payment.borotokar.com

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 185.142.159.119, located in Iran, Islamic Republic Of and belongs to AMINIDC, IR. The main domain is payment.borotokar.com.
TLS certificate: Issued by R10 on June 18th 2024. Valid for: 3 months.

This is the only time payment.borotokar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.142.159.119 185.142.159.119	48147 (AMINIDC) (AMINIDC)
3	172.67.184.158 172.67.184.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.251.154.80 148.251.154.80	24940 (HETZNER-AS) (HETZNER-AS)
7	3

3 185.142.159.119 (Iran, Islamic Republic Of)

ASN48147 (AMINIDC, IR)

payment.borotokar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.184.158 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.154.80 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: pro10.cpanel.name

hitfile.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 9661	63 KB
3	borotokar.com payment.borotokar.com	473 KB
1	hitfile.ir hitfile.ir	163 KB
7	3

	Domain	Requested by
3	fonts.cdnfonts.com	payment.borotokar.com fonts.cdnfonts.com
3	payment.borotokar.com	payment.borotokar.com
1	hitfile.ir
7	3

This site contains no links.

Subject Issuer	Validity	Valid
payment.borotokar.com R10	`2024-06-18` - `2024-09-16`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
hitfile.ir R3	`2024-05-06` - `2024-08-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://payment.borotokar.com/
Frame ID: 64CC4810FB69C19967B2FE947E72AE67
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

پرداخت برورتوکار

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

698 kB
Transfer

697 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response payment.borotokar.com/	680 B 541 B	413ms 128ms	Document text/html	185.142.159.119 AMINIDC
General Check archive.org Show headers Download Go to Full URL https://payment.borotokar.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.159.119 , Iran, Islamic Republic Of, ASN48147 (AMINIDC, IR), Reverse DNS Software nginx / Resource Hash `ea9adbe429fb65d8c04f2147f1783efda50a91e00eb2a7fde67403939c962993` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Tue, 18 Jun 2024 16:59:26 GMT etag W/"6671bc75-2a8" last-modified Tue, 18 Jun 2024 16:57:25 GMT server nginx
GET H3	200	iranian-sans fonts.cdnfonts.com/css/	327 B 667 B	351ms 53ms	Stylesheet text/css	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/css/iranian-sans Requested by Host: payment.borotokar.com URL: https://payment.borotokar.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b074920243aa9caddb3d7b4859c59640fd36e00f302857870e2fdfa3e8cd395b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.borotokar.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 16:59:26 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7583345 cf-polished origSize=395 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 22 Mar 2024 22:30:21 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EydV5RN6rFR9eDHzf%2BaNKGYlMT1xa2r68QY%2Bx2KMAn0LsLNAgniGVUmdoRy4lXuzGNYV8Sz%2BAEwNS5eMexfNc3Ec9T3QvEJFAF0a1Gwcl5FLXQXO1xFB1aBBOd0RMqufqBztej4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 895cd474bf4d18d1-FRA
GET H2	200	main.6f650669.js Show response payment.borotokar.com/static/js/	471 KB 472 KB	123ms 123ms	Script application/javascript	185.142.159.119 AMINIDC
General Check archive.org Show headers Download Go to Full URL https://payment.borotokar.com/static/js/main.6f650669.js Requested by Host: payment.borotokar.com URL: https://payment.borotokar.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.159.119 , Iran, Islamic Republic Of, ASN48147 (AMINIDC, IR), Reverse DNS Software nginx / Resource Hash `1cafb92e5a1eaae152dd4ccd0a1a9f2b6599ba9556670714283e4c466a489bb3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.borotokar.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 16:59:26 GMT last-modified Tue, 18 Jun 2024 16:57:25 GMT server nginx accept-ranges bytes etag "6671bc75-75d6e" content-length 482670 content-type application/javascript
GET H2	200	150000868223991.jpg hitfile.ir/uploads/aliganjkhani/jpg/	162 KB 163 KB	464ms 88ms	Image image/jpeg	148.251.154.80 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hitfile.ir/uploads/aliganjkhani/jpg/150000868223991.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 148.251.154.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS pro10.cpanel.name Software / Resource Hash `49c312628bf04d44e89d26d6515d0d92079a9421112556883cbb9f6b7890a989` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.borotokar.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 18 Jun 2024 16:59:27 GMT content-type image/jpeg cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 166109 expires Thu, 1 Jan 1970 00:00:00 GMT
GET H3	200	irsansb.woff fonts.cdnfonts.com/s/19710/	31 KB 31 KB	175ms 121ms	Font font/woff	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/19710/irsansb.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/iranian-sans Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aabb4eccceeafc3d7f4ca7ede051c77a336a3b74a62ce4a483a623feca240f4d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.cdnfonts.com/css/iranian-sans Origin https://payment.borotokar.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 16:59:27 GMT cf-cache-status MISS last-modified Sat, 05 Feb 2022 02:00:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7adc-5d73bbbf881a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nP%2FbsVv9ZP0gJ1Ch4zNE4wi%2F5qSYsFYAcZHmfvKBrybOEctgw4jJ89eqi3VI0q0N5gLloPcy4w5C5tTYmk8pARiDcAOLxGTXvpIZyMvpcS7btcOq6eD37OlACEUaiar3jzZbSiQ%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 895cd4791b9d6adf-FRA alt-svc h3=":443"; ma=86400 content-length 31452
GET H3	200	irsans.woff fonts.cdnfonts.com/s/19710/	31 KB 31 KB	130ms 77ms	Font font/woff	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/19710/irsans.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/iranian-sans Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c69154ad668528e54b55c3c52178df49c29d676390aabf4d15ae151f846a6088` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.cdnfonts.com/css/iranian-sans Origin https://payment.borotokar.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 16:59:27 GMT cf-cache-status MISS last-modified Sat, 05 Feb 2022 02:00:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7a64-5d73bbbf87dbb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nalOxF45XlvMHSji%2Fs1EKkUatJicy4nIMRji%2ByULHT0KEdbIFBtL24IOues11xXdsEGwqbc%2FoYvreq0rDQWE8DYM0YWDLpf13%2BXy6A21aHEZ6siWc8I6%2FcXKi1KuZ0dmgIy7PLM%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 895cd4791b996adf-FRA alt-svc h3=":443"; ma=86400 content-length 31332
GET H2	200	favicon.ico payment.borotokar.com/	680 B 484 B	124ms 124ms	Other text/html	185.142.159.119 AMINIDC
General Check archive.org Show headers Download Go to Full URL https://payment.borotokar.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.159.119 , Iran, Islamic Republic Of, ASN48147 (AMINIDC, IR), Reverse DNS Software nginx / Resource Hash `ea9adbe429fb65d8c04f2147f1783efda50a91e00eb2a7fde67403939c962993` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.borotokar.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 16:59:27 GMT content-encoding gzip last-modified Tue, 18 Jun 2024 16:57:25 GMT server nginx etag W/"6671bc75-2a8" content-type text/html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunkborotokar_payment

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://payment.borotokar.com/ Message: Mixed Content: The page at 'https://payment.borotokar.com/' was loaded over HTTPS, but requested an insecure element 'http://hitfile.ir/uploads/aliganjkhani/jpg/150000868223991.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.cdnfonts.com
hitfile.ir
payment.borotokar.com
148.251.154.80
172.67.184.158
185.142.159.119
1cafb92e5a1eaae152dd4ccd0a1a9f2b6599ba9556670714283e4c466a489bb3
49c312628bf04d44e89d26d6515d0d92079a9421112556883cbb9f6b7890a989
aabb4eccceeafc3d7f4ca7ede051c77a336a3b74a62ce4a483a623feca240f4d
b074920243aa9caddb3d7b4859c59640fd36e00f302857870e2fdfa3e8cd395b
c69154ad668528e54b55c3c52178df49c29d676390aabf4d15ae151f846a6088
ea9adbe429fb65d8c04f2147f1783efda50a91e00eb2a7fde67403939c962993

payment.borotokar.com Open in urlscan Pro 185.142.159.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

698 kBTransfer

697 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

payment.borotokar.com Open in urlscan Pro
185.142.159.119 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

698 kB
Transfer

697 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions