![](/screenshots/2a50b776-c6bc-49b7-9b18-b93cb7e21ade.png)
aaa.lotusib.ir
Open in
urlscan Pro
46.209.70.253
Public Scan
Effective URL: https://aaa.lotusib.ir:12843/auth/realms/oidc_realm/protocol/openid-connect/auth?client_id=meapp&redirect_uri=https%3A%2F%2Fc...
Submission: On November 14 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Certum Organization Validation CA SHA2 on September 7th 2021. Valid for: a year.
This is the only time aaa.lotusib.ir was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 185.192.112.107 185.192.112.107 | 60976 (POL) (POL) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 46.209.70.253 46.209.70.253 | 42337 (RESPINA-AS) (RESPINA-AS) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
20 | 4 |
ASN60976 (POL, IR)
PTR: server6007.dnslake.com
crmticket.sanayco.ir |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
sanayco.ir
crmticket.sanayco.ir |
436 KB |
5 |
lotusib.ir
aaa.lotusib.ir |
2 MB |
3 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
gstatic.com
fonts.gstatic.com |
23 KB |
20 | 4 |
Domain | Requested by | |
---|---|---|
10 | crmticket.sanayco.ir |
crmticket.sanayco.ir
|
5 | aaa.lotusib.ir |
crmticket.sanayco.ir
aaa.lotusib.ir |
3 | fonts.googleapis.com |
crmticket.sanayco.ir
aaa.lotusib.ir |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
20 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
crmticket.sanayco.ir R3 |
2021-11-14 - 2022-02-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
*.lotusib.ir Certum Organization Validation CA SHA2 |
2021-09-07 - 2022-09-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-10-18 - 2022-01-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://aaa.lotusib.ir:12843/auth/realms/oidc_realm/protocol/openid-connect/auth?client_id=meapp&redirect_uri=https%3A%2F%2Fcrmticket.sanayco.ir%2F&state=10388eed-7c48-4602-8c88-e8a4320668a2&response_mode=fragment&response_type=code&scope=openid&nonce=397ea470-f2b0-41ba-9e59-0c8adca10b92
Frame ID: BDC66D16CF99E696285DD611360BC67B
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/2a50b776-c6bc-49b7-9b18-b93cb7e21ade.png)
Page Title
Sign in to oidc_realmPage URL History Show full URLs
- https://crmticket.sanayco.ir/ Page URL
- https://aaa.lotusib.ir:12843/auth/realms/oidc_realm/protocol/openid-connect/auth?client_id=meapp&redirect... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://crmticket.sanayco.ir/ Page URL
- https://aaa.lotusib.ir:12843/auth/realms/oidc_realm/protocol/openid-connect/auth?client_id=meapp&redirect_uri=https%3A%2F%2Fcrmticket.sanayco.ir%2F&state=10388eed-7c48-4602-8c88-e8a4320668a2&response_mode=fragment&response_type=code&scope=openid&nonce=397ea470-f2b0-41ba-9e59-0c8adca10b92 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
crmticket.sanayco.ir/ |
1 KB 621 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 758 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 705 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.87e2a7c4dd0d265a03d9.css
crmticket.sanayco.ir/ |
419 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-es2015.c5fa8325f89fc516600b.js
crmticket.sanayco.ir/ |
1 KB 861 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills-es2015.5b10b8fd823b6392f1fd.js
crmticket.sanayco.ir/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.e830bc4b1bbb9d40b314.js
crmticket.sanayco.ir/ |
90 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-es2015.6526fccf27e1f6d0050b.js
crmticket.sanayco.ir/ |
1 MB 279 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iranyekanwebregular(fanum).e46ea675fa291d7425d9.woff2
crmticket.sanayco.ir/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
aaa.lotusib.ir/auth/realms/oidc_realm/protocol/openid-connect/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alfresco-logo.svg
crmticket.sanayco.ir/assets/images/ |
17 KB 17 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-bg-lines.50537d308ee1a5035af9.png
crmticket.sanayco.ir/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iranyekanwebbold(fanum).9be2c23624d9e98a7b71.woff2
crmticket.sanayco.ir/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
aaa.lotusib.ir/auth/resources/6.0.1/login/customTheme/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 580 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alfresco-logo.svg
aaa.lotusib.ir/auth/resources/6.0.1/login/customTheme/img/ |
17 KB 17 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eye-off.png
aaa.lotusib.ir/auth/resources/6.0.1/login/customTheme/img/ |
692 B 754 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
aaa.lotusib.ir/auth/resources/6.0.1/login/customTheme/img/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuXwe55njDw.woff2
fonts.gstatic.com/s/elmessiri/v10/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuXwe55ijDz-oQ.woff2
fonts.gstatic.com/s/elmessiri/v10/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| togglePassword2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
aaa.lotusib.ir/auth/realms/oidc_realm/ | Name: AUTH_SESSION_ID Value: 2dd6b634-8a0d-4200-bfb9-567c57bd29d5.pl-crmsrv |
|
aaa.lotusib.ir/auth/realms/oidc_realm/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxNDQyNzE3Mi1iMThjLTQzZmUtOTg2MS0xN2FkNjA0NTY5OTAifQ.eyJjaWQiOiJtZWFwcCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vY3JtdGlja2V0LnNhbmF5Y28uaXIvIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL2FhYS5sb3R1c2liLmlyOjEyODQzL2F1dGgvcmVhbG1zL29pZGNfcmVhbG0iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6InBsYWluIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9jcm10aWNrZXQuc2FuYXljby5pci8iLCJzdGF0ZSI6IjEwMzg4ZWVkLTdjNDgtNDYwMi04Yzg4LWU4YTQzMjA2NjhhMiIsIm5vbmNlIjoiMzk3ZWE0NzAtZjJiMC00MWJhLTllNTktMGM4YWRjYTEwYjkyIiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.PwECb4B1JRW4kUiMn8wrOrOEGNZXkKbqNNs3g_QOARg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aaa.lotusib.ir
crmticket.sanayco.ir
fonts.googleapis.com
fonts.gstatic.com
185.192.112.107
2a00:1450:4001:808::2003
2a00:1450:4001:813::200a
46.209.70.253
08b6d5f998bab0eeccc6145eecabe93dd1e9f6a0c60b5716e3bd5b00ed5ba6f9
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
1752feb65df34455b02b45247f916559c513375a67fa43ca6b53acd6f6edce8b
2e9d87717581e259bd6886b0ecd1f181706fd6c748ff5182d67c4ef7fd3e44e0
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
32756fe5eb0f7ebff6ecb28d0f602f5f0b7869706e6eb9a1d1439f457c875297
6c0cbce605f9dbcb948f3b57a024155301c459f40c5d6fdd257276512966ee09
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
704ac01df1a18d0b9ee1b18698cfb0bd7c60a004c214c998548f551bd1117e08
7dc486b5cbcdbc8a822dae39d59009f2c5258d1d8b61ed51d16adb7410b325a6
8ba9c2d80a595e64fe8f06eaa48e9aaf23de1a41d58124ba7781bcfeb559dd12
aea87bb56b5e262e31addca04d0f1522faf0b66364ae980c4ce6ea1d99ea280e
b9fe23094a1e9bcdc2ab5a5a10be45488dfdadec8623bc86cd183a4e55a04808
c207e5bf3b2d32bf99187224ce8c4c74ad9f595f5cd32f8e914f6abd9ea1b3b3
cbc6e7c903c128a1e6bb6a7ecb6d2007b92327c1c8f7f0519eadec261da00074
f1aacb6dcae19c4548ddc7720d8356025d9aacb4faa125219e74e4297b2ac78b
fe0e8ceb5d49b5ee542f2ddff052f6a03e7f55f78a78c5f9555cbdf350189308