auth.gainsightcloud.com

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 52.7.22.248, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is auth.gainsightcloud.com. The Cisco Umbrella rank of the primary domain is 450363.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 22nd 2021. Valid for: a year.

This is the only time auth.gainsightcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:21d... 2600:9000:21d7:4800:3:faee:6580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.200.175.74 34.200.175.74	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.7.22.248 52.7.22.248	14618 (AMAZON-AES) (AMAZON-AES)
2	143.204.103.120 143.204.103.120	16509 (AMAZON-02) (AMAZON-02)
2	52.216.100.179 52.216.100.179	16509 (AMAZON-02) (AMAZON-02)
5	3

1 2600:9000:21d7:4800:3:faee:6580:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

gsnlink.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.175.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-175-74.compute-1.amazonaws.com

crowdstrike.gainsightcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.22.248 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-22-248.compute-1.amazonaws.com

auth.gainsightcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.103.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.100.179 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

gainsight-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gainsightcloud.com 2 redirects crowdstrike.gainsightcloud.com auth.gainsightcloud.com — Cisco Umbrella Rank: 450363	11 KB
2	amazonaws.com gainsight-public.s3.amazonaws.com — Cisco Umbrella Rank: 466422	12 KB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 9211	197 KB
1	crowdstrike.com 1 redirects gsnlink.crowdstrike.com	326 B
5	4

	Domain	Requested by
2	gainsight-public.s3.amazonaws.com	auth.gainsightcloud.com
2	cdn.auth0.com	auth.gainsightcloud.com cdn.auth0.com
2	auth.gainsightcloud.com	1 redirects
1	crowdstrike.gainsightcloud.com	1 redirects
1	gsnlink.crowdstrike.com	1 redirects
5	5

This site contains no links.

Subject Issuer	Validity	Valid
*.gainsightcloud.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh
*.auth0.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.gainsightcloud.com/login
Frame ID: 743D99EAB07C43F3EB992F231BC9743A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gainsight - Login

Page URL History Show full URLs

https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQO... HTTP 302
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1 HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%... HTTP 302
https://auth.gainsightcloud.com/login Page URL

Detected technologies

Auth0 Lock (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/lock/([\d.]+)/lock(?:.min)?\.js

Page Statistics

5
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

220 kB
Transfer

730 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQOv5MkkGPp89h-2F-2FRHYMOCgSjmON7JA30dhFhOp342upcgMy6KTMl-2F-2BiwDqkkIy16cZ7KUJn8LAIZW-2F6mZFSOgiHImAw-3D-3D-SLa_XvcXiq3iJUNSYvI0JD6de-2F3t9DZmDTTAOlJRsNvPEQpmaJQGtEIoyUJKNMtzAQPLsYDezue6yhtmf2V1TJ5XRGZDsVhyMTGEFgfwYYqvwvmE89DqZ1n0pGdUrJgyV9gvOC5POSIA-2BB4buB63cSbAEqWljcedNsdYNTVIBtNdiu1hwV1sX0Y8tNMhqknrYSFDGfq5jXKzxRq6Sw2Fk-2Br1LEmv0cO5ytNDZ3TmalcUnbDbxq3E54CeyE6eshhWg9zXyt0dk7ZzARYU6XG3Z-2Bejq-2F8FZ38GxXRRmhpY1YK5-2BUKbJEYXYm5lBXzVQwsrFuNTn-2Fj1Q83IjtGkcPpbPYkgJzEDusB-2F-2BJTcxchOENm6DjtfAjFd5YL370dgtqdURUD3pZSrYppSomb3ypDfRtK4GjB7smnDkyGJhn-2BFCJaGUyAw11RqEe4rd-2FArcG5NtUYC-2BoFz3y-2BYNLb9TFgHUV-2F2H87IWN351dJ3U8q3fKSD5Qk-3D HTTP 302
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1 HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%3A%2F%2Fcrowdstrike.gainsightcloud.com%2Fv1%2Fui%2Femailasset%3Fx-gs-host%3DSALESFORCE%26nxtInstance%3Dv1&x-gs-environment=prod HTTP 302
https://auth.gainsightcloud.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request login Show response
auth.gainsightcloud.com/
Redirect Chain

https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQOv5MkkGPp89h-2F-2FRHYMOCgSjmON7JA30dhFhOp342upcgMy6KTMl-2F-2BiwDqkkIy16cZ7KUJn8LAIZW-2F6mZ...
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%3A%2F%2Fcrowdstrike.gainsightcloud.com%2Fv1%2Fui%2Femailasset%3Fx-gs-host%3DSALESFORCE%26...
https://auth.gainsightcloud.com/login

10 KB
10 KB

102ms
102ms

Document
text/html

52.7.22.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.gainsightcloud.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.22.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-22-248.compute-1.amazonaws.com
Software: /
Resource Hash: 428823bf5a7a730e64f1466ff882242b32c01d2e7af3027ec6aa3f1c17748bad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Mon, 21 Feb 2022 09:50:46 GMT
Content-Length: 9932
Connection: keep-alive

Redirect headers

Cache-control: no-cache="set-cookie"
Content-Language: de-DE
Date: Mon, 21 Feb 2022 09:50:46 GMT
Location: https://auth.gainsightcloud.com/login
Content-Length: 0
Connection: keep-alive

GET
H2 200 lock.min.js Show response
cdn.auth0.com/js/lock/11.1.3/ 708 KB
196 KB 117ms
19ms Script
application/javascript 143.204.103.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/lock/11.1.3/lock.min.js
Requested by: Host: auth.gainsightcloud.com
URL: https://auth.gainsightcloud.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-120.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef96abff052a7e296daf819bc4735e2e193515a6a81cb48380daac00ba2414f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.gainsightcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Hn.f6XtqBW_RC.p.kqirRTqtKg4c2Prk
content-encoding: gzip
last-modified: Mon, 29 Jan 2018 21:50:39 GMT
server: AmazonS3
age: 46093
etag: W/"d2e1b903acb1edf0c3d4dd5f84bd81c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: max-age=2628000,public
date: Sun, 20 Feb 2022 21:02:35 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 70cMztptJvzMs_6KWBEujfflh-DF8r2vDYCACf9TkSwx3Ppueze1Qg==

GET
H/1.1 200
OK login_bg.svg
gainsight-public.s3.amazonaws.com/native/v1/img/ 2 KB
2 KB 423ms
122ms Image
image/svg+xml 52.216.100.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gainsight-public.s3.amazonaws.com/native/v1/img/login_bg.svg
Requested by: Host: auth.gainsightcloud.com
URL: https://auth.gainsightcloud.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.100.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09f9777fb50ce2142e3b0cf418fce528216f2bbc2a6c343bfa17af4caf5fab89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.gainsightcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 09:50:48 GMT
Last-Modified: Thu, 29 Jul 2021 13:00:13 GMT
Server: AmazonS3
x-amz-request-id: FKER6X5EJ6SEM5DN
ETag: "de4af60d356e623d62dae1e79ac2b0bb"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2045
x-amz-id-2: Km4wFuyl2HsLMkkPwEOGOi2F8+YzMd2eHJ6bUv3Kg1b2QeugnegzTE5SqCELmw1CKdU4BL8BfDA=

GET
H/1.1 200
OK gs_logo.png
gainsight-public.s3.amazonaws.com/native/v1/img/ 10 KB
10 KB 323ms
113ms Image
image/png 52.216.100.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gainsight-public.s3.amazonaws.com/native/v1/img/gs_logo.png
Requested by: Host: auth.gainsightcloud.com
URL: https://auth.gainsightcloud.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.100.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 364fc9a6bde92402581fa82355365cdc4ac3094c6ebb2d6e19ca07ca3ea2c87e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.gainsightcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 09:50:48 GMT
Last-Modified: Tue, 26 Jun 2018 10:06:36 GMT
Server: AmazonS3
x-amz-request-id: FKEHHA5JEDFH2GSR
ETag: "5b870c7edd04a5d9c7a7acfab8910eee"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9925
x-amz-id-2: 1+rDndLWs2vQPPnZmY0yJ2iHNRp7ijkXM1AN/JYvYK+TYvdStY2SrYT8ItsIUG6nFhtQoSZWPrA=
x-amz-meta-s3b-last-modified: 20180626T100611Z

GET
H2 200 GDllzelowoQI9tzvEBkPyAfEL3qcwmhg.js Show response
cdn.auth0.com/client/ 585 B
1 KB 23ms
23ms Script
application/x-javascript 143.204.103.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/client/GDllzelowoQI9tzvEBkPyAfEL3qcwmhg.js?t1645437047289

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.1.3/lock.min.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

143.204.103.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-103-120.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

e9184b53cd10fefb02b4ac81995e45cb882c4cf871432509547ea9698eaa2c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.gainsightcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 09:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-auth0-requestid: cb9976e9913d7108391c
age: 48
x-cache: Hit from cloudfront
ot-baggage-auth0-request-id: 6e0f115a198890c4
strict-transport-security: max-age=31536000
server: cloudflare
ot-tracer-sampled: true
etag: W/"249-KsyDkVfgCPHc+iZ4aqLF8xJHjGg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
ot-tracer-traceid: 1a9d75e97edf5fb3
cache-control: public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
x-amz-cf-pop: FRA50-C1
cf-ray: 6e0f115a198890c4-FRA
x-amz-cf-id: 1efi8tPhhWUjqUJuc_9mRNDa43nxPoU2I5tkBUoiGTgsJsXLsYVcuw==
ot-tracer-spanid: 35d5575c22afb52c

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| Auth0 function| Auth0Lock function| closeNotification

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.gainsightcloud.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 312557C85FE9D0231F8A0411D265EE6F
auth.gainsightcloud.com/	1969-12-31 23:59:59	Name: AWSELB Value: 950B09910EFA24152FB76746C5F2D7AA8266E337A79523C68C618E8B7D080786BA4CC6EE50E9D2BACA673C9A0252E86516A7806FCF1178F7A46906B09256BE26F600000922
auth.gainsightcloud.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 950B09910EFA24152FB76746C5F2D7AA8266E337A79523C68C618E8B7D080786BA4CC6EE50E9D2BACA673C9A0252E86516A7806FCF1178F7A46906B09256BE26F600000922

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.gainsightcloud.com
cdn.auth0.com
crowdstrike.gainsightcloud.com
gainsight-public.s3.amazonaws.com
gsnlink.crowdstrike.com
143.204.103.120
2600:9000:21d7:4800:3:faee:6580:93a1
34.200.175.74
52.216.100.179
52.7.22.248
09f9777fb50ce2142e3b0cf418fce528216f2bbc2a6c343bfa17af4caf5fab89
364fc9a6bde92402581fa82355365cdc4ac3094c6ebb2d6e19ca07ca3ea2c87e
428823bf5a7a730e64f1466ff882242b32c01d2e7af3027ec6aa3f1c17748bad
e9184b53cd10fefb02b4ac81995e45cb882c4cf871432509547ea9698eaa2c74
ef96abff052a7e296daf819bc4735e2e193515a6a81cb48380daac00ba2414f5

auth.gainsightcloud.com Open in urlscan Pro 52.7.22.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

3 IPs

1 Countries

220 kBTransfer

730 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

Indicators

auth.gainsightcloud.com Open in urlscan Pro
52.7.22.248 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

220 kB
Transfer

730 kB
Size

3
Cookies

5 HTTP transactions
0 data transactions