gcglobal.myfreshworks.com
Open in
urlscan Pro
54.208.85.233
Public Scan
Effective URL: https://gcglobal.myfreshworks.com/login?client_id=88601166472310534&redirect_uri=https%3A%2F%2F3gcgroup.freshservice.com%2Ffreshid...
Submission Tags: phishingrod
Submission: On March 10 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on January 8th 2024. Valid for: a year.
This is the only time gcglobal.myfreshworks.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 5 | 52.200.32.58 52.200.32.58 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 3 | 54.208.85.233 54.208.85.233 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 18.211.218.79 18.211.218.79 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 99.86.4.61 99.86.4.61 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2003 | () () | |
1 | 143.204.215.36 143.204.215.36 | () () | |
8 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-32-58.compute-1.amazonaws.com
datasupport.pandoblox.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-85-233.compute-1.amazonaws.com
gcglobal.myfreshworks.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-218-79.compute-1.amazonaws.com
3gcgroup.freshservice.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-61.fra6.r.cloudfront.net
dash.freshworks.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
pandoblox.com
5 redirects
datasupport.pandoblox.com |
5 KB |
3 |
freshworks.com
dash.freshworks.com — Cisco Umbrella Rank: 62150 fe-perf-assets.freshworks.com |
420 KB |
3 |
myfreshworks.com
1 redirects
gcglobal.myfreshworks.com |
6 KB |
1 |
gstatic.com
www.gstatic.com |
197 KB |
1 |
recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1274 |
1 KB |
1 |
freshservice.com
1 redirects
3gcgroup.freshservice.com |
824 B |
0 |
polyfill.io
Failed
polyfill.io Failed |
|
8 | 7 |
Domain | Requested by | |
---|---|---|
5 | datasupport.pandoblox.com | 5 redirects |
3 | gcglobal.myfreshworks.com |
1 redirects
dash.freshworks.com
|
2 | dash.freshworks.com |
gcglobal.myfreshworks.com
|
1 | fe-perf-assets.freshworks.com |
gcglobal.myfreshworks.com
|
1 | www.gstatic.com |
www.recaptcha.net
|
1 | www.recaptcha.net |
gcglobal.myfreshworks.com
|
1 | 3gcgroup.freshservice.com | 1 redirects |
0 | polyfill.io Failed |
gcglobal.myfreshworks.com
|
8 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myfreshworks.com Amazon RSA 2048 M02 |
2024-01-08 - 2025-02-04 |
a year | crt.sh |
misc.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.freshworks.com Amazon RSA 2048 M02 |
2023-11-21 - 2024-12-19 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gcglobal.myfreshworks.com/login?client_id=88601166472310534&redirect_uri=https%3A%2F%2F3gcgroup.freshservice.com%2Ffreshid%2Fauthorize_callback%3Fhd%3Ddatasupport.pandoblox.com&account_id=504829338169052904
Frame ID: 81AC1BB5E2C8F8EE54F0F4B9E0B8FE26
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://datasupport.pandoblox.com/
HTTP 302
https://datasupport.pandoblox.com/support/home HTTP 302
https://datasupport.pandoblox.com/support/login HTTP 302
https://gcglobal.myfreshworks.com/oauth/authorize?client_id=88601166472310534&redirect_uri=https%3A%2F%2F3gcgr... HTTP 302
https://3gcgroup.freshservice.com/freshid/authorize_callback?fl=5&hd=datasupport.pandoblox.com&error=Unauthori... HTTP 302
https://datasupport.pandoblox.com/freshid/authorize_callback?fl=5&hd=datasupport.pandoblox.com&error=Unauthori... HTTP 302
https://datasupport.pandoblox.com/support/login?fl=1 HTTP 302
https://gcglobal.myfreshworks.com/login?client_id=88601166472310534&redirect_uri=https%3A%2F%2F3gcgroup.freshs... Page URL
Detected technologies
reCAPTCHA (Captchas) ExpandDetected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://datasupport.pandoblox.com/
HTTP 302
https://datasupport.pandoblox.com/support/home HTTP 302
https://datasupport.pandoblox.com/support/login HTTP 302
https://gcglobal.myfreshworks.com/oauth/authorize?client_id=88601166472310534&redirect_uri=https%3A%2F%2F3gcgroup.freshservice.com%2Ffreshid%2Fauthorize_callback%3Ffl%3D5%26hd%3Ddatasupport.pandoblox.com&response_type=code&prompt=consent&hd=3gcgroup.freshservice.com&account_id=504829338169052904 HTTP 302
https://3gcgroup.freshservice.com/freshid/authorize_callback?fl=5&hd=datasupport.pandoblox.com&error=Unauthorized&error_description=Unauthorized HTTP 302
https://datasupport.pandoblox.com/freshid/authorize_callback?fl=5&hd=datasupport.pandoblox.com&error=Unauthorized&error_description=Unauthorized HTTP 302
https://datasupport.pandoblox.com/support/login?fl=1 HTTP 302
https://gcglobal.myfreshworks.com/login?client_id=88601166472310534&redirect_uri=https%3A%2F%2F3gcgroup.freshservice.com%2Ffreshid%2Fauthorize_callback%3Fhd%3Ddatasupport.pandoblox.com&account_id=504829338169052904 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
gcglobal.myfreshworks.com/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
polyfill.min.js
polyfill.io/v3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.recaptcha.net/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.72377ec2.js
dash.freshworks.com/us/static/js/ |
1 MB 346 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.2342a4dd.css
dash.freshworks.com/us/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ |
494 KB 197 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics-2.0.0-beta.15.js
fe-perf-assets.freshworks.com/v2/ |
72 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appInitPayload
gcglobal.myfreshworks.com/api/v2/organisations/-/ |
284 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- polyfill.io
- URL
- https://polyfill.io/v3/polyfill.min.js?flags=gated&features=Object.values%2CObject.assign%2Cfetch%2CURL%2CCustomEvent
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gcglobal.myfreshworks.com/ | Name: XSRF-TOKEN Value: c1a858e0-db14-4010-bb30-62b190d430ee.T8ZUbtWV7u+AIXkIZ64uzHyn4XP9LiDcaV++kVStK5Y= |
|
datasupport.pandoblox.com/ | Name: _x_m Value: x_n |
|
datasupport.pandoblox.com/ | Name: _x_d Value: x_3 |
|
datasupport.pandoblox.com/ | Name: _itildesk_session Value: SjR6OXBYNjBZN0pucjJpN1ZxNUlFWG5iUUlCY3lyZlgvOHYxWHdjQ3RSNmlTSFFnclowYWFTdTZVMWJ6b3RLZWtFWUFWTUozQ1RyOEY2djBNcTV6T2Y3NDFIU1RaMU4xaGNzWmN0dFNHL3dFUVZKS2NWTERGWUVvaTZNYWo3QmstLVkySXRPQkNYeE9JNllpTUFDUGgybnc9PQ%3D%3D--19b82281655d3f6fd8785e2bd84eb68eb810053a |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob: https: 'unsafe-eval' 'unsafe-inline' |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3gcgroup.freshservice.com
dash.freshworks.com
datasupport.pandoblox.com
fe-perf-assets.freshworks.com
gcglobal.myfreshworks.com
polyfill.io
www.gstatic.com
www.recaptcha.net
polyfill.io
143.204.215.36
18.211.218.79
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2003
52.200.32.58
54.208.85.233
99.86.4.61
0c966a39b546374b375093b0661f1008d33d691f4d266be47a6b7a137aced279
114e8ef4b3a0451ce9833a76e4cd83ad1915885b46d577a83b005a0329977bf3
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
861e4a131e892de342b354fce749e4e770c83c246ef74047721b5854394cf7e8
a3de3c6544c6040346f4236d4c6585755d080ef1d1eb4b3b6f70df73aad501ab
b27ebfe1ef121e8e503fe3d63b04ccbddb84c875069e2dd8bbb508d201101e87
d04686d536cdbf33ba607c0099b7dee48c938ae410403f5bcc054ac457eead86