auth.gainsightcloud.com
Open in
urlscan Pro
34.200.178.167
Public Scan
Effective URL: https://auth.gainsightcloud.com/loginerror
Submission: On January 05 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 22nd 2021. Valid for: a year.
This is the only time auth.gainsightcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 23.23.169.158 23.23.169.158 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 4 | 34.200.178.167 34.200.178.167 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-169-158.compute-1.amazonaws.com
feedback.workiva.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-178-167.compute-1.amazonaws.com
auth.gainsightcloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
gainsightcloud.com
2 redirects
auth.gainsightcloud.com |
8 KB |
2 |
workiva.com
2 redirects
feedback.workiva.com |
241 B |
2 | 2 |
Domain | Requested by | |
---|---|---|
4 | auth.gainsightcloud.com |
2 redirects
auth.gainsightcloud.com
|
2 | feedback.workiva.com | 2 redirects |
2 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gainsightcloud.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.gainsightcloud.com/loginerror
Frame ID: C9FD8021C5D58FCD53B6E0AA9FE06F49
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Gainsight - Login ErrorPage URL History Show full URLs
-
https://feedback.workiva.com/
HTTP 302
https://feedback.workiva.com/v1/ui/home HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=d6ffb6c7-deac-4664-b4cf-18481669a1c0&originURL=https%... HTTP 302
https://auth.gainsightcloud.com/loginerror/1-10-180047 HTTP 302
https://auth.gainsightcloud.com/loginerror Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://feedback.workiva.com/
HTTP 302
https://feedback.workiva.com/v1/ui/home HTTP 302
https://auth.gainsightcloud.com/initiateLogin?tenantId=d6ffb6c7-deac-4664-b4cf-18481669a1c0&originURL=https%3A%2F%2Ffeedback.workiva.com%2Fv1%2Fui%2Fhome&x-gs-environment=prod HTTP 302
https://auth.gainsightcloud.com/loginerror/1-10-180047 HTTP 302
https://auth.gainsightcloud.com/loginerror Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
loginerror
auth.gainsightcloud.com/ Redirect Chain
|
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_error.svg
auth.gainsightcloud.com/images/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| goToLogin3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.gainsightcloud.com/ | Name: JSESSIONID Value: B52020A8BB87F262E411A361313BA031 |
|
auth.gainsightcloud.com/ | Name: AWSALB Value: 89d2E1rbGtw3O5C1LmXZPEgi13p/Xu8BfRT95YzlyhPLg/M1rmQ6O7ui7wKUcLSMAJRVffMBTZX5BXmUWKrF6BY1tPPJJr6hMY9r4oBW/u7li3lZK0j9nLoDGrkG |
|
auth.gainsightcloud.com/ | Name: AWSALBCORS Value: 89d2E1rbGtw3O5C1LmXZPEgi13p/Xu8BfRT95YzlyhPLg/M1rmQ6O7ui7wKUcLSMAJRVffMBTZX5BXmUWKrF6BY1tPPJJr6hMY9r4oBW/u7li3lZK0j9nLoDGrkG |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.gainsightcloud.com
feedback.workiva.com
23.23.169.158
34.200.178.167
a771eeab129ebc5b3d49e32d9f76c32309be89451af62d91bc2ba2b93540f5e1
fe60e6cd8e130b59e54ae15b313889cd8253acb6d9c770a9a47edb0e5d9e8faa