receipt.payswiff.com

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 180.179.36.145, located in India and belongs to NETMAGIC-AP Netmagic Datacenter Mumbai, IN. The main domain is receipt.payswiff.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on June 14th 2022. Valid for: a year.

This is the only time receipt.payswiff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.20.138.65 104.20.138.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	180.179.36.145 180.179.36.145	17439 (NETMAGIC-...) (NETMAGIC-AP Netmagic Datacenter Mumbai)
3	1

1 104.20.138.65 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 180.179.36.145 (India)

ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN)

receipt.payswiff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	payswiff.com receipt.payswiff.com	38 KB
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 17762	596 B
3	2

	Domain	Requested by
3	receipt.payswiff.com	receipt.payswiff.com
1	tinyurl.com	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
*.payswiff.com Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-14` - `2023-07-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg
Frame ID: 527891669F73725A3174B45D07870104
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tinyurl.com/2km6bdjr HTTP 307
https://tinyurl.com/2km6bdjr HTTP 301
https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

38 kB
Transfer

37 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tinyurl.com/2km6bdjr HTTP 307
https://tinyurl.com/2km6bdjr HTTP 301
https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request viewTransactionInvoice Show response
receipt.payswiff.com/app/
Redirect Chain

http://tinyurl.com/2km6bdjr
https://tinyurl.com/2km6bdjr
https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg

12 KB
12 KB

840ms
377ms

Document
text/html

180.179.36.145
NETMAGIC-AP Netma...

General

Check archive.org

Show headers Download Go to

Full URL

https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

180.179.36.145 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),

Reverse DNS

Software

nginx / JSP/2.3

Resource Hash

c02672a25faafc067e471f79d4fd5a7f4b568839eccf9c75435f6df610aa3160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Language: pl-PL
Content-Type: text/html;charset=ISO-8859-2
Date: Sun, 26 Feb 2023 21:48:01 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Powered-By: JSP/2.3
X-XSS-Protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status: DYNAMIC
cf-ray: 79fbe1e55b3f349d-WAW
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 21:48:00 GMT
location: https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-tinyurl-redirect: eyJpdiI6IitScW14VC96STNVTkxsOXVvaDdTK3c9PSIsInZhbHVlIjoiVlhpQTEyUWNKTHhoZEV6VUdPbkhqMkh0TEdUVUVubjdHZVVQdVhPZ2lVem44TFVqdlZwbXR5RHdkQUtpUU9zbSIsIm1hYyI6ImVjNTEzOWE0Y2RmZDgyY2JkYWVkOTA3MmZmZDhjMDA2OGYyODk1ZDAxZmY3MWU0MzYyNTY3NmNhZjY4MTY1NGYiLCJ0YWciOiIifQ==
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK payswiff_set_lgo.png
receipt.payswiff.com/app/resources/images/ 25 KB
25 KB 197ms
196ms Image
image/png 180.179.36.145
NETMAGIC-AP Netma...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://receipt.payswiff.com/app/resources/images/payswiff_set_lgo.png

Requested by

Host: receipt.payswiff.com
URL: https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

180.179.36.145 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),

Reverse DNS

Software

nginx /

Resource Hash

48e2a4a227ba9c70ad7051b611b9d6c9e8b2da2c58c8db5d75577765415a9a49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:48:01 GMT
Last-Modified: Thu, 23 Feb 2023 16:56:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 25603
X-Frame-Options: SAMEORIGIN
Content-Type: image/png

GET
H/1.1 200
OK icon_logo.png
receipt.payswiff.com/app/resources/images/ 703 B
919 B 198ms
197ms Image
image/png 180.179.36.145
NETMAGIC-AP Netma...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://receipt.payswiff.com/app/resources/images/icon_logo.png

Requested by

Host: receipt.payswiff.com
URL: https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

180.179.36.145 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),

Reverse DNS

Software

nginx /

Resource Hash

49cbe2b650977dde78a7551c904f12d2e18f0f3e77af006401c7c9176de6b9c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://receipt.payswiff.com/app/viewTransactionInvoice?paymentId=5k3tlhuzKVfGZfzUQDVpMg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:48:01 GMT
Last-Modified: Thu, 23 Feb 2023 16:56:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 703
X-Frame-Options: SAMEORIGIN
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

receipt.payswiff.com
tinyurl.com
104.20.138.65
180.179.36.145
48e2a4a227ba9c70ad7051b611b9d6c9e8b2da2c58c8db5d75577765415a9a49
49cbe2b650977dde78a7551c904f12d2e18f0f3e77af006401c7c9176de6b9c8
c02672a25faafc067e471f79d4fd5a7f4b568839eccf9c75435f6df610aa3160

receipt.payswiff.com Open in urlscan Pro 180.179.36.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

38 kBTransfer

37 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

receipt.payswiff.com Open in urlscan Pro
180.179.36.145 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

38 kB
Transfer

37 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions