auth.saasquatch.com
Open in
urlscan Pro
2606:4700::6810:b8f8
Public Scan
Effective URL: https://auth.saasquatch.com/login?state=hKFo2SBWeC1KQzdxMTFTY2VRVHFnMkxNUzlUbUZ6aFZfREhJb6FupWxvZ2luo3RpZNkgVmxydVRadzRMNGFE...
Submission: On June 28 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 3rd 2021. Valid for: a year.
This is the only time auth.saasquatch.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 143.204.101.106 143.204.101.106 | 16509 (AMAZON-02) (AMAZON-02) | |
2 3 | 34.107.142.212 34.107.142.212 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2606:4700::68... 2606:4700::6810:b8f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 76.76.21.142 76.76.21.142 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 151.101.130.133 151.101.130.133 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:50c0:800... 2606:50c0:8002::153 | 54113 (FASTLY) (FASTLY) | |
1 | 2600:9000:215... 2600:9000:2156:f800:12:94b3:c380:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-106.fra50.r.cloudfront.net
d2rcp9ak152ke1.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: 212.142.107.34.bc.googleusercontent.com
app.referralsaasquatch.com |
ASN16509 (AMAZON-02, US)
images.ctfassets.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
vercel.app
saasquatch-login-prod.vercel.app |
370 KB |
3 |
saasquatch.com
1 redirects
auth.saasquatch.com assets.saasquatch.com |
10 KB |
3 |
referralsaasquatch.com
2 redirects
app.referralsaasquatch.com — Cisco Umbrella Rank: 163957 |
1 KB |
1 |
ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4076 |
136 KB |
1 |
ssqt.io
fast.ssqt.io — Cisco Umbrella Rank: 57454 |
2 KB |
1 |
cloudfront.net
1 redirects
d2rcp9ak152ke1.cloudfront.net |
419 B |
9 | 6 |
Domain | Requested by | |
---|---|---|
4 | saasquatch-login-prod.vercel.app |
auth.saasquatch.com
fast.ssqt.io |
3 | app.referralsaasquatch.com |
2 redirects
saasquatch-login-prod.vercel.app
|
2 | auth.saasquatch.com | 1 redirects |
1 | images.ctfassets.net |
auth.saasquatch.com
|
1 | assets.saasquatch.com |
auth.saasquatch.com
|
1 | fast.ssqt.io |
auth.saasquatch.com
|
1 | d2rcp9ak152ke1.cloudfront.net | 1 redirects |
9 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.saasquatch.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
auth.saasquatch.com Cloudflare Inc ECC CA-3 |
2021-11-03 - 2022-11-02 |
a year | crt.sh |
*.vercel.app R3 |
2022-05-07 - 2022-08-05 |
3 months | crt.sh |
fast.ssqt.io R3 |
2022-05-10 - 2022-08-08 |
3 months | crt.sh |
assets.saasquatch.com R3 |
2022-05-11 - 2022-08-09 |
3 months | crt.sh |
app.referralsaasquatch.com GTS CA 1D4 |
2022-06-10 - 2022-09-08 |
3 months | crt.sh |
images.ctfassets.net Amazon |
2022-02-17 - 2023-03-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.saasquatch.com/login?state=hKFo2SBWeC1KQzdxMTFTY2VRVHFnMkxNUzlUbUZ6aFZfREhJb6FupWxvZ2luo3RpZNkgVmxydVRadzRMNGFEZlEtTjRfNkQ4WVlzc2trSzdnT2ajY2lk2SBCVTF0QkZzd3Q5bGVSS09JeDBtUmwzZThEM3FDMEJXcg&client=BU1tBFswt9leRKOIx0mRl3e8D3qC0BWr&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.referralsaasquatch.com%2Fauth0%2Fcallback&response_type=code&scope=openid%20email
Frame ID: 9306B356026FD99E9A1CDAED471CA130
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
SaaSquatch LoginPage URL History Show full URLs
-
http://d2rcp9ak152ke1.cloudfront.net/
HTTP 303
https://app.referralsaasquatch.com/ HTTP 303
https://app.referralsaasquatch.com/login?requestPath=%2F HTTP 303
https://auth.saasquatch.com/authorize?client_id=BU1tBFswt9leRKOIx0mRl3e8D3qC0BWr&redirect_uri=https%3A%2... HTTP 302
https://auth.saasquatch.com/login?state=hKFo2SBWeC1KQzdxMTFTY2VRVHFnMkxNUzlUbUZ6aFZfREhJb6FupWxvZ2luo3Rp... Page URL
Detected technologies
Contentful (CMS) ExpandDetected patterns
- <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Read More
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://d2rcp9ak152ke1.cloudfront.net/
HTTP 303
https://app.referralsaasquatch.com/ HTTP 303
https://app.referralsaasquatch.com/login?requestPath=%2F HTTP 303
https://auth.saasquatch.com/authorize?client_id=BU1tBFswt9leRKOIx0mRl3e8D3qC0BWr&redirect_uri=https%3A%2F%2Fapp.referralsaasquatch.com%2Fauth0%2Fcallback&response_type=code&scope=openid%20email&state=eyJsb2dpbkNzcmZUb2tlbiI6IjlQQ0ZwdnFseUZBMU9LSmRGZVZkNlJUOTd5UVM3QWhJIiwicmVxdWVzdFBhdGgiOiIvIn0 HTTP 302
https://auth.saasquatch.com/login?state=hKFo2SBWeC1KQzdxMTFTY2VRVHFnMkxNUzlUbUZ6aFZfREhJb6FupWxvZ2luo3RpZNkgVmxydVRadzRMNGFEZlEtTjRfNkQ4WVlzc2trSzdnT2ajY2lk2SBCVTF0QkZzd3Q5bGVSS09JeDBtUmwzZThEM3FDMEJXcg&client=BU1tBFswt9leRKOIx0mRl3e8D3qC0BWr&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.referralsaasquatch.com%2Fauth0%2Fcallback&response_type=code&scope=openid%20email Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
login
auth.saasquatch.com/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saasquatch-login.es.js
saasquatch-login-prod.vercel.app/ |
507 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saasquatch-login.umd.js
saasquatch-login-prod.vercel.app/ |
312 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
saasquatch-login-prod.vercel.app/ |
65 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
immutable-cdn.umd.production.min.js
fast.ssqt.io/npm/@saasquatch/immutable-cdn@latest/dist/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saasquatch-login.es.js
saasquatch-login-prod.vercel.app/ |
507 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
assets.saasquatch.com/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loginContent
app.referralsaasquatch.com/auth/ |
193 B 213 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-squatcher-1.png
images.ctfassets.net/48ji72u659z5/6C3xdKxIxXnhHic6BcrqWk/8899c285b7296852fa0724e09b26f3ea/ |
136 KB 136 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CDN object| auth0Config string| auth0Tenant object| defaultCdns string| cdn6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.saasquatch.com/usernamepassword/login | Name: _csrf Value: oLXeHOb8NJKDNFCjbl8CEGeS |
|
app.referralsaasquatch.com/ | Name: loginCsrfToken Value: 9PCFpvqlyFA1OKJdFeVd6RT97yQS7AhI |
|
auth.saasquatch.com/ | Name: did Value: s%3Av0%3A5adc49e0-f6e6-11ec-916f-376b0d38a634.Q5mXZJEl%2B7Ho3ytUPHXOrX3nhPsdEeHRa9bar74%2FK2A |
|
auth.saasquatch.com/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNEL87cpx0fqjL_8-UxBcwKdvyj0jaJZU7cL0gF48OTqOIUesjRf35elCIHSgla1mbNiHSJgD76TN8ufe3H9MWOmY29va2llg6dleHBpcmVz1__j7ZwAYr72wK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.YZYLqYTh%2BtohmB2qAd%2BjB1FIE%2FDCJ%2BILnvz6rc8HBv4 |
|
auth.saasquatch.com/ | Name: did_compat Value: s%3Av0%3A5adc49e0-f6e6-11ec-916f-376b0d38a634.Q5mXZJEl%2B7Ho3ytUPHXOrX3nhPsdEeHRa9bar74%2FK2A |
|
auth.saasquatch.com/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNEL87cpx0fqjL_8-UxBcwKdvyj0jaJZU7cL0gF48OTqOIUesjRf35elCIHSgla1mbNiHSJgD76TN8ufe3H9MWOmY29va2llg6dleHBpcmVz1__j7ZwAYr72wK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.YZYLqYTh%2BtohmB2qAd%2BjB1FIE%2FDCJ%2BILnvz6rc8HBv4 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.referralsaasquatch.com
assets.saasquatch.com
auth.saasquatch.com
d2rcp9ak152ke1.cloudfront.net
fast.ssqt.io
images.ctfassets.net
saasquatch-login-prod.vercel.app
143.204.101.106
151.101.130.133
2600:9000:2156:f800:12:94b3:c380:93a1
2606:4700::6810:b8f8
2606:50c0:8002::153
34.107.142.212
76.76.21.142
033662c462069d64eb5d1ceda6d2c46ee672ae8f4a2f6323e54db3891cab5c28
051bce2808f95aac9a12bf9e294a02cfcac98bfda9811bf5f44de39eaab035cb
1b7fb7669887c2ad526ec72b28f9a4f1b2f3b311216a7b7a836aac3a4aeb041b
2d4193441f6415d4ca7cf1c66c568377b83576635f8ffb206a8248f183a8aa0e
36efc1cf5238eabf0206a3ab612b23680ba5cbdebf425b7f5998bd361d858760
8459c9a2b1a07fdfab02aa12bb47c8aa2c162bbe975d53b51811adcb848d92e6
a0bcbf3973eea20c82acc0dd766848963d8c68b10d5618b011baaa8a0dc07e01
a96178cc9c28ff24189ccddb0ebf3169fa44322bcbf25b90bc0906d7942d70e8