urlscan.io logo urlscan.io
SecurityTrails logo

my.swiftfinancial.com Open in urlscan Pro
2606:4700::6811:8e25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.swiftfinancial.com/
Effective URL: https://my.swiftfinancial.com/
Submission: On July 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6811:8e25, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.swiftfinancial.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 7th 2020. Valid for: 2 years.
This is the only time my.swiftfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.87.17 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.197.176.184 14618 (AMAZON-AES)
1 1 34.107.252.72 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.186.194.58 15169 (GOOGLE)
19 8
9    2606:4700::6811:8e25 (United States)

ASN13335 (CLOUDFLARENET, US)
my.swiftfinancial.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.225.87.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-17.fra2.r.cloudfront.net
cdn.heapanalytics.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    34.197.176.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-176-184.compute-1.amazonaws.com
heapanalytics.com
1    34.107.252.72 (United States)

ASN15169 (GOOGLE, US)
www.fullstory.com
1    35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
edge.fullstory.com
1    2606:4700::6811:8f25 (United States)

ASN13335 (CLOUDFLARENET, US)
apiadvances.swiftfinancial.com
3    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
rs.fullstory.com
Domain Requested by
9 my.swiftfinancial.com 1 redirects my.swiftfinancial.com
3 rs.fullstory.com edge.fullstory.com
3 www.google-analytics.com 1 redirects my.swiftfinancial.com
2 heapanalytics.com
1 apiadvances.swiftfinancial.com my.swiftfinancial.com
1 edge.fullstory.com
1 www.fullstory.com 1 redirects
1 www.google.de my.swiftfinancial.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 cdn.heapanalytics.com my.swiftfinancial.com
19 11

This site contains links to these domains. Also see Links.

Domain
my.loanbuilder.com
www.swiftfinancial.com
www.loanbuilder.com
www.swiftcapital.com
Subject Issuer Validity Valid
www.swiftfinancial.com
DigiCert SHA2 Extended Validation Server CA		 2020-02-07 -
2021-10-14		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2019-10-22 -
2020-11-22		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
heapanalytics.com
Amazon		 2020-01-21 -
2021-02-21		 a year crt.sh
edge.fullstory.com
GTS CA 1D2		 2020-07-01 -
2020-09-29		 3 months crt.sh
*.fullstory.com
Let's Encrypt Authority X3		 2020-06-02 -
2020-08-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://my.swiftfinancial.com/
Frame ID: E6D89D738E414DAD99ABFE8BE9FE553C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://my.swiftfinancial.com/ HTTP 301
    https://my.swiftfinancial.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /heap-\d+\.js/i

Page Statistics

19
Requests

100 %
HTTPS

55 %
IPv6

7
Domains

11
Subdomains

8
IPs

4
Countries

771 kB
Transfer

2306 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.swiftfinancial.com/ HTTP 301
    https://my.swiftfinancial.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=875034580&t=pageview&_s=1&dl=https%3A%2F%2Fmy.swiftfinancial.com%2F&ul=en-us&de=UTF-8&dt=Swift%20Financial%20-%20Customer%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABB~&jid=1529541289&gjid=759868548&cid=1843336968.1594934829&tid=UA-23331527-4&_gid=865926571.1594934829&_r=1&z=1776693291 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_gid=865926571.1594934829&gjid=759868548&_v=j83&z=1776693291 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_v=j83&z=1776693291 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_v=j83&z=1776693291&slf_rd=1&random=370689923
Request Chain 7
  • https://www.fullstory.com/s/fs.js HTTP 301
  • https://edge.fullstory.com/s/fs.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.swiftfinancial.com/
Redirect Chain
  • http://my.swiftfinancial.com/
  • https://my.swiftfinancial.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29486b660bab08e892b393664e80451ad9f55666416260502dd26ac03634dc0d

Request headers

:method
GET
:authority
my.swiftfinancial.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

status
200
date
Thu, 16 Jul 2020 21:27:08 GMT
content-type
text/html
set-cookie
__cfduid=dd251fade772c3b08a07fcfa09c6e19231594934827; expires=Sat, 15-Aug-20 21:27:07 GMT; path=/; domain=.swiftfinancial.com; HttpOnly; SameSite=Lax; Secure
last-modified
Tue, 24 Mar 2020 13:58:41 GMT
vary
Accept-Encoding
x-cache
Error from cloudfront
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
M97CXpLjdByqQSBD2PZhXy8v0iaF1TIYbZrpIvKH4FMYGx1lGqKBxw==
cf-cache-status
DYNAMIC
cf-request-id
03fb1f338b0000c2a4b8050200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5b3ece327d15c2a4-FRA
content-encoding
gzip

Redirect headers

Date
Thu, 16 Jul 2020 21:27:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 16 Jul 2020 22:27:06 GMT
Location
https://my.swiftfinancial.com/
cf-request-id
03fb1f2ef90000e003ac969200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5b3ece2b2a53e003-FRA
app-20e7d832.css
my.swiftfinancial.com/ 		97 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.swiftfinancial.com/app-20e7d832.css
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ec7b2bf0d053486dea7f51d5fa7e4c69ddcc295bd3a1d51022b43fd255eadc

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:08 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 24 Mar 2020 13:58:39 GMT
server
cloudflare
x-amz-cf-pop
FRA6-C1
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
cf-ray
5b3ece36bd1dc2a4-FRA
x-amz-cf-id
ClyY7jVmPW6r_3MwOQVQ9gobC9nPtW0ZTB75DbY2253F8G86BQTrKg==
cf-request-id
03fb1f36310000c2a4b8081200000001
vendor-20e7d832.js
my.swiftfinancial.com/ 		1 MB
339 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.swiftfinancial.com/vendor-20e7d832.js
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c252f171615fec5013dfa07438e661f4e2647294afe12ce87e90bc0983c508

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 24 Mar 2020 13:58:41 GMT
server
cloudflare
x-amz-cf-pop
FRA6-C1
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cf-ray
5b3ece36bd20c2a4-FRA
x-amz-cf-id
iOlICbdpfmVb6g1oo1pThdpeHB5lY7Cq6qN5tlPwX5Ny-mmM0xqjZg==
cf-request-id
03fb1f36310000c2a4b8082200000001
app-20e7d832.js
my.swiftfinancial.com/ 		272 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.swiftfinancial.com/app-20e7d832.js
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed41ec51263907bafd979b8b030c7ab04f5a92afec50292c7214cfe348369737

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 24 Mar 2020 13:58:40 GMT
server
cloudflare
x-amz-cf-pop
FRA6-C1
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cf-ray
5b3ece36bd21c2a4-FRA
x-amz-cf-id
GfTe5Welb_pMUN6fozG-HqJNi7KLt1uHUgU4aaZjhuI3zuP9jKa38w==
cf-request-id
03fb1f36310000c2a4b8083200000001
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1850
date
Thu, 16 Jul 2020 20:56:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 16 Jul 2020 22:56:18 GMT
heap-3966427321.js
cdn.heapanalytics.com/js/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3966427321.js
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-17.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e8babf45b9c2a225a74d56aed8ba2221c232c9551dc60e7e4a5fe099906f826d

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:08 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"17240-9B7/yNHB87Em+mfxl0J4kQ"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=120
x-amz-cf-id
lHcAJyscLTB7_MB23r931jIvu-ybP-l6GX3LyDb5yaL7ZMWxW833sA==
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=875034580&t=pageview&_s=1&dl=https%3A%2F%2Fmy.swiftfinancial.com%2F&ul=en-us&de=UTF-8&dt=Swift%20Financial%20-%20Customer%20Portal&sd=24-bit&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_gid=865926571.1594934829&gjid=759868548&_v=j83&z=1776693291
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_v=j83&z=1776693291
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_v=j83&z=1776693291&slf_rd=1&random=370689923
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_v=j83&z=1776693291&slf_rd=1&random=370689923
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jul 2020 21:27:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jul 2020 21:27:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23331527-4&cid=1843336968.1594934829&jid=1529541289&_v=j83&z=1776693291&slf_rd=1&random=370689923
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h
heapanalytics.com/ 		37 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3966427321&u=1490829814891533&v=1679088760933280&s=8534649654917400&b=web&tv=4.0&z=0&h=%2F&d=my.swiftfinancial.com&t=Swift%20Financial%20-%20Customer%20Portal&ts=1594934830202&st=1594934830203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.176.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-176-184.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jul 2020 21:27:11 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
fs.js
edge.fullstory.com/s/
Redirect Chain
  • https://www.fullstory.com/s/fs.js
  • https://edge.fullstory.com/s/fs.js
194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b652f5ef2ff0081603c90d870d3133c3c108d84e98cfa3cfddb1bc20f71fa973

Request headers

Referer
https://my.swiftfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:18:16 GMT
content-encoding
gzip
age
535
x-guploader-uploadid
AAANsUlEAwl5mTMoCEXbutAA4rFFySHE4FvAW__ILZBOUdBk2ex31WN8BdkP-ieiTkmMTmk4XV_WYqqiaiCvZpn_IVqy_lr15w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
59167
last-modified
Tue, 30 Jun 2020 13:25:14 GMT
server
UploadServer
etag
"c8d9e471dba4db7139b59eaaa1540d3e"
x-goog-hash
crc32c=OJqQEg==, md5=yNnkcduk23E5tZ6qoVQNPg==
x-goog-generation
1593523514663873
access-control-allow-origin
*
cache-control
public, max-age=600,no-transform
x-goog-stored-content-length
59167
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 16 Jul 2020 21:28:16 GMT

Redirect headers

date
Thu, 25 Jun 2020 17:14:30 GMT
via
1.1 google
age
1829561
status
301
location
https://edge.fullstory.com/s/fs.js
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=63072000
timing-allow-origin
*
alt-svc
clear
content-length
0
sf
apiadvances.swiftfinancial.com/partners/ 		47 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apiadvances.swiftfinancial.com/partners/sf
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/vendor-20e7d832.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9f475895f99d7e5b4b1fbd284f7e75c7eafe9dff0aadb2a2c0bda877dc7244
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:11 GMT
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
status
200
content-length
47
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2f-9vRxg7Yxf8oEcrzgo1ius9cVUXY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range, Range
access-control-allow-credentials
true
cf-request-id
03fb1f3ce70000dfbfab96b200000001
cf-ray
5b3ece417a5cdfbf-FRA
access-control-allow-headers
Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Feature-Flags,Origin-Url
Open_Sans-normal-400.woff
my.swiftfinancial.com/webfonts/OpenSans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.swiftfinancial.com/webfonts/OpenSans/Open_Sans-normal-400.woff
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/vendor-20e7d832.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://my.swiftfinancial.com/app-20e7d832.css
Origin
https://my.swiftfinancial.com

Response headers

date
Thu, 16 Jul 2020 21:27:10 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
status
200
content-length
20248
cf-request-id
03fb1f3cb80000c2a4b80fc200000001
last-modified
Tue, 24 Mar 2020 13:58:43 GMT
server
cloudflare
etag
"ce659615885f33d928eb7fe276574106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
accept-ranges
bytes
cf-ray
5b3ece412fd0c2a4-FRA
x-amz-cf-id
Ui0HgXYr6a3VZLvps6R7B2bs0_M1DPX-LTyi071uX8rdgnMgH05j6g==
h
heapanalytics.com/ 		37 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3966427321&u=1490829814891533&v=3284057117652072&s=8534649654917400&b=web&tv=4.0&z=2&h=%2Flogin&d=my.swiftfinancial.com&t=Swift%20Financial%20-%20Customer%20Portal&ts=1594934830270&pr=%2F&sp=z&sp=0&sp=ts&sp=1594934830202&sp=d&sp=my.swiftfinancial.com&sp=h&sp=%2F&sp=t&sp=Swift%20Financial%20-%20Customer%20Portal&st=1594934830271
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.176.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-176-184.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jul 2020 21:27:11 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
login-hero.jpg
my.swiftfinancial.com/images/heroes/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.swiftfinancial.com/images/heroes/login-hero.jpg
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/vendor-20e7d832.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20be1304312d5eee6deb1ca8c007b12603b9c4a02dde6cb068b0f0c2000dda5

Request headers

Referer
https://my.swiftfinancial.com/app-20e7d832.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:11 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
status
200
content-length
209055
cf-request-id
03fb1f40720000c2a4b8141200000001
last-modified
Tue, 24 Mar 2020 13:58:40 GMT
server
cloudflare
etag
"1e378aa2e381eaafa0f8364c40d95f28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
5b3ece4719a2c2a4-FRA
x-amz-cf-id
JAufeVYC2pREJMN68O9qzTAJ3Sprc9DsWFnHUqcfAi3uBjXiMhjfpw==
Open_Sans-normal-700.woff
my.swiftfinancial.com/webfonts/OpenSans/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.swiftfinancial.com/webfonts/OpenSans/Open_Sans-normal-700.woff
Requested by
Host: my.swiftfinancial.com
URL: https://my.swiftfinancial.com/vendor-20e7d832.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c11e59500457a4d210e5584e57cdce82015483c1199119b562120e6510a67a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://my.swiftfinancial.com/app-20e7d832.css
Origin
https://my.swiftfinancial.com

Response headers

date
Thu, 16 Jul 2020 21:27:11 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
status
200
content-length
21028
cf-request-id
03fb1f40730000c2a4b8142200000001
last-modified
Tue, 24 Mar 2020 13:58:43 GMT
server
cloudflare
etag
"72862e7cf19603ad24f26baf86dd0e08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
accept-ranges
bytes
cf-ray
5b3ece4719a3c2a4-FRA
x-amz-cf-id
ppDwOjYPLwEXVGqCDJPZE8FnUqNEG7FMHA1YupuBOGb807wqTDDUhg==
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=875034580&t=pageview&_s=2&dl=https%3A%2F%2Fmy.swiftfinancial.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Swift%20Financial%20-%20Customer%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACEABB~&jid=&gjid=&cid=1843336968.1594934829&tid=UA-23331527-4&_gid=865926571.1594934829&z=390489241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 00:58:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3184144
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sf.svg
my.swiftfinancial.com/images/logos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.swiftfinancial.com/images/logos/sf.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:8e25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1321eb6eaf7edb826c092b1aadef94715501d1ba6598e4e191362866585965

Request headers

Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 21:27:11 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 24 Mar 2020 13:58:41 GMT
server
cloudflare
x-amz-cf-pop
FRA6-C1
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
cf-ray
5b3ece4729adc2a4-FRA
x-amz-cf-id
aVxWPSGW5clCR4G98FXtr8zPyabt5jYuXcYczGFSWeATbAlQykYbvA==
cf-request-id
03fb1f40750000c2a4b8143200000001
page
rs.fullstory.com/rec/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
c407ab27a953367ae68adcba2a275eb0af06e3f537e26e2d556493e066e5d9cd

Request headers

Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jul 2020 21:27:12 GMT
content-encoding
gzip
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.swiftfinancial.com
access-control-allow-credentials
true
alt-svc
clear
content-length
1107
via
1.1 google
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=G9X5&UserId=5530990115635200&SessionId=5938360515903488&PageId=6555905744781312&Seq=1&PageStart=1594934832338&PrevBundleTime=0&LastActivity=1164&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
db6c76bd39f21f123c7ec06dcb35eaac1aa69b8cc5c1327206d97352b37b9033

Request headers

Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jul 2020 21:27:13 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.swiftfinancial.com
access-control-allow-credentials
true
alt-svc
clear
content-length
29
bundle
rs.fullstory.com/rec/ 		29 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=G9X5&UserId=5530990115635200&SessionId=5938360515903488&PageId=6555905744781312&Seq=2&PageStart=1594934832338&PrevBundleTime=1594934832843&LastActivity=4858&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
055ae16ba6f1b2a0685d5593c1c844bc8386a62af8fdd3da768899bc78b26ffe

Request headers

Referer
https://my.swiftfinancial.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jul 2020 21:27:18 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.swiftfinancial.com
access-control-allow-credentials
true
alt-svc
clear
content-length
29

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| GoogleAnalyticsObject function| ga object| heap object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| angular function| browserTrigger function| _ boolean| _fs_debug string| _fs_host string| _fs_org function| FS string| _fs_loaded function| _fs_shutdown

6 Cookies

Domain/Path Name / Value
.swiftfinancial.com/ Name: _hp2_id.3966427321
Value: %7B%22userId%22%3A%221490829814891533%22%2C%22pageviewId%22%3A%223284057117652072%22%2C%22sessionId%22%3A%228534649654917400%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.swiftfinancial.com/ Name: __cfduid
Value: dd251fade772c3b08a07fcfa09c6e19231594934827
.swiftfinancial.com/ Name: _gid
Value: GA1.2.865926571.1594934829
.swiftfinancial.com/ Name: _hp2_ses_props.3966427321
Value: %7B%22z%22%3A0%2C%22ts%22%3A1594934830202%2C%22d%22%3A%22my.swiftfinancial.com%22%2C%22h%22%3A%22%2F%22%2C%22t%22%3A%22Swift%20Financial%20-%20Customer%20Portal%22%7D
.swiftfinancial.com/ Name: _gat
Value: 1
.swiftfinancial.com/ Name: _ga
Value: GA1.2.1843336968.1594934829

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiadvances.swiftfinancial.com
cdn.heapanalytics.com
edge.fullstory.com
heapanalytics.com
my.swiftfinancial.com
rs.fullstory.com
stats.g.doubleclick.net
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.de
13.225.87.17
2606:4700::6811:8e25
2606:4700::6811:8f25
2a00:1450:4001:80b::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c04::9c
34.107.252.72
34.197.176.184
35.186.194.58
35.201.112.186
055ae16ba6f1b2a0685d5593c1c844bc8386a62af8fdd3da768899bc78b26ffe
0d9f475895f99d7e5b4b1fbd284f7e75c7eafe9dff0aadb2a2c0bda877dc7244
0f1321eb6eaf7edb826c092b1aadef94715501d1ba6598e4e191362866585965
16c11e59500457a4d210e5584e57cdce82015483c1199119b562120e6510a67a
29486b660bab08e892b393664e80451ad9f55666416260502dd26ac03634dc0d
50ec7b2bf0d053486dea7f51d5fa7e4c69ddcc295bd3a1d51022b43fd255eadc
819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b652f5ef2ff0081603c90d870d3133c3c108d84e98cfa3cfddb1bc20f71fa973
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c407ab27a953367ae68adcba2a275eb0af06e3f537e26e2d556493e066e5d9cd
d7c252f171615fec5013dfa07438e661f4e2647294afe12ce87e90bc0983c508
db6c76bd39f21f123c7ec06dcb35eaac1aa69b8cc5c1327206d97352b37b9033
e20be1304312d5eee6deb1ca8c007b12603b9c4a02dde6cb068b0f0c2000dda5
e8babf45b9c2a225a74d56aed8ba2221c232c9551dc60e7e4a5fe099906f826d
ed41ec51263907bafd979b8b030c7ab04f5a92afec50292c7214cfe348369737
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955