URL: https://identity.lopibot.com/
Submission: On August 25 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 185.126.16.98, located in Iran, Islamic Republic Of and belongs to IR-THR-PTE, IR. The main domain is identity.lopibot.com.
TLS certificate: Issued by R11 on August 25th 2024. Valid for: 3 months.
This is the only time identity.lopibot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 185.126.16.98 49100 (IR-THR-PTE)
14 2
Apex Domain
Subdomains
Transfer
12 lopibot.com
identity.lopibot.com
229 KB
14 1
Domain Requested by
12 identity.lopibot.com identity.lopibot.com
14 1

This site contains no links.

Subject Issuer Validity Valid
identity.lopibot.com
R11
2024-08-25 -
2024-11-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://identity.lopibot.com/
Frame ID: 35F9C9CC6DD016A94AA5566F79748944
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Lopibot Identity Service

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

229 kB
Transfer

710 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
identity.lopibot.com/
3 KB
2 KB
Document
General
Full URL
https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
238af6af4f93b6500254024481b3d4074ce0310ed23753f06b4811225765a0e6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
content-type
text/html; charset=utf-8
date
Sun, 25 Aug 2024 08:47:05 GMT
referrer-policy
no-referrer
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
all.css
identity.lopibot.com/LayoutMobileApp/assets/css/
153 KB
36 KB
Stylesheet
General
Full URL
https://identity.lopibot.com/LayoutMobileApp/assets/css/all.css
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Sat, 29 Jan 2022 13:09:12 GMT
server
Microsoft-IIS/10.0
etag
"1d8151168896e44"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
bootstrap.min.css
identity.lopibot.com/LayoutMobileApp/assets/css/
158 KB
36 KB
Stylesheet
General
Full URL
https://identity.lopibot.com/LayoutMobileApp/assets/css/bootstrap.min.css
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Sat, 29 Jan 2022 13:08:46 GMT
server
Microsoft-IIS/10.0
etag
"1d815115909b581"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
styles.css
identity.lopibot.com/LayoutMobileApp/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://identity.lopibot.com/LayoutMobileApp/assets/css/styles.css
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3316aec5c32c756ca5bcc3bef5071f7f7023245ceeeeaa403beb99272ac82a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Mon, 12 Dec 2022 10:55:53 GMT
server
Microsoft-IIS/10.0
etag
"1d90e184db74574"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
lopibot.png
identity.lopibot.com/images/
4 KB
4 KB
Image
General
Full URL
https://identity.lopibot.com/images/lopibot.png
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1711c02c2808eba6e13721612892cf31954f175cbf6d04e7b084ec3b9a1185fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 08:47:05 GMT
referrer-policy
no-referrer
last-modified
Mon, 12 Dec 2022 09:39:09 GMT
server
Microsoft-IIS/10.0
etag
"1d90e0d95849271"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3825
jquery.min.js
identity.lopibot.com/LayoutV2/js/
84 KB
38 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/jquery.min.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Tue, 20 Oct 2020 11:38:30 GMT
server
Microsoft-IIS/10.0
etag
"1d6a6d5885d714c"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
popper.min.js
identity.lopibot.com/LayoutV2/js/
19 KB
8 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/popper.min.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d1550d30e03f777fb25a2761e42fd8640fc2891fe3f8319524e5a0f17ede803d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Tue, 20 Oct 2020 11:39:08 GMT
server
Microsoft-IIS/10.0
etag
"1d6a6d59f02dcf7"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
bootstrap.min.js
identity.lopibot.com/LayoutV2/js/
49 KB
19 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/bootstrap.min.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2a5cc6f06689993566ebb2b73eb67e026fb3669fc578a41d5e8b3dabd9e7bd40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Tue, 20 Oct 2020 11:42:22 GMT
server
Microsoft-IIS/10.0
etag
"1d6a6d612a466fc"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
plugins.js
identity.lopibot.com/LayoutV2/js/
214 KB
75 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/plugins.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
57e533d11b7685fec110d32a78035ef77ff020c85228776b5e2963cdc52c58e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Tue, 20 Oct 2020 11:40:13 GMT
server
Microsoft-IIS/10.0
etag
"1d6a6d5c5c39558"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
dzsparallaxer.js
identity.lopibot.com/LayoutV2/js/
15 KB
6 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/dzsparallaxer.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02a9bfd4331ead6bf7c004f658a89a8f9ffdd9af34dd4234080c6648489a5b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Tue, 20 Oct 2020 11:40:50 GMT
server
Microsoft-IIS/10.0
etag
"1d6a6d5dbceb03f"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
jquery.syotimer.min.js
identity.lopibot.com/LayoutV2/js/
4 KB
2 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/jquery.syotimer.min.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
693f982b492ca2f0216485e3893dd1898b725dd14b82a1f852b4472c3eed0728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Tue, 20 Oct 2020 11:41:28 GMT
server
Microsoft-IIS/10.0
etag
"1d6a6d5f274f578"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
script.js
identity.lopibot.com/LayoutV2/js/
5 KB
2 KB
Script
General
Full URL
https://identity.lopibot.com/LayoutV2/js/script.js
Requested by
Host: identity.lopibot.com
URL: https://identity.lopibot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.126.16.98 , Iran, Islamic Republic Of, ASN49100 (IR-THR-PTE, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecb9985f3e3f21c30df3189b0b01c51fd4b2c00e0d9f314e461e257ee59e2716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer
date
Sun, 25 Aug 2024 08:47:05 GMT
last-modified
Mon, 26 Oct 2020 10:32:24 GMT
server
Microsoft-IIS/10.0
etag
"1d6ab834aeb3978"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
Shabnam-FD.woff
identity.lopibot.com/dist/fonts/shabnamFD/
0
0

Shabnam-FD.ttf
identity.lopibot.com/dist/fonts/shabnamFD/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
identity.lopibot.com
URL
https://identity.lopibot.com/dist/fonts/shabnamFD/Shabnam-FD.woff
Domain
identity.lopibot.com
URL
https://identity.lopibot.com/dist/fonts/shabnamFD/Shabnam-FD.ttf

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| WOW function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| NiceScroll function| is_mobile function| is_touch_device function| is_ie function| is_ie11 function| version_ie object| dzsprx_self_options function| dzsprx_init function| requestAnimFrame

0 Cookies

3 Console Messages

Source Level URL
Text
security warning URL: https://identity.lopibot.com/
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://identity.lopibot.com/(Line 35)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-u3mT8uqHeeUGh2c8lXGpXdLgl71/SdsfP57tq9DG+oo='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://identity.lopibot.com/(Line 110)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-yYv/gWyBahHAqseyjXa0yiAuUiCf7tgUoFX/gB0wBQg='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN