payment.dfx.swiss Open in urlscan Pro
2620:1ec:29:1::45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.payment.fiat2defi.ch/
Effective URL:
https://payment.dfx.swiss/
Submission: On March 30 via automatic, source certstream-suspicious (March 30th 2023, 1:05:39 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2620:1ec:29:1::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payment.dfx.swiss.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 21st 2023. Valid for: a year.

This is the only time payment.dfx.swiss was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.13.138.57 85.13.138.57	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1 1	2620:1ec:48:1... 2620:1ec:48:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.50.2.54 20.50.2.54	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2

1 85.13.138.57 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd48914.kasserver.com

www.payment.fiat2defi.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:48:1::45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payment.dfx.swiss	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payment.dfx.swiss	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.2.54 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.dfx.swiss	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	dfx.swiss 1 redirects payment.dfx.swiss api.dfx.swiss	3 MB
1	fiat2defi.ch 1 redirects www.payment.fiat2defi.ch	98 B
8	2

	Domain	Requested by
7	payment.dfx.swiss	1 redirects payment.dfx.swiss
2	api.dfx.swiss	payment.dfx.swiss
1	www.payment.fiat2defi.ch	1 redirects
8	3

This site contains no links.

Subject Issuer	Validity	Valid
payment.dfx.swiss DigiCert TLS RSA SHA256 2020 CA1	`2023-01-21` - `2024-01-21`	a year	crt.sh
api.dfx.swiss GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-02` - `2023-08-02`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://payment.dfx.swiss/
Frame ID: F9DF63E9C3CD66D0DA26003D45478E01
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DFX - Login

Page URL History Show full URLs

https://www.payment.fiat2defi.ch/ HTTP 301
http://payment.dfx.swiss/ HTTP 302
https://payment.dfx.swiss/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

3442 kB
Transfer

3437 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.payment.fiat2defi.ch/ HTTP 301
http://payment.dfx.swiss/ HTTP 302
https://payment.dfx.swiss/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
payment.dfx.swiss/
Redirect Chain

https://www.payment.fiat2defi.ch/
http://payment.dfx.swiss/
https://payment.dfx.swiss/

4 KB
5 KB

111ms
80ms

Document
text/html

2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dfx.swiss/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3e2241f9bbd2bf4249a59a2982c9421e23eb59b918086b8a6a4a22fc227efe9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 4597
content-md5: KBlzWs4Z0iM5kuZJYEpG3A==
content-type: text/html
date: Thu, 30 Mar 2023 13:05:34 GMT
etag: "0x8DB299134553B67"
last-modified: Mon, 20 Mar 2023 22:19:42 GMT
x-azure-ref: 0HoklZAAAAACGO9mGTwKKQacPsdkYNy95RlJBMjMxMDUwNDE4MDIzADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==
x-cache: TCP_MISS
x-ms-request-id: 8fc7f6e1-d01e-0070-0508-633e3a000000
x-ms-version: 2018-03-28

Redirect headers

Content-Length: 0
Date: Thu, 30 Mar 2023 13:05:33 GMT
Location: https://payment.dfx.swiss/
X-Azure-Ref: 0HoklZAAAAADux02vBbI9To/03qpT9liORlJBMjMxMDUwNDIwMDM1ADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==

GET
H2 200 runtime~app.27401809.js Show response
payment.dfx.swiss/static/js/ 2 KB
2 KB 10ms
9ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dfx.swiss/static/js/runtime~app.27401809.js
Requested by: Host: payment.dfx.swiss
URL: https://payment.dfx.swiss/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f7656bc3ccebd611041f9484fd00713447fbad96682d02882c2737830adcd4b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dfx.swiss/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 13:05:34 GMT
last-modified: Mon, 20 Mar 2023 22:19:46 GMT
content-md5: Q60NtjKmvDzJfIp+85ylbA==
etag: "0x8DB299136635B37"
x-azure-ref: 0HoklZAAAAAA+RpQXDAw8QKGojaVJQERDRlJBMjMxMDUwNDE4MDIzADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: 146a52c0-101e-0050-39e8-62459d000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 1540

GET
H2 200 2.8571fd6d.chunk.js Show response
payment.dfx.swiss/static/js/ 2 MB
2 MB 11ms
10ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dfx.swiss/static/js/2.8571fd6d.chunk.js
Requested by: Host: payment.dfx.swiss
URL: https://payment.dfx.swiss/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 694ec4d50bd83f544de154240413dfb3ed127e69d30f566b60dad7c2b33b2fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dfx.swiss/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 13:05:34 GMT
last-modified: Mon, 20 Mar 2023 22:19:46 GMT
content-md5: zJXkbZPoHm6QGNxmi6v+tw==
etag: "0x8DB29913654DE71"
x-azure-ref: 0HoklZAAAAACllaYq56mcRLfg2EjHApBERlJBMjMxMDUwNDE4MDIzADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: d18788bb-601e-0028-4be8-62e665000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 2194280

GET
H2 200 app.8e0e3d64.chunk.js Show response
payment.dfx.swiss/static/js/ 401 KB
401 KB 95ms
95ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dfx.swiss/static/js/app.8e0e3d64.chunk.js
Requested by: Host: payment.dfx.swiss
URL: https://payment.dfx.swiss/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f54e4abc5b3ad619a5afaaee77785217137c70bbc3efe7c6c8ec9b3a3b91c636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dfx.swiss/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 13:05:34 GMT
last-modified: Mon, 20 Mar 2023 22:19:45 GMT
content-md5: C93AaIpJk8V7poqp7ZjmXQ==
etag: "0x8DB299135BEA819"
x-azure-ref: 0HoklZAAAAABZ2l9iZGpCSrZV6ryF4EJERlJBMjMxMDUwNDE4MDIzADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==
x-cache: TCP_MISS
content-type: application/javascript
x-ms-request-id: 558eee94-001e-0001-6308-63d811000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 410331

OPTIONS
H/1.1 204
No Content language
api.dfx.swiss/v1/ 0
0 129ms
22ms Preflight 20.50.2.54
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dfx.swiss/v1/language

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.2.54 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://payment.dfx.swiss
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 0
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 30 Mar 2023 13:05:35 GMT
Expect-CT: max-age=0
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
request-context: appId=cid-v1:9192f25b-4cad-46fe-8a7a-2e9393cd11b0

GET
H2 200 MaterialCommunityIcons.ttf
payment.dfx.swiss/fonts/ 878 KB
879 KB 11ms
11ms Font
application/octet-stream 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dfx.swiss/fonts/MaterialCommunityIcons.ttf
Requested by: Host: payment.dfx.swiss
URL: https://payment.dfx.swiss/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6e21328bb70f09da928c033de7368822d96250a1ccd2a16a6f47de76a3cc61bd

Request headers

Referer: https://payment.dfx.swiss/
Origin: https://payment.dfx.swiss
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 13:05:34 GMT
last-modified: Mon, 20 Mar 2023 22:19:44 GMT
content-md5: ai3a0QkqChwya20Oc45oKw==
etag: "0x8DB299135968C97"
x-azure-ref: 0HoklZAAAAAD5BkkFEGewRo6FjJNDqtnBRlJBMjMxMDUwNDE4MDIzADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==
x-cache: TCP_HIT
content-type: application/octet-stream
x-ms-request-id: 2195592e-001e-004c-23e8-6217fd000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 899432

GET
H2 200 logo.e75810ca.jpg
payment.dfx.swiss/static/media/ 9 KB
9 KB 10ms
10ms Image
image/jpeg 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.dfx.swiss/static/media/logo.e75810ca.jpg
Requested by: Host: payment.dfx.swiss
URL: https://payment.dfx.swiss/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c2c2d283de36f2334ee6490293bbb227863e3e4a1291018fb28e02e74daacf22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dfx.swiss/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 13:05:34 GMT
last-modified: Mon, 20 Mar 2023 22:19:45 GMT
content-md5: K6tUJ0P47mjG9901IqB9iQ==
etag: "0x8DB299135AE7DDA"
x-azure-ref: 0HoklZAAAAADNIPUTFb4VQp9TVOiTIc6oRlJBMjMxMDUwNDE4MDIzADMzZjdjNDE4LWRkMDktNGM2My05ZjMyLTdkM2Q3NTIyODBhOA==
x-cache: TCP_HIT
content-type: image/jpeg
x-ms-request-id: f979f223-301e-0035-52e8-62ebd9000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 8988

GET
H/1.1 200
OK language Show response
api.dfx.swiss/v1/ 477 B
2 KB 27ms
27ms Fetch
application/json 20.50.2.54
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dfx.swiss/v1/language

Requested by

Host: payment.dfx.swiss
URL: https://payment.dfx.swiss/static/js/app.8e0e3d64.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.2.54 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73dda45c216e32db6b7d7117ec782db1555caed087f16bada836e3dd5c5b3ecc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://payment.dfx.swiss/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Mar 2023 13:05:35 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Content-Length: 477
X-XSS-Protection: 0
request-context: appId=cid-v1:9192f25b-4cad-46fe-8a7a-2e9393cd11b0
Referrer-Policy: no-referrer
Cross-Origin-Opener-Policy: same-origin
ETag: W/"1dd-Uxi30DKE9GbGM0dP9TTYY6jGjFU"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1
X-Download-Options: noopen

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.dfx.swiss
payment.dfx.swiss
www.payment.fiat2defi.ch
20.50.2.54
2620:1ec:29:1::45
2620:1ec:48:1::45
85.13.138.57
3e2241f9bbd2bf4249a59a2982c9421e23eb59b918086b8a6a4a22fc227efe9e
694ec4d50bd83f544de154240413dfb3ed127e69d30f566b60dad7c2b33b2fad
6e21328bb70f09da928c033de7368822d96250a1ccd2a16a6f47de76a3cc61bd
73dda45c216e32db6b7d7117ec782db1555caed087f16bada836e3dd5c5b3ecc
c2c2d283de36f2334ee6490293bbb227863e3e4a1291018fb28e02e74daacf22
f54e4abc5b3ad619a5afaaee77785217137c70bbc3efe7c6c8ec9b3a3b91c636
f7656bc3ccebd611041f9484fd00713447fbad96682d02882c2737830adcd4b2

payment.dfx.swiss Open in urlscan Pro 2620:1ec:29:1::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

2 IPs

3 Countries

3442 kBTransfer

3437 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

payment.dfx.swiss Open in urlscan Pro
2620:1ec:29:1::45 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

3442 kB
Transfer

3437 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions