auth.gainsightcloud.com
Open in
urlscan Pro
52.7.22.248
Public Scan
Effective URL: https://auth.gainsightcloud.com/login
Submission: On February 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 22nd 2021. Valid for: a year.
This is the only time auth.gainsightcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:21d... 2600:9000:21d7:4800:3:faee:6580:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 34.200.175.74 34.200.175.74 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 2 | 52.7.22.248 52.7.22.248 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.216.100.179 52.216.100.179 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 3 |
ASN16509 (AMAZON-02, US)
gsnlink.crowdstrike.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-175-74.compute-1.amazonaws.com
crowdstrike.gainsightcloud.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-22-248.compute-1.amazonaws.com
auth.gainsightcloud.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gainsight-public.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
gainsightcloud.com
2 redirects
crowdstrike.gainsightcloud.com auth.gainsightcloud.com — Cisco Umbrella Rank: 450363 |
11 KB |
2 |
amazonaws.com
gainsight-public.s3.amazonaws.com — Cisco Umbrella Rank: 466422 |
12 KB |
2 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 9211 |
197 KB |
1 |
crowdstrike.com
1 redirects
gsnlink.crowdstrike.com |
326 B |
5 | 4 |
Domain | Requested by | |
---|---|---|
2 | gainsight-public.s3.amazonaws.com |
auth.gainsightcloud.com
|
2 | cdn.auth0.com |
auth.gainsightcloud.com
cdn.auth0.com |
2 | auth.gainsightcloud.com | 1 redirects |
1 | crowdstrike.gainsightcloud.com | 1 redirects |
1 | gsnlink.crowdstrike.com | 1 redirects |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gainsightcloud.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
*.auth0.com Amazon |
2021-04-25 - 2022-05-24 |
a year | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-12-13 - 2022-12-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.gainsightcloud.com/login
Frame ID: 743D99EAB07C43F3EB992F231BC9743A
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Gainsight - LoginPage URL History Show full URLs
-
https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQO...
HTTP 302
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1 HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%... HTTP 302
https://auth.gainsightcloud.com/login Page URL
Detected technologies
Auth0 Lock (Miscellaneous) ExpandDetected patterns
- /lock/([\d.]+)/lock(?:.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://gsnlink.crowdstrike.com/ls/click?upn=2uTR4a47-2BonOqYwDEBt2weUvmBEw0yhsCtX0wvXV5QcHuRZUorzx8mjj0yVQOv5MkkGPp89h-2F-2FRHYMOCgSjmON7JA30dhFhOp342upcgMy6KTMl-2F-2BiwDqkkIy16cZ7KUJn8LAIZW-2F6mZFSOgiHImAw-3D-3D-SLa_XvcXiq3iJUNSYvI0JD6de-2F3t9DZmDTTAOlJRsNvPEQpmaJQGtEIoyUJKNMtzAQPLsYDezue6yhtmf2V1TJ5XRGZDsVhyMTGEFgfwYYqvwvmE89DqZ1n0pGdUrJgyV9gvOC5POSIA-2BB4buB63cSbAEqWljcedNsdYNTVIBtNdiu1hwV1sX0Y8tNMhqknrYSFDGfq5jXKzxRq6Sw2Fk-2Br1LEmv0cO5ytNDZ3TmalcUnbDbxq3E54CeyE6eshhWg9zXyt0dk7ZzARYU6XG3Z-2Bejq-2F8FZ38GxXRRmhpY1YK5-2BUKbJEYXYm5lBXzVQwsrFuNTn-2Fj1Q83IjtGkcPpbPYkgJzEDusB-2F-2BJTcxchOENm6DjtfAjFd5YL370dgtqdURUD3pZSrYppSomb3ypDfRtK4GjB7smnDkyGJhn-2BFCJaGUyAw11RqEe4rd-2FArcG5NtUYC-2BoFz3y-2BYNLb9TFgHUV-2F2H87IWN351dJ3U8q3fKSD5Qk-3D
HTTP 302
https://crowdstrike.gainsightcloud.com/v1/ui/emailasset?x-gs-host=SALESFORCE&nxtInstance=v1 HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=80710521-9ced-468e-9d89-b4363df783c1&originURL=https%3A%2F%2Fcrowdstrike.gainsightcloud.com%2Fv1%2Fui%2Femailasset%3Fx-gs-host%3DSALESFORCE%26nxtInstance%3Dv1&x-gs-environment=prod HTTP 302
https://auth.gainsightcloud.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
auth.gainsightcloud.com/ Redirect Chain
|
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
cdn.auth0.com/js/lock/11.1.3/ |
708 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_bg.svg
gainsight-public.s3.amazonaws.com/native/v1/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gs_logo.png
gainsight-public.s3.amazonaws.com/native/v1/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GDllzelowoQI9tzvEBkPyAfEL3qcwmhg.js
cdn.auth0.com/client/ |
585 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| Auth0 function| Auth0Lock function| closeNotification3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.gainsightcloud.com/ | Name: JSESSIONID Value: 312557C85FE9D0231F8A0411D265EE6F |
|
auth.gainsightcloud.com/ | Name: AWSELB Value: 950B09910EFA24152FB76746C5F2D7AA8266E337A79523C68C618E8B7D080786BA4CC6EE50E9D2BACA673C9A0252E86516A7806FCF1178F7A46906B09256BE26F600000922 |
|
auth.gainsightcloud.com/ | Name: AWSELBCORS Value: 950B09910EFA24152FB76746C5F2D7AA8266E337A79523C68C618E8B7D080786BA4CC6EE50E9D2BACA673C9A0252E86516A7806FCF1178F7A46906B09256BE26F600000922 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.gainsightcloud.com
cdn.auth0.com
crowdstrike.gainsightcloud.com
gainsight-public.s3.amazonaws.com
gsnlink.crowdstrike.com
143.204.103.120
2600:9000:21d7:4800:3:faee:6580:93a1
34.200.175.74
52.216.100.179
52.7.22.248
09f9777fb50ce2142e3b0cf418fce528216f2bbc2a6c343bfa17af4caf5fab89
364fc9a6bde92402581fa82355365cdc4ac3094c6ebb2d6e19ca07ca3ea2c87e
428823bf5a7a730e64f1466ff882242b32c01d2e7af3027ec6aa3f1c17748bad
e9184b53cd10fefb02b4ac81995e45cb882c4cf871432509547ea9698eaa2c74
ef96abff052a7e296daf819bc4735e2e193515a6a81cb48380daac00ba2414f5