urlscan.io logo urlscan.io
SecurityTrails logo

swiftlogs.com Open in urlscan Pro
192.69.235.197  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://swiftlogs.com/package/verification/login.php
Submission: On April 12 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 192.69.235.197, located in Los Angeles, United States and belongs to IHNET - IHNetworks, LLC, US. The main domain is swiftlogs.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 9th 2018. Valid for: 3 months.
This is the only time swiftlogs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fedex (Transportation)

Domain & IP information

IP Address AS Autonomous System
19 192.69.235.197 33494 (IHNET)
2 52.16.195.213 16509 (AMAZON-02)
4 104.96.130.116 16625 (AKAMAI-AS)
1 216.58.214.102 15169 (GOOGLE)
1 1 66.117.29.3 15224 (OMNITURE)
1 104.96.143.98 16625 (AKAMAI-AS)
1 63.140.40.126 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
28 6
19    192.69.235.197 (Los Angeles, United States)

ASN33494 (IHNET - IHNetworks, LLC, US)
PTR: mail197.warriors.unisonplatform.com
swiftlogs.com
2    52.16.195.213 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-195-213.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    104.96.130.116 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-96-130-116.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    216.58.214.102 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f6.1e100.net
fls.doubleclick.net
1    66.117.29.3 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
fedex.tt.omtrdc.net
1    104.96.143.98 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-96-143-98.deploy.static.akamaitechnologies.com
cimage.adobe.com
1    63.140.40.126 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: fedex.com.ssl.d2.sc.omtrdc.net
smetrics.fedex.com
1    66.117.28.86 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
Domain Requested by
19 swiftlogs.com swiftlogs.com
4 assets.adobedtm.com swiftlogs.com
2 dpm.demdex.net swiftlogs.com
1 cm.everesttech.net 1 redirects
1 smetrics.fedex.com swiftlogs.com
1 cimage.adobe.com swiftlogs.com
1 fedex.tt.omtrdc.net 1 redirects
1 fls.doubleclick.net swiftlogs.com
28 8

This site contains links to these domains. Also see Links.

Domain
www.fedex.com
Subject Issuer Validity Valid
swiftlogs.com
cPanel, Inc. Certification Authority		 2018-04-09 -
2018-07-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://swiftlogs.com/package/verification/login.php
Frame ID: A73E3A3F65174C06CA80800A07292D4B
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/fls.doubleclick.net/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

28
Requests

68 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

1096 kB
Transfer

1300 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://fedex.tt.omtrdc.net/m2/fedex/ubox/image?mbox=3rdPartySet&mboxHost=swiftlogs.com&mboxDefault=https://cimage.adobe.com/onepixel.gif&mboxXDomain=enabled&mboxSession=1521852839662-785626&profile.thirdPartyCookieSet=true&mboxPC=1521852839662-785626.21_16 HTTP 302
  • https://cimage.adobe.com/onepixel.gif
Request Chain 24
  • https://cm.everesttech.net/cm/dd?d_uuid=31699439032011523753686178415984080030 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ws9cdAAAAypFpBN_

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
swiftlogs.com/package/verification/ 		21 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash
c25ce1a4c7fcdae77d4045400cbbad8b978ab028d62353fa43da85d267567358

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:36 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=10000
Content-Type
text/html; charset=UTF-8
s26003295633362.js
swiftlogs.com/package/verification/index_files/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/s26003295633362.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
45731101a03d241ec3cc0e6587b113b5db540f641ab8c900fa8ed5b01c5cee68

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:38 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9998
Content-Length
3254
json
swiftlogs.com/package/verification/index_files/ 		40 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/json
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
de74143e9a4014a5aa6f6f3987683c8d1d63cdaf0251e07c1a1a36e5ef15ef25

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:38 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9999
Content-Length
40
jquery.js
swiftlogs.com/package/verification/index_files/ 		111 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/jquery.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=10000
Content-Length
113230
homepage.css
swiftlogs.com/package/verification/index_files/ 		362 KB
362 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/homepage.css
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
9bf9e5c7c2e2d029ec4d0e36abab203ab56ec65a8d3e4d07d185c60e8e03c069

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9999
Content-Length
370189
satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
swiftlogs.com/package/verification/index_files/ 		137 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
a622b395b0c857e42b10303504532a290a12ff24a1ea9900424088414963bc4f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=10000
Content-Length
140708
mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
swiftlogs.com/package/verification/index_files/ 		116 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
d605b6b2bb109cfd2a3a40b6d6a2a9caa6e31ecd76adcfbd47ef387b20ac36ee

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=10000
Content-Length
119057
s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
swiftlogs.com/package/verification/index_files/ 		188 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
7639a4862f1b644efc4a980a65de0f505b01e219cafbb70d85e56eb7135d16fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=10000
Content-Length
192746
satellite-5959e13664746d6f1a0106eb.js
swiftlogs.com/package/verification/index_files/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/satellite-5959e13664746d6f1a0106eb.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
70112db810e9e57739f102c7ed334cc51828a130a90ff1aff8ab7ce017953737

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9999
Content-Length
1519
virtualagent-us.css
swiftlogs.com/package/verification/index_files/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/index_files/virtualagent-us.css
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
5a7e43a2a5a095ed7720d8a121b35ee6a053ab9f823d7be9c777ac245999d111

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:37 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:10 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=10000
Content-Length
21394
logo.png
swiftlogs.com/package/verification/index_files/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swiftlogs.com/package/verification/index_files/logo.png
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
a522687d8b152efdd12ccec781f54d91fa60de20408684f1ef41c1e672619c56

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://swiftlogs.com/package/verification/login.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:38 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9998
Content-Length
17964
2.png
swiftlogs.com/package/verification/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swiftlogs.com/package/verification/images/2.png
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
097a56b70bd26fdbca24de903ae78ccc1ab360b61b700131710eb9470823f5a0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://swiftlogs.com/package/verification/login.php
Cookie
AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CvVersion%7C2.3.0; check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:39 GMT
Last-Modified
Mon, 26 Mar 2018 15:47:32 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9998
Content-Length
3364
sprite-placeholder.png
swiftlogs.com/package/verification/index_files/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swiftlogs.com/package/verification/index_files/sprite-placeholder.png
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache /
Resource Hash
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://swiftlogs.com/package/verification/login.php
Cookie
AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CvVersion%7C2.3.0; check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:39 GMT
Last-Modified
Sat, 24 Mar 2018 08:55:12 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=9999
Content-Length
7864
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=0&ts=1523539060361
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Protocol
HTTP/1.1
Server
52.16.195.213 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-16-195-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3ef7d5c670e39662e1c21d2861b7c900b81ba6ceecccd76d0b38d401d479a6aa

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
Origin
https://swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
irl1-prod-dcs-73e205e5.edge-irl1.demdex.com 5.26.2.20180404131602 4ms
Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:40 GMT
Content-Encoding
gzip
X-TID
VKS/Gap4Sh8=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://swiftlogs.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
1040
Expires
Thu, 01 Jan 2009 00:00:00 GMT
mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/ 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Protocol
HTTP/1.1
Server
104.96.130.116 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-96-130-116.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d605b6b2bb109cfd2a3a40b6d6a2a9caa6e31ecd76adcfbd47ef387b20ac36ee

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2018 22:45:12 GMT
Server
Apache
ETag
"5bcd9d8e0aea2f9a711e7e028c61fbb1:1523054712"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
36703
Expires
Thu, 12 Apr 2018 14:17:40 GMT
json
fls.doubleclick.net/ 		40 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fls.doubleclick.net/json?spot=4191263&src=&var=s_5_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_5_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=816767196478
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
Protocol
SPDY
Server
216.58.214.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f6.1e100.net
Software
cafe /
Resource Hash
de74143e9a4014a5aa6f6f3987683c8d1d63cdaf0251e07c1a1a36e5ef15ef25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 13:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
60
x-xss-protection
1; mode=block
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
onepixel.gif
cimage.adobe.com/
Redirect Chain
  • https://fedex.tt.omtrdc.net/m2/fedex/ubox/image?mbox=3rdPartySet&mboxHost=swiftlogs.com&mboxDefault=https://cimage.adobe.com/onepixel.gif&mboxXDomain=enabled&mboxSession=1521852839662-785626&profil...
  • https://cimage.adobe.com/onepixel.gif
49 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cimage.adobe.com/onepixel.gif
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Server
104.96.143.98 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-96-143-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Last-Modified
Wed, 18 Apr 2012 18:06:43 GMT
Server
Apache
ETag
"ed280a0ea3cc38f3cbbc747acfbef47d:1334772403"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49

Redirect headers

pragma
no-cache
date
Thu, 12 Apr 2018 13:17:40 GMT
status
302
p3p
CP="NOI DSP CURa OUR STP COM", CP="NOI DSP CURa OUR STP COM"
location
https://cimage.adobe.com/onepixel.gif
cache-control
no-cache
content-length
0
x-application-context
edge:prod,prod-prod26,prod-prod26-app,prod26:11180
Roboto-Regular.ttf
swiftlogs.com/package/verification/common/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/common/css/fonts/Roboto-Regular.ttf
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash

Request headers

Pragma
no-cache
Origin
https://swiftlogs.com
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Cookie
AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CvVersion%7C2.3.0; check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Origin
https://swiftlogs.com

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
Expires
Wed, 11 Jan 1984 05:00:00 GMT
menu-sprite.png
swiftlogs.com/package/verification/images/ 		251 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swiftlogs.com/package/verification/images/menu-sprite.png
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Cookie
AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CvVersion%7C2.3.0; check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Roboto-Light.ttf
swiftlogs.com/package/verification/common/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/common/css/fonts/Roboto-Light.ttf
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash

Request headers

Pragma
no-cache
Origin
https://swiftlogs.com
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Cookie
AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CvVersion%7C2.3.0; check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Origin
https://swiftlogs.com

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Roboto-Bold.ttf
swiftlogs.com/package/verification/common/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/package/verification/common/css/fonts/Roboto-Bold.ttf
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash

Request headers

Pragma
no-cache
Origin
https://swiftlogs.com
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Cookie
AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CvVersion%7C2.3.0; check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://swiftlogs.com/package/verification/index_files/homepage.css
Origin
https://swiftlogs.com

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
Expires
Wed, 11 Jan 1984 05:00:00 GMT
s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/ 		188 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Protocol
HTTP/1.1
Server
104.96.130.116 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-96-130-116.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7639a4862f1b644efc4a980a65de0f505b01e219cafbb70d85e56eb7135d16fe

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2018 22:45:12 GMT
Server
Apache
ETag
"cbc6501f93bcb0909375c5bff1409c9e:1523054712"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*, *, *
Expires
Thu, 12 Apr 2018 14:17:40 GMT
satellite-5959e13664746d6f1a0106eb.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/satellite-5959e13664746d6f1a0106eb.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Protocol
HTTP/1.1
Server
104.96.130.116 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-96-130-116.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70112db810e9e57739f102c7ed334cc51828a130a90ff1aff8ab7ce017953737

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2018 22:45:12 GMT
Server
Apache
ETag
"35dc3ad36a5a4bdf80add558d1e37e5f:1523054712"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
738
Expires
Thu, 12 Apr 2018 14:17:40 GMT
satellite-594bfa3264746d3fce00d53a.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/satellite-594bfa3264746d3fce00d53a.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Protocol
HTTP/1.1
Server
104.96.130.116 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-96-130-116.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e0ed33aab34a573975c9695ab5d52c62f1030db9859c166dfc14089dc2aa03b

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2018 22:45:12 GMT
Server
Apache
ETag
"6c5875d72d896a4ebb2908c586c998a9:1523054712"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Content-Length
595
Expires
Thu, 12 Apr 2018 14:17:40 GMT
id
smetrics.fedex.com/ 		49 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.fedex.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=1E22171B520E93BF0A490D44%40AdobeOrg&mid=31467472861739745583706873085439916535&ts=1523539060525
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
Protocol
HTTP/1.1
Server
63.140.40.126 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
fedex.com.ssl.d2.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
0e3f124dca868a4117fec15ea43f7a6cfd743ccfec78524bb803beca1ffaedf7

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
Origin
https://swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Server
Omniture DC/2.0.0
xserver
www93
Vary
Origin
Access-Control-Allow-Methods
GET, POST, DELETE
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://swiftlogs.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
49
X-C
ms-6.1.5
ibs:dpid=411&dpuuid=Ws9cdAAAAypFpBN_
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=31699439032011523753686178415984080030
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ws9cdAAAAypFpBN_
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ws9cdAAAAypFpBN_
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/login.php
Protocol
HTTP/1.1
Server
52.16.195.213 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-16-195-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

DCS
irl1-prod-dcs-00df09cca.edge-irl1.demdex.com 5.26.2.20180404131602 3ms
Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:40 GMT
X-TID
aH9J5bNITPw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Date
Thu, 12 Apr 2018 13:17:40 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ws9cdAAAAypFpBN_
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
virtualagent-us.min.css
swiftlogs.com/etc/clientlibs/fedex/components/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/etc/clientlibs/fedex/components/virtualagent-us.min.css
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satellite-5959e13664746d6f1a0106eb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://swiftlogs.com/package/verification/login.php
Cookie
check=true; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860466%3B; s_sess=%20setLink%3D%3B; AMCVS_1E22171B520E93BF0A490D44%40AdobeOrg=1; AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CMCMID%7C31467472861739745583706873085439916535%7CMCAAMLH-1524143860%7C6%7CMCAAMB-1524143860%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1523546260s%7CNONE%7CvVersion%7C2.3.0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
Expires
Wed, 11 Jan 1984 05:00:00 GMT
virtualagent.min.js
swiftlogs.com/etc/clientlibs/fedex/components/virtualagent-us/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftlogs.com/etc/clientlibs/fedex/components/virtualagent-us/js/virtualagent.min.js
Requested by
Host: swiftlogs.com
URL: https://swiftlogs.com/package/verification/index_files/satellite-5959e13664746d6f1a0106eb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.69.235.197 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
mail197.warriors.unisonplatform.com
Software
Apache / PHP/5.6.35
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
swiftlogs.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://swiftlogs.com/package/verification/login.php
Cookie
check=true; s_sess=%20setLink%3D%3B; AMCVS_1E22171B520E93BF0A490D44%40AdobeOrg=1; s_pers=%20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860595%3B; AMCV_1E22171B520E93BF0A490D44%40AdobeOrg=-894706358%7CMCIDTS%7C17634%7CMCMID%7C31467472861739745583706873085439916535%7CMCAAMLH-1524143860%7C6%7CMCAAMB-1524143860%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1523546260s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17641%7CvVersion%7C2.3.0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://swiftlogs.com/package/verification/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 13:17:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.35
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
close
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FDX function| $ function| jQuery object| matched object| browser function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| s_5_Integrate_DFA_get_0 object| _adobe object| s string| data string| route object| targetGlobalSettings object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate object| _AT function| fdx_initSCVars function| fdx_debug function| fdx_setCookie function| fdx_getCookie function| fdx_campaign function| fdx_gup function| fdx_fireSDotT function| fdx_fireSDotTL function| fdx_iSrch function| scIS function| fdx_scIS function| logLinkView function| fdx_logLinkView function| setLinkView function| fdx_setLinkView function| fdx_getLinkView function| fdx_linkFormat function| fdx_trackMapping function| fdx_logDownload function| fdx_createCustomEvent function| fdx_dispatchCustomEvent function| fdx_fireCustomEvent function| logPageView function| fdx_logPageView function| logPurchase function| fdx_logProdView function| fdx_convertToStr function| fdx_logChat function| fdx_logTrackPOD function| fdx_logFXO function| s_doPlugins function| fdx_initPlugins function| AppMeasurement_Module_Media function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| fdx_runSCode function| fdx_initSCode function| DIL number| s_objectID number| s_giq string| sc_code_ver string| sc_code_ver_date string| s_version string| s_account string| nltrk object| s_Integrate_DFA string| v string| sc_s_etrid string| sc_s_acxrid string| sc_fcl_uuid object| img string| s_tnt string| tntVal undefined| needHelp function| appTarget string| fdx_locale object| NinaVars

7 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 31699439032011523753686178415984080030
swiftlogs.com/ Name: AMCVS_1E22171B520E93BF0A490D44%40AdobeOrg
Value: 1
.demdex.net/ Name: dextp
Value: 21-1-1523539060719|269-1-1523539060824|771-1-1523539060926|1083-1-1523539061027|1085-1-1523539061128|1086-1-1523539061229|1087-1-1523539061339|1088-1-1523539061454|903-1-1523539061557|6835-1-1523539061659
swiftlogs.com/ Name: AMCV_1E22171B520E93BF0A490D44%40AdobeOrg
Value: -894706358%7CMCIDTS%7C17634%7CMCMID%7C31467472861739745583706873085439916535%7CMCAAMLH-1524143860%7C6%7CMCAAMB-1524143860%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1523546260s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17641%7CvVersion%7C2.3.0
.swiftlogs.com/ Name: s_pers
Value: %20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1523540860595%3B
.swiftlogs.com/ Name: s_sess
Value: %20setLink%3D%3B
.swiftlogs.com/ Name: check
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cimage.adobe.com
cm.everesttech.net
dpm.demdex.net
fedex.tt.omtrdc.net
fls.doubleclick.net
smetrics.fedex.com
swiftlogs.com
104.96.130.116
104.96.143.98
192.69.235.197
216.58.214.102
52.16.195.213
63.140.40.126
66.117.28.86
66.117.29.3
097a56b70bd26fdbca24de903ae78ccc1ab360b61b700131710eb9470823f5a0
0e3f124dca868a4117fec15ea43f7a6cfd743ccfec78524bb803beca1ffaedf7
3ef7d5c670e39662e1c21d2861b7c900b81ba6ceecccd76d0b38d401d479a6aa
45731101a03d241ec3cc0e6587b113b5db540f641ab8c900fa8ed5b01c5cee68
5a7e43a2a5a095ed7720d8a121b35ee6a053ab9f823d7be9c777ac245999d111
6e0ed33aab34a573975c9695ab5d52c62f1030db9859c166dfc14089dc2aa03b
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46
70112db810e9e57739f102c7ed334cc51828a130a90ff1aff8ab7ce017953737
7639a4862f1b644efc4a980a65de0f505b01e219cafbb70d85e56eb7135d16fe
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9bf9e5c7c2e2d029ec4d0e36abab203ab56ec65a8d3e4d07d185c60e8e03c069
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5
a522687d8b152efdd12ccec781f54d91fa60de20408684f1ef41c1e672619c56
a622b395b0c857e42b10303504532a290a12ff24a1ea9900424088414963bc4f
c25ce1a4c7fcdae77d4045400cbbad8b978ab028d62353fa43da85d267567358
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
d605b6b2bb109cfd2a3a40b6d6a2a9caa6e31ecd76adcfbd47ef387b20ac36ee
de74143e9a4014a5aa6f6f3987683c8d1d63cdaf0251e07c1a1a36e5ef15ef25
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629