urlscan.io logo urlscan.io
SecurityTrails logo

ads.20payment.com Open in urlscan Pro
185.143.234.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ads.20payment.com/
Effective URL: https://ads.20payment.com/wp-admin/setup-config.php
Submission: On February 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 185.143.234.99, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is ads.20payment.com.
TLS certificate: Issued by R3 on January 25th 2023. Valid for: 3 months.
This is the only time ads.20payment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 185.143.234.99 205585 (ARVANCLOU...)
10 1
Apex Domain
Subdomains		 Transfer
11 20payment.com
ads.20payment.com
91 KB
10 1
Domain Requested by
11 ads.20payment.com 1 redirects ads.20payment.com
10 1

This site contains links to these domains. Also see Links.

Domain
wordpress.org
Subject Issuer Validity Valid
*.20payment.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ads.20payment.com/wp-admin/setup-config.php
Frame ID: 02F1D6A99EA982BB4806F4F32061EB6D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

وردپرس › راه‌اندازی پروندهٔ تنظیمات

Page URL History Show full URLs

  1. https://ads.20payment.com/ HTTP 302
    https://ads.20payment.com/wp-admin/setup-config.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

91 kB
Transfer

200 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ads.20payment.com/ HTTP 302
    https://ads.20payment.com/wp-admin/setup-config.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request setup-config.php
ads.20payment.com/wp-admin/
Redirect Chain
  • https://ads.20payment.com/
  • https://ads.20payment.com/wp-admin/setup-config.php
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
0235be6cadeddd9a85212855a5813194b52d143b3595a1e3cd390868d99eebbd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
ar-atime
0.359
ar-cache
BYPASS
ar-request-id
615ab4b68df72cd3a802a2e980f65156
ar-sid
2053
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
content-length
1191
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 13:50:43 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
ArvanCloud
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

ar-atime
0.066
ar-cache
BYPASS
ar-request-id
5e65942eac377285ba4c1b1a3a13f1f2
ar-sid
2053
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 13:50:43 GMT
location
https://ads.20payment.com/wp-admin/setup-config.php
server
ArvanCloud
x-xss-protection
1; mode=block
dashicons.min.css
ads.20payment.com/wp-includes/css/ 		58 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
1a37aeda0734b92fae0ef1be454316e0
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
ArvanCloud
ar-atime
0.040
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
36064
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
buttons-rtl.min.css
ads.20payment.com/wp-includes/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-includes/css/buttons-rtl.min.css?ver=6.1.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
e89eecb3d0a97bc9fc6b1019d8d6290187df451b4f9d518f08b1c9b8dafdc3d0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
2907173e0dd5090ff712dda233d0539f
last-modified
Mon, 15 Nov 2021 23:22:02 GMT
server
ArvanCloud
ar-atime
0.038
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1616
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
forms-rtl.min.css
ads.20payment.com/wp-admin/css/ 		26 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-admin/css/forms-rtl.min.css?ver=6.1.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
562342be372cf8b5c876aeed3ca7fef4ad73454525e8761e2e9f3b6ba0c4f72c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
186758c173b98ff12278813a05402387
last-modified
Thu, 15 Sep 2022 22:59:11 GMT
server
ArvanCloud
ar-atime
0.038
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7474
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
l10n-rtl.min.css
ads.20payment.com/wp-admin/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-admin/css/l10n-rtl.min.css?ver=6.1.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
eed2d72301bceb18f49945fbb31e8c664421e234a2e52c6641ce40a0a1bdb000
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
f549ad656df8aa3ddfc00255ae91a3de
last-modified
Mon, 23 Sep 2019 16:21:58 GMT
server
ArvanCloud
ar-atime
0.042
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
735
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
install-rtl.min.css
ads.20payment.com/wp-admin/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-admin/css/install-rtl.min.css?ver=6.1.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
56187183163140fca7ee7b01ee40fce5704b8a12b072543853e5a48d0bb33026
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
d87ae519bc8a8e6e4152f096777c6785
last-modified
Thu, 02 Sep 2021 22:18:00 GMT
server
ArvanCloud
ar-atime
0.038
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1911
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
jquery.min.js
ads.20payment.com/wp-includes/js/jquery/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
049fdac0db27ea0429e717c132eb043a
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
ArvanCloud
ar-atime
0.040
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34867
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
jquery-migrate.min.js
ads.20payment.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
73922ad938cca5a94159b1898accb515
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
ArvanCloud
ar-atime
0.040
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4461
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
language-chooser.min.js
ads.20payment.com/wp-admin/js/ 		423 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.20payment.com/wp-admin/js/language-chooser.min.js?ver=6.1.1
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/setup-config.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ccc2c261625acaeefe4b29d33f962ff6cff548edb2d37782f5522f3d3e56b816
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/setup-config.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:43 GMT
content-encoding
gzip
ar-request-id
51dabfc13b64503d86c46ae422bf7e64
last-modified
Tue, 23 Feb 2021 19:45:04 GMT
server
ArvanCloud
ar-atime
0.040
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
275
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:43 GMT
wordpress-logo.svg
ads.20payment.com/wp-admin/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.20payment.com/wp-admin/images/wordpress-logo.svg?ver=20131107
Requested by
Host: ads.20payment.com
URL: https://ads.20payment.com/wp-admin/css/install-rtl.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.99 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.20payment.com/wp-admin/css/install-rtl.min.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:50:44 GMT
content-encoding
gzip
ar-request-id
080337fd48325aafeec3da3e4da07e36
last-modified
Sun, 05 Apr 2015 21:20:27 GMT
server
ArvanCloud
ar-atime
0.043
ar-cache
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
ar-sid
2053
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
818
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 13:50:44 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange undefined| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Xss-Protection 1; mode=block