www.synergy-offshore.com Open in urlscan Pro
186.202.153.142 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.synergy-offshore.com/
Submission: On April 19 via manual (April 19th 2017, 8:09:43 pm UTC) from US

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 8 domains to perform 82 HTTP transactions. The main IP is 186.202.153.142, located in Brazil and belongs to Locaweb ServiÃ§os de Internet S/A, BR. The main domain is www.synergy-offshore.com.

This is the only time www.synergy-offshore.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
53	186.202.153.142 186.202.153.142	27715 (Locaweb S...) (Locaweb ServiÃ§os de Internet S/A)
1	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	104.20.208.21 104.20.208.21	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
5	2a00:1450:400... 2a00:1450:400e:802::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	206.54.163.67 206.54.163.67	35415 (WEBZILLA) (WEBZILLA)
1	35.156.6.213 35.156.6.213	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.216.16.184 52.216.16.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.156.124.244 35.156.124.244	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	2a02:26f0:78:... 2a02:26f0:78::174a:18ab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:78:... 2a02:26f0:78::174a:189b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
82	11

53 186.202.153.142 (Brazil)

ASN27715 (Locaweb ServiÃ§os de Internet S/A, BR)
PTR: hm8202.locaweb.com.br

www.synergy-offshore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.208.21 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

pastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:802::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.54.163.67 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

go.padsdel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.6.213 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-6-213.eu-central-1.compute.amazonaws.com

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.16.184 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

load.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.124.244 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-124-244.eu-central-1.compute.amazonaws.com

mt.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:78::174a:18ab (European Union)

ASN20940 (AKAMAI-ASN1, US)

telekom.info-promotionen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:78::174a:189b (European Union)

ASN20940 (AKAMAI-ASN1, US)

telekom.info-promotionen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	synergy-offshore.com www.synergy-offshore.com	2 MB
14	info-promotionen.com telekom.info-promotionen.com Failed	72 KB
5	gstatic.com fonts.gstatic.com	86 KB
2	rtmark.net my.rtmark.net mt.rtmark.net
2	padsdel.com go.padsdel.com Failed	4 KB
1	amazonaws.com load.s3.amazonaws.com
1	pastebin.com pastebin.com	34 KB
1	googleapis.com fonts.googleapis.com	2 KB
82	8

	Domain	Requested by
53	www.synergy-offshore.com	www.synergy-offshore.com pastebin.com
14	telekom.info-promotionen.com	telekom.info-promotionen.com
5	fonts.gstatic.com	www.synergy-offshore.com pastebin.com
2	go.padsdel.com	pastebin.com
1	mt.rtmark.net	go.padsdel.com
1	load.s3.amazonaws.com
1	my.rtmark.net	go.padsdel.com
1	pastebin.com	www.synergy-offshore.com
1	fonts.googleapis.com	www.synergy-offshore.com
82	9

This site contains links to these domains. Also see Links.

Domain
a.trackredi.com

Subject Issuer	Validity	Valid
ssl509085.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2016-12-18` - `2017-12-16`	a year	crt.sh
go.padsdel.com RapidSSL SHA256 CA	`2016-05-10` - `2017-06-09`	a year	crt.sh
my.rtmark.net RapidSSL SHA256 CA - G2	`2017-03-06` - `2018-04-05`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2016-07-29` - `2017-11-29`	a year	crt.sh
mt.rtmark.net RapidSSL SHA256 CA - G2	`2017-01-29` - `2018-01-29`	a year	crt.sh

This page contains 3 frames:

Frame: https://go.padsdel.com/afu.php?id=473791
Frame ID: 12771.1
Requests: 62 HTTP requests in this frame

Frame: http://telekom.info-promotionen.com/de/samsung/galaxy-s7/telekom/index.html?ip=148.251.45.170&voluumdata=BASE64dmlkLi4wMDAwMDAwNi01ZjE3LTRmZjQtODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLmM0ZThhMDAwLTI1M2EtMTFlNy04OGUxLWQwMzQ2Mzg1MGNlY19fY2FpZC4uNzU3NDI0ZWUtOGViOC00MTJjLWE3ZDItNTE0ZDQ4NTNjZGY2X19ydC4uREpfX2xpZC4uYzc5MzgxOGMtZTZmMS00MDAyLWExNmUtYWIyMDUzNzk0NDRlX19vaWQxLi41ODE0MjQzMy1hYzQ2LTRmYzYtODkxYi05ZmFkOTM2Y2EwYzZfX3ZhcjEuLjQ3Mzc5MV9fdmFyMi4uNjk2NjYwX192YXIzLi4zMDA4OTU2OTY0NTNfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLl9fY3JpLi5fX3B1Yi4uX19kaWQuLl9fZGl0Li5fX3BpZC4uX19pdC4uX192dC4uMTQ5MjYzMjU3Mzc1Mw&zoneid=473791&campaignid=696660&visitor_id=300895696453&visitor_id=300895696453
Frame ID: 12828.1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

82
Requests

7 %
HTTPS

40 %
IPv6

8
Domains

9
Subdomains

11
IPs

6
Countries

2645 kB
Transfer

2814 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://a.trackredi.com/click
Title: Anspruch(0€)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 63

https://loadr.exelator.com/load/?p=104&g=891&j=0&u=06235f542bb00b51c57f81803388c1cf
https://load.s3.amazonaws.com/pixel.gif

Request 65

http://a.trackredi.com/757424ee-8eb8-412c-a7d2-514d4853cdf6?zoneid=473791&campaignid=696660&visitor_id=300895696453&visitor_id=300895696453
http://telekom.info-promotionen.com/de/samsung/galaxy-s7/telekom/index.html?ip=148.251.45.170&voluumdata=BASE64dmlkLi4wMDAwMDAwNi01ZjE3LTRmZjQtODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLmM0ZThhMDAwLTI1M2EtMT...

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.synergy-offshore.com/ 35 KB
35 KB 2096ms
1269ms Document
text/html 186.202.153.142
Locaweb ServiÃ§os...

General

www.synergy-offshore.com Open in urlscan Pro 186.202.153.142 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

82 Requests

7 %HTTPS

40 %IPv6

8 Domains

9 Subdomains

11 IPs

6 Countries

2645 kBTransfer

2814 kBSize

0 Cookies

1 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.synergy-offshore.com Open in urlscan Pro
186.202.153.142 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

7 %
HTTPS

40 %
IPv6

8
Domains

9
Subdomains

11
IPs

6
Countries

2645 kB
Transfer

2814 kB
Size

0
Cookies

82 HTTP transactions
0 data transactions