yczm.iis7.com/
Frame ID: 34749375D285D2EB1C1A86A620CC75D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

7
Requests

43 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

18 kB
Transfer

43 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
sfnf.icu/ 		79 B
483 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sfnf.icu/
Protocol
HTTP/1.1
Server
104.253.249.3 San Jose, United States, ASN18779 (EGIHOSTING - EGIHosting, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e891f069e1a35896047beb1f66f71edd5943313fc235114388be9e776ad415bf

Request headers

Host
sfnf.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; Charset=gb2312
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
Set-Cookie
ASPSESSIONIDSCQCSDRS=LPBNHPMCKJJMLALMGCFIOJMO; path=/
X-Powered-By
ASP.NET
Date
Fri, 08 Nov 2019 16:59:37 GMT
Content-Length
177
2751.js
sfnf.icu/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sfnf.icu/2751.js
Requested by
Host: sfnf.icu
URL: http://sfnf.icu/
Protocol
HTTP/1.1
Server
104.253.249.3 San Jose, United States, ASN18779 (EGIHOSTING - EGIHosting, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b3423105a442c690d8e175f65ba88724c1dca39a29b0b66aff85db813f696f77

Request headers

Referer
http://sfnf.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 16:59:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Sep 2019 20:47:21 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"cc7445f11868d51:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
762
/
yczm.iis7.com/ Frame 3474 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://yczm.iis7.com/
Requested by
Host: sfnf.icu
URL: http://sfnf.icu/2751.js
Protocol
HTTP/1.1
Server
222.216.30.115 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/5.3.27 ASP.NET
Resource Hash

Request headers

Host
yczm.iis7.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://sfnf.icu/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://sfnf.icu/

Response headers

Content-Type
text/html;charset=gbk;
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.3.27 ASP.NET
Date
Fri, 08 Nov 2019 16:59:25 GMT
Content-Length
4102
hm.js
hm.baidu.com/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?cf422679c52a6138a4fd8d754ae8576f
Requested by
Host: sfnf.icu
URL: http://sfnf.icu/2751.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
a302a5d73e010e6ca510d457c2a8e5ba77312464a826a3300caa073f6d3afe78
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://sfnf.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 16:59:38 GMT
Content-Encoding
gzip
Server
apache
Etag
cce283f89e0ef910565361e2b84e74ba
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13091
20196351.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/20196351.js
Requested by
Host: sfnf.icu
URL: http://sfnf.icu/2751.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.242.182.12 , China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
1e1d88208d133b7135c61d70e4757eb28dc30978ab3d452a02de7b811866a748

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://sfnf.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id
20196351
Date
Fri, 08 Nov 2019 16:59:37 GMT
Content-Encoding
gzip
Age
15305
Transfer-Encoding
chunked
X-Via
1.1 PSxgHKG8au107:2 (Cdn Cache Server V2.0)[0 200 0], 1.1 ld92:9 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSxbymdlMAD1cl67:1 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Request-Id
0000016D86009D819046CFC8CCA9AB5E
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSyvGKJcqGFahHBhob0BXpWvlkYHSa2p
Last-Modified
Fri Sep 06 09:57:14 CST 2019
Server
nginx/1.14.0
ETag
"bbf1a2e57d28378db5419ff1a540e78f"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G001116D044A3254FFFF900625DA9D48
go1
ia.51.la/ 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ia.51.la/go1?id=20196351&rt=1573232377956&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1573232377956&tt=&kw=&cu=http%253A%252F%252Fsfnf.icu%252F&pu=
Requested by
Host: sfnf.icu
URL: http://sfnf.icu/
Protocol
HTTP/1.1
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sfnf.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 16:59:38 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1052444585&si=cf422679c52a6138a4fd8d754ae8576f&v=1.2.63&lv=1&sn=64704&ct=!!
Requested by
Host: sfnf.icu
URL: http://sfnf.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://sfnf.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 16:59:39 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _hmt boolean| _bdhm_loaded_cf422679c52a6138a4fd8d754ae8576f object| mini_tangram_log_265l23

0 Cookies