![](/screenshots/a79752da-cb86-478a-8ebb-be6e410b174a.png)
app.restored.serapisdev.com
Open in
urlscan Pro
34.117.22.197
Public Scan
Submission: On March 12 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by GTS CA 1D2 on March 12th 2021. Valid for: 3 months.
This is the only time app.restored.serapisdev.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 34.117.22.197 34.117.22.197 | 15169 (GOOGLE) (GOOGLE) | |
4 | 65.9.98.50 65.9.98.50 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6810:b8f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 4 |
ASN15169 (GOOGLE, US)
PTR: 197.22.117.34.bc.googleusercontent.com
app.restored.serapisdev.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
serapisdev.com
app.restored.serapisdev.com |
222 KB |
5 |
auth0.com
cdn.auth0.com serapis-prod.auth0.com |
61 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
8 | app.restored.serapisdev.com |
app.restored.serapisdev.com
|
4 | cdn.auth0.com |
app.restored.serapisdev.com
serapis-prod.auth0.com |
1 | serapis-prod.auth0.com |
app.restored.serapisdev.com
|
13 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
app.restored.serapisdev.com GTS CA 1D2 |
2021-03-12 - 2021-06-10 |
3 months | crt.sh |
*.auth0.com Amazon |
2020-05-23 - 2021-06-23 |
a year | crt.sh |
auth0.com Cloudflare Inc ECC CA-3 |
2020-10-22 - 2021-10-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://app.restored.serapisdev.com/
Frame ID: 73E1C6659743E360F7FA9EA8E9C77AD9
Requests: 11 HTTP requests in this frame
Frame:
https://serapis-prod.auth0.com/authorize?client_id=YVA8JDEgPusu23vbKR13w3ja0BiE9nXB&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fapp.restored.serapisdev.com%2Fauth&scope=openid%20profile%20email&state=ja94oCabpxTmHzsa65R2g56KGOe8X~AP&nonce=3TopQdKhJAF9nChBbo3o7nwAOINxK9pz&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4xNC4xIiwibGliX3ZlcnNpb24iOnsicmF3IjoiOS4xMC4xIn19
Frame ID: 3CDFCDED7C54D20CBF8F4B7AE74CC43A
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/a79752da-cb86-478a-8ebb-be6e410b174a.png)
Detected technologies
Detected patterns
- headers via /^1\.1 google$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
app.restored.serapisdev.com/ |
985 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
question.mark.svg
app.restored.serapisdev.com/ |
1 KB 834 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
app.restored.serapisdev.com/ |
770 KB 213 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.js
app.restored.serapisdev.com/ |
575 B 703 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginConfig.js
app.restored.serapisdev.com/ |
167 B 349 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
app.restored.serapisdev.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth-override.css
app.restored.serapisdev.com/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cysiv_logo_login.svg
app.restored.serapisdev.com/images/ |
2 KB 941 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YVA8JDEgPusu23vbKR13w3ja0BiE9nXB.js
cdn.auth0.com/client/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
serapis-prod.auth0.com/ Frame 3CDF |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.css
cdn.auth0.com/styleguide/latest/ Frame 3CDF |
253 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
cdn.auth0.com/backend-templates/ Frame 3CDF |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
cdn.auth0.com/backend-templates/ Frame 3CDF |
698 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
343 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Auth0 function| Auth0Lock function| Auth0LockPasswordless function| subdivideQueryValues function| isJSON1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app.restored.serapisdev.com/ | Name: _csrf Value: pEEyjzDYR2bZBSUFXXbOtfj- |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | connect-src 'self' serapis-prod.auth0.com https://www.googleapis.com https://firestore.googleapis.com https://securetoken.googleapis.com; default-src 'self'; frame-src 'self' https://serapis-prod.auth0.com blob:; font-src https://fonts.googleapis.com https://fonts.gstatic.com; img-src 'self' data:; object-src serapis-dev.auth0.com; script-src 'self' https://cdn.auth0.com/; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com blob: |
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.restored.serapisdev.com
cdn.auth0.com
serapis-prod.auth0.com
2606:4700::6810:b8f8
34.117.22.197
65.9.98.50
082c7dcaed1c848b1b6f7ca58609f1f0bc28c5797630b87ad9e2108c66c117d0
12cdbc73965592e06b9e28df3ef984fc9866d3e8d992419f8de1055f8a035cb8
266fd180ebfa5681800865d988989508e75c2a9a30d395ac8434289b18ad284e
26db35474d595f810339e0c4376f5eb52d5f87ffa81b160ddeae3331040b1f26
33d7a6d050c9c6781de649a469f5b8b7ecc4d50aed99f0ec5d46db7f82ff1937
61daa74e0eb0a1eeb3222afea391b35493a10469fd3ff9f3b3f97d969b83f0d7
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
882875d7592afa9ca6c1f1f8ec38f548e9e839ec87f88d8d0f201e18424bcf0a
929f48f88c8ca7f3f5d294be47ec4caf51acc28ac25340c19a903125d7ecd84a
c10c601443eeb6d79100eaca7911ad24334ccb39f0861e697ea7f33684c35d86
c8cf2b9c23d21a10dd6773ac8cbfff6ae53d2131d5f6c0bdf7286e40d2fb1947
dc75fb653dd99acd2e1b812336a848b97e39211f0b103b949a9b40d75d99a12a
e2fcb2cb455aeb3b3fd58d4798f7235eca9d03ab031099bbd473db576f4e3b92
f10f0982087c01de72c16baf674d8107d41d10ecff66667b0f7b0890ef52edd1
f1cb571a8c1139c3e4e090243823368e120471a8dfeb4b1623da2be8036d9be4