![](/screenshots/19dade5d-9a16-4693-b7b1-59694a8d9a49.png)
auth.sandbox.libe.io
Open in
urlscan Pro
99.86.2.97
Public Scan
Submission: On November 03 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Amazon on November 3rd 2020. Valid for: a year.
This is the only time auth.sandbox.libe.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 99.86.2.97 99.86.2.97 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 163.171.131.240 163.171.131.240 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
1 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.226.134.211 13.226.134.211 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6812:f458 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-97.fra6.r.cloudfront.net
auth.sandbox.libe.io |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-134-211.dus51.r.cloudfront.net
cdn.eu.auth0.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
auth0.com
cdn.auth0.com cdn.eu.auth0.com dev-81ikoog4.eu.auth0.com |
4 KB |
2 |
libe.io
auth.sandbox.libe.io |
2 MB |
1 |
liberation.fr
statics.liberation.fr |
5 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
2 | auth.sandbox.libe.io |
auth.sandbox.libe.io
|
1 | dev-81ikoog4.eu.auth0.com |
auth.sandbox.libe.io
|
1 | cdn.eu.auth0.com |
auth.sandbox.libe.io
|
1 | cdn.auth0.com |
auth.sandbox.libe.io
|
1 | statics.liberation.fr |
auth.sandbox.libe.io
|
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
auth.sandbox.libe.io Amazon |
2020-11-03 - 2021-12-02 |
a year | crt.sh |
*.liberation.fr Thawte RSA CA 2018 |
2020-01-08 - 2021-03-08 |
a year | crt.sh |
*.auth0.com Amazon |
2020-05-23 - 2021-06-23 |
a year | crt.sh |
*.eu.auth0.com Amazon |
2020-07-03 - 2021-08-03 |
a year | crt.sh |
eu.auth0.com Cloudflare Inc ECC CA-3 |
2020-10-22 - 2021-10-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://auth.sandbox.libe.io/
Frame ID: 8A4C4736326A2CB0AB8A25DED221C8CA
Requests: 6 HTTP requests in this frame
Frame:
https://dev-81ikoog4.eu.auth0.com/authorize?client_id=eZls28iyq2zMA0hJWT0ri4UPPHlfZA3q&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fauth.sandbox.libe.io%2F&scope=openid%20profile%20email&state=t-UirewFZYAOxvDrmCNoDeUfK3mmTLy6&nonce=t9ollLUppeXMVTQStDhlkYY9JB-erQbA&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4yNy4xIiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4xNC4wIiwiYXV0aDAuanMtdWxwIjoiOS4xNC4wIn19
Frame ID: EADF7A637F91FF59D6798D58D8ABCFFD
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/19dade5d-9a16-4693-b7b1-59694a8d9a49.png)
Detected technologies
Detected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Detected patterns
- headers via /\(CloudFront\)$/i
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
auth.sandbox.libe.io/ |
361 B 681 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
build.js
auth.sandbox.libe.io/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-libe.svg
statics.liberation.fr/newsite/images/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fr.js
cdn.auth0.com/js/lock/11.27.1/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eZls28iyq2zMA0hJWT0ri4UPPHlfZA3q.js
cdn.eu.auth0.com/client/ |
440 B 1006 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
dev-81ikoog4.eu.auth0.com/ Frame EADF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| Auth01 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.sandbox.libe.io/ | Name: com.auth0.auth.t-UirewFZYAOxvDrmCNoDeUfK3mmTLy6 Value: {%22nonce%22:%22t9ollLUppeXMVTQStDhlkYY9JB-erQbA%22%2C%22state%22:%22t-UirewFZYAOxvDrmCNoDeUfK3mmTLy6%22} |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.sandbox.libe.io
cdn.auth0.com
cdn.eu.auth0.com
dev-81ikoog4.eu.auth0.com
statics.liberation.fr
13.226.134.211
143.204.103.120
163.171.131.240
2606:4700::6812:f458
99.86.2.97
0970b73f60347642598dacc29419d0fb4983bfc9162b71d23d3092b66b8419a0
46542364cee562c2d3205e0bd3a271f9c84f42e82a4cd3c283a4d635768ac5b1
58e48be3206e461cc110987659a43229f7051a9aa6cfc12c134f75f4e8a3368d
5926c3fb71a027142fcf7ff8537dfb84f0bdf2d9791abfda58cea8170fe211f4
a5ac7e720c87831cead924ebb2a814a2f2f97b8f9c32465cb78374643a571246
cf9b44b10a339d642ce06652810a464dec2e1f1c9e948a08142d1e65c3441cff