logto.sarava.dev Open in urlscan Pro
167.114.185.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sl.tanserlock.com/
Effective URL:
https://logto.sarava.dev/sign-in
Submission: On December 03 via api (December 3rd 2024, 3:10:22 am UTC) from US — Scanned from US

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 167.114.185.161, located in Montreal, Canada and belongs to OVH OVH SAS, FR. The main domain is logto.sarava.dev.
TLS certificate: Issued by R11 on November 21st 2024. Valid for: 3 months.

This is the only time logto.sarava.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	188.121.101.176 188.121.101.176	202468 (AbrArvan-...) (AbrArvan-AS Noyan Abr Arvan Co. ( Private Joint Stock))
1 9	167.114.185.161 167.114.185.161	16276 (OVH OVH SAS) (OVH OVH SAS)
1	172.66.40.214 172.66.40.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

2 188.121.101.176 (Iran, Islamic Republic Of) 2 redirects

ASN202468 (AbrArvan-AS Noyan Abr Arvan Co. ( Private Joint Stock), IR)

sl.tanserlock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 167.114.185.161 (Montreal, Canada) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: vps-292f989a.vps.ovh.ca

logto.sarava.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.214 (United States)

ASN13335 (CLOUDFLARENET, US)

logto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	sarava.dev 1 redirects logto.sarava.dev	282 KB
2	tanserlock.com 2 redirects sl.tanserlock.com	1 KB
1	logto.io logto.io	4 KB
9	3

	Domain	Requested by
9	logto.sarava.dev	1 redirects logto.sarava.dev
2	sl.tanserlock.com	2 redirects
1	logto.io
9	3

This site contains links to these domains. Also see Links.

Domain
logto.io

Subject Issuer	Validity	Valid
logto.sarava.dev R11	`2024-11-21` - `2025-02-19`	3 months	crt.sh
logto.io WE1	`2024-12-02` - `2025-03-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://logto.sarava.dev/sign-in
Frame ID: 1EC8B7D959CA516018CF6142B0DB0D93
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://sl.tanserlock.com/ HTTP 302
https://sl.tanserlock.com/logto/sign-in HTTP 302
https://logto.sarava.dev/oidc/auth?client_id=zgpr0yc742dzkp2axn80i&redirect_uri=https%3A%2F%2Fsl.tans... HTTP 303
https://logto.sarava.dev/sign-in Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

285 kB
Transfer

1220 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://logto.io/?utm_source=sign_in&utm_medium=powered_by
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sl.tanserlock.com/ HTTP 302
https://sl.tanserlock.com/logto/sign-in HTTP 302
https://logto.sarava.dev/oidc/auth?client_id=zgpr0yc742dzkp2axn80i&redirect_uri=https%3A%2F%2Fsl.tanserlock.com%2Flogto%2Fsign-in-callback&code_challenge=nWFqXWNZNLFQSouj16PhYjRP45gFQcMGXimSAq2aS3Q&code_challenge_method=S256&state=3JdQ4QhznQe4p6RUmoHR7X4-QlrTwyQa5edDIsbjJCCpqFYAKaPdY05EeFOMOI-Nkvzd_KP9w3a-ii0mah-ciA&response_type=code&prompt=consent&scope=openid+offline_access+profile+email HTTP 303
https://logto.sarava.dev/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign-in Show response
logto.sarava.dev/
Redirect Chain

https://sl.tanserlock.com/
https://sl.tanserlock.com/logto/sign-in
https://logto.sarava.dev/oidc/auth?client_id=zgpr0yc742dzkp2axn80i&redirect_uri=https%3A%2F%2Fsl.tanserlock.com%2Flogto%2Fsign-in-callback&code_challenge=nWFqXWNZNLFQSouj16PhYjRP45gFQcMGXimSAq2aS3Q...
https://logto.sarava.dev/sign-in

909 B
775 B

151ms
150ms

Document
text/html

167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

0bd3edb9a1ebdf59977aea1a6fb0239f02758d703cee6006c252cd5ae0797151

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 357
content-security-policy: img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 03:10:11 GMT
last-modified: Wed, 15 May 2024 02:59:46 GMT
logto-core-request-id: 52oePb98s0tOFB9s
origin-agent-cluster: ?1
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

cache-control: no-store
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: same-origin
date: Tue, 03 Dec 2024 03:10:11 GMT
etag: "33-MngY/2b47MIrH5Fxda05K91Uneo"
location: /sign-in
logto-core-request-id: UwL6OAP5jgtJmWlM
origin-agent-cluster: ?1
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 index.94c7bc3a.css
logto.sarava.dev/ 43 KB
7 KB 335ms
333ms Stylesheet
text/css 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/index.94c7bc3a.css

Requested by

Host: logto.sarava.dev
URL: https://logto.sarava.dev/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

9fc60c05482badf5b867ae19f7d6a079f10c498c663654f207b3f50fa249d33b

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://logto.sarava.dev/sign-in

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: QeYZrD4G4rIxq7GA
date: Tue, 03 Dec 2024 03:10:11 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 15 May 2024 02:59:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control: max-age=604800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
content-length: 6633
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 index.01c088bf.js Show response
logto.sarava.dev/ 1 KB
643 B 724ms
722ms Script
application/javascript 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/index.01c088bf.js

Requested by

Host: logto.sarava.dev
URL: https://logto.sarava.dev/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

2127872c18a54715c41ab8f95c0afb8b16fc45fb499e5f0abb9ed7ec4697f2ed

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://logto.sarava.dev
Referer: https://logto.sarava.dev/sign-in

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: zWHwEGilJwly_hrh
date: Tue, 03 Dec 2024 03:10:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 May 2024 02:59:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control: max-age=604800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
content-length: 560
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 index.a7c02af3.js Show response
logto.sarava.dev/ 1 MB
266 KB 724ms
723ms Script
application/javascript 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/index.a7c02af3.js

Requested by

Host: logto.sarava.dev
URL: https://logto.sarava.dev/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

c69f9ec61d1c008271d7ab635043b7b7cfb22f65c7f117b28fd0b0204133f100

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://logto.sarava.dev
Referer: https://logto.sarava.dev/sign-in

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: gCH9ofyz8d_fONN-
date: Tue, 03 Dec 2024 03:10:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 15 May 2024 02:59:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control: max-age=604800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
content-length: 272490
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sign-in-exp
logto.sarava.dev/api/.well-known/ 8 KB
3 KB 1579ms
1578ms Other
application/json 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/api/.well-known/sign-in-exp

Requested by

Host: logto.sarava.dev
URL: https://logto.sarava.dev/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

0de78670ed7d782f8d5a6c7864f4a56a79334f695fe1a4c2ffbea4bda3c167e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://logto.sarava.dev
Referer: https://logto.sarava.dev/sign-in

Response headers

content-encoding: br
etag: "1f94-yaNVxS9QU11g5alvCJWjibegaUc"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: bP1M8jVf2R5ZnG_h
date: Tue, 03 Dec 2024 03:10:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cross-origin-resource-policy: same-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 phrases
logto.sarava.dev/api/.well-known/ 11 KB
3 KB 1578ms
1577ms Other
application/json 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/api/.well-known/phrases

Requested by

Host: logto.sarava.dev
URL: https://logto.sarava.dev/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

9bcc802a90729b92dbffca4dbb99099f80bc001100e93ff6e2b599c4d45a7f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://logto.sarava.dev
Referer: https://logto.sarava.dev/sign-in

Response headers

content-encoding: br
etag: "2ad0-VRsPyde6IIGNoDcHjn4Mxskf2go"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: QERryCrFAUMxmlfa
date: Tue, 03 Dec 2024 03:10:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cross-origin-resource-policy: same-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
x-xss-protection: 0
content-language: en
origin-agent-cluster: ?1

GET
H2 200 favicon.ico
logto.sarava.dev/ 909 B
432 B 152ms
151ms Other
text/html 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

0bd3edb9a1ebdf59977aea1a6fb0239f02758d703cee6006c252cd5ae0797151

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://logto.sarava.dev/sign-in

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: Y0nhB_j8mh_fPkMc
date: Tue, 03 Dec 2024 03:10:17 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 15 May 2024 02:59:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
content-length: 357
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 logo.svg
logto.io/ 8 KB
4 KB 515ms
402ms Image
image/svg+xml 172.66.40.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logto.io/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69c69fca8570c43817d5ac428d02387eb49914430651e0ea04abd4a830e588e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://logto.sarava.dev
Referer: https://logto.sarava.dev/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"0d885018f650de4fc04211f928879119"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lq8Mob1IPitQYfbGM%2BQeCrcS3p%2FiTonVainemvM%2FpdMg16j2iIMg%2FnlLZ0ZU%2F38PQBYUYX2tAJXIXPNtmgufV%2Be1uWb5UTZOFM8KTtIQm5sZqL0PM5es3iyrzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=85126&min_rtt=85073&rtt_var=24016&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4104&recv_bytes=5574&delivery_rate=37337&cwnd=12000&unsent_bytes=0&cid=138807b13028be7f&ts=147&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 03:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ec05ce3580b7c35-LAX
access-control-allow-origin: *
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d695506a19cde96a15c65e1377ae2110dfe001cef99e0128c377e5120781538

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://logto.sarava.dev
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 favicon.561cee98.png
logto.sarava.dev/ 569 B
678 B 158ms
157ms Other
image/png 167.114.185.161
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://logto.sarava.dev/favicon.561cee98.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.114.185.161 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

vps-292f989a.vps.ovh.ca

Software

Resource Hash

799c9c09d3c464d3705e0bbb93489dabe13b10f9f55b57ac9afed7daaac669c3

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://logto.sarava.dev/sign-in

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
logto-core-request-id: jd6WRVrk4jQ3I01X
date: Tue, 03 Dec 2024 03:10:18 GMT
content-type: image/png
last-modified: Wed, 15 May 2024 02:59:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control: max-age=604800
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cross-origin-embedder-policy: credentialless
content-length: 569
x-xss-protection: 0
origin-agent-cluster: ?1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| parcelRequire2d52 function| clearImmediate function| setImmediate

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
logto.sarava.dev/oidc/auth/pacuWsLKmVuHX24cXq7Op	1970-01-21 01:26:39	Name: _interaction_resume Value: pacuWsLKmVuHX24cXq7Op
logto.sarava.dev/oidc/auth/pacuWsLKmVuHX24cXq7Op	1970-01-21 01:26:39	Name: _interaction_resume.sig Value: hClsMVTPrhbZZP89jHAk9IeWqSo
sl.tanserlock.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A01JE57YA80JTB7EVTEHPP5RCBR.fZXFrOkp7pKx1B0HKeTHLxYcKTeVxitZBuktgfC%2F7gI
logto.sarava.dev/	1969-12-31 23:59:59	Name: _logto Value: {"appId":"zgpr0yc742dzkp2axn80i"}
logto.sarava.dev/	1970-01-21 01:26:39	Name: _interaction Value: pacuWsLKmVuHX24cXq7Op
logto.sarava.dev/	1970-01-21 01:26:39	Name: _interaction.sig Value: C3UzgruznroLL5nhCTU5c1mni-Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self' 'unsafe-inline';connect-src 'self' https://logto.sarava.dev;frame-src 'self' https:;frame-ancestors 'self' http://localhost:3002 https://admin.logto.sarava.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

logto.io
logto.sarava.dev
sl.tanserlock.com
167.114.185.161
172.66.40.214
188.121.101.176
0bd3edb9a1ebdf59977aea1a6fb0239f02758d703cee6006c252cd5ae0797151
0de78670ed7d782f8d5a6c7864f4a56a79334f695fe1a4c2ffbea4bda3c167e7
2127872c18a54715c41ab8f95c0afb8b16fc45fb499e5f0abb9ed7ec4697f2ed
799c9c09d3c464d3705e0bbb93489dabe13b10f9f55b57ac9afed7daaac669c3
8d695506a19cde96a15c65e1377ae2110dfe001cef99e0128c377e5120781538
9bcc802a90729b92dbffca4dbb99099f80bc001100e93ff6e2b599c4d45a7f88
9fc60c05482badf5b867ae19f7d6a079f10c498c663654f207b3f50fa249d33b
c69f9ec61d1c008271d7ab635043b7b7cfb22f65c7f117b28fd0b0204133f100
e69c69fca8570c43817d5ac428d02387eb49914430651e0ea04abd4a830e588e

logto.sarava.dev Open in urlscan Pro 167.114.185.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

285 kBTransfer

1220 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

logto.sarava.dev Open in urlscan Pro
167.114.185.161 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

285 kB
Transfer

1220 kB
Size

6
Cookies

9 HTTP transactions
1 data transactions