auth.gainsightcloud.com
Open in
urlscan Pro
52.20.159.36
Public Scan
Effective URL: https://auth.gainsightcloud.com/login
Submission: On February 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 22nd 2021. Valid for: a year.
This is the only time auth.gainsightcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:215... 2600:9000:2156:5a00:3:faee:6580:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 44.195.216.27 44.195.216.27 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 2 | 52.20.159.36 52.20.159.36 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.216.102.83 52.216.102.83 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 3 |
ASN16509 (AMAZON-02, US)
gsnlink.crowdstrike.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-216-27.compute-1.amazonaws.com
crowdstrike.gainsightcloud.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-159-36.compute-1.amazonaws.com
auth.gainsightcloud.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gainsight-public.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
gainsightcloud.com
2 redirects
crowdstrike.gainsightcloud.com auth.gainsightcloud.com — Cisco Umbrella Rank: 450363 |
11 KB |
2 |
amazonaws.com
gainsight-public.s3.amazonaws.com — Cisco Umbrella Rank: 466422 |
12 KB |
2 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 9211 |
197 KB |
1 |
crowdstrike.com
1 redirects
gsnlink.crowdstrike.com |
327 B |
5 | 4 |
Domain | Requested by | |
---|---|---|
2 | gainsight-public.s3.amazonaws.com |
auth.gainsightcloud.com
|
2 | cdn.auth0.com |
auth.gainsightcloud.com
cdn.auth0.com |
2 | auth.gainsightcloud.com | 1 redirects |
1 | crowdstrike.gainsightcloud.com | 1 redirects |
1 | gsnlink.crowdstrike.com | 1 redirects |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gainsightcloud.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
*.auth0.com Amazon |
2021-04-25 - 2022-05-24 |
a year | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-12-13 - 2022-12-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.gainsightcloud.com/login
Frame ID: 65923C4F57F2929CC15C4ED81A5CB505
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Gainsight - LoginPage URL History Show full URLs
-
https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQO...
HTTP 302
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1 HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%... HTTP 302
https://auth.gainsightcloud.com/login Page URL
Detected technologies
Auth0 Lock (Miscellaneous) ExpandDetected patterns
- /lock/([\d.]+)/lock(?:.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQOv5MkkGPp89h-2F-2FRHYMOCgSjmON7JA30dhFhOp342upcgMy6KTMl-2F-2BiwDqkkIy16cZ7KUJn8LAIZW-2F6mZFSOgiHImAw-3D-3D-SLa_XvcXiq3iJUNSYvI0JD6de-2F3t9DZmDTTAOlJRsNvPEQpmaJQGtEIoyUJKNMtzAQPLsYDezue6yhtmf2V1TJ5XRGZDsVhyMTGEFgfwYYqvwvmE89DqZ1n0pGdUrJgyV9gvOC5POSIA-2BB4buB63cSbAEqWljcedNsdYNTVIBtNdiu1hwV1sX0Y8tNMhqknrYSFDGfq5jXKzxRq6Sw2Fk-2Br1LEmv0cO5ytNDZ3TmalcUnbDbxq3E54CeyE6eshhWg9zXyt0dk7ZzARYU6XG3Z-2Bejq-2F8FZ38GxXRRmhpY1YK5-2BUKbJEYXYm5lBXzVQwsrFuNTn-2Fj1Q83IjtGkcPpbPYkgJzEDusB-2F-2BJTcxchOENm6DjtfAjFd5YL370dgtqdURUD3pZSrYppSomb3ypDfRtK4GjB7smnDkyGJhn-2BFCJaGUyAw11RqEe4rd-2FArcG5NtUYC-2BoFz3y-2BYNLb9TFgHUV-2F2H87IWN351dJ3U8q3fKSD5Qk-3D
HTTP 302
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1 HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%3A%2F%2Fcrowdstrike.gainsightcloud.com%2Fv1%2Fui%2Femailasset%3Fx-gs-host%3DSALESFORCE%26nxtInstance%3Dv1&x-gs-environment=prod HTTP 302
https://auth.gainsightcloud.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
auth.gainsightcloud.com/ Redirect Chain
|
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
cdn.auth0.com/js/lock/11.1.3/ |
708 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_bg.svg
gainsight-public.s3.amazonaws.com/native/v1/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gs_logo.png
gainsight-public.s3.amazonaws.com/native/v1/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GDllzelowoQI9tzvEBkPyAfEL3qcwmhg.js
cdn.auth0.com/client/ |
585 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| Auth0 function| Auth0Lock function| closeNotification3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.gainsightcloud.com/ | Name: JSESSIONID Value: 098751745160DDC67F6CE289C8EA2E94 |
|
auth.gainsightcloud.com/ | Name: AWSELB Value: 950B09910EFA24152FB76746C5F2D7AA8266E337A7B4BEE89B87191B912E3CA106766D95B059D734857B63656EC3577282224802829CB5012D88D855C7F7E9264E32BF589B |
|
auth.gainsightcloud.com/ | Name: AWSELBCORS Value: 950B09910EFA24152FB76746C5F2D7AA8266E337A7B4BEE89B87191B912E3CA106766D95B059D734857B63656EC3577282224802829CB5012D88D855C7F7E9264E32BF589B |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.gainsightcloud.com
cdn.auth0.com
crowdstrike.gainsightcloud.com
gainsight-public.s3.amazonaws.com
gsnlink.crowdstrike.com
143.204.103.120
2600:9000:2156:5a00:3:faee:6580:93a1
44.195.216.27
52.20.159.36
52.216.102.83
09f9777fb50ce2142e3b0cf418fce528216f2bbc2a6c343bfa17af4caf5fab89
1dcb609d23b5ffaea786ffd47380f4396629a974a99ca1f49211844173351d5c
364fc9a6bde92402581fa82355365cdc4ac3094c6ebb2d6e19ca07ca3ea2c87e
e9184b53cd10fefb02b4ac81995e45cb882c4cf871432509547ea9698eaa2c74
ef96abff052a7e296daf819bc4735e2e193515a6a81cb48380daac00ba2414f5