synergyscience.org
Open in
urlscan Pro
2606:4700:3032::ac43:ac90
Malicious Activity!
Public Scan
Effective URL: https://synergyscience.org/danac/home/?sslchannel=true&sessionid=tDnvwIVXuSJ4uG8zySmFzbfLgN3jVXiJxaPFapBTiCbluKSRz19acAwukz...
Submission: On October 06 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2020. Valid for: a year.
This is the only time synergyscience.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2606:4700:303... 2606:4700:3032::ac43:ac90 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:203... 2600:9000:203c:f400:1e:c291:240:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 2 |
ASN16509 (AMAZON-02, US)
s1.rui.au.reastatic.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
synergyscience.org
synergyscience.org |
179 KB |
1 |
reastatic.net
s1.rui.au.reastatic.net |
15 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
7 | synergyscience.org |
synergyscience.org
|
1 | s1.rui.au.reastatic.net |
synergyscience.org
|
8 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-05-22 - 2021-05-22 |
a year | crt.sh |
s1.rui.au.reastatic.net Amazon |
2020-08-19 - 2021-09-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://synergyscience.org/danac/home/?sslchannel=true&sessionid=tDnvwIVXuSJ4uG8zySmFzbfLgN3jVXiJxaPFapBTiCbluKSRz19acAwukzF40rMKhIl6ltJERMag9Dhw
Frame ID: 59ED5A437B8BF75D536FE75DFB0852E2
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://synergyscience.org/danac/ Page URL
- https://synergyscience.org/danac/home/?sslchannel=true&sessionid=tDnvwIVXuSJ4uG8zySmFzbfLgN3jVXiJxaPFap... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://synergyscience.org/danac/ Page URL
- https://synergyscience.org/danac/home/?sslchannel=true&sessionid=tDnvwIVXuSJ4uG8zySmFzbfLgN3jVXiJxaPFapBTiCbluKSRz19acAwukzF40rMKhIl6ltJERMag9Dhw Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
synergyscience.org/danac/ |
208 B 889 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
synergyscience.org/danac/home/ |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rui-core.min.css
synergyscience.org/danac/home/root/ |
69 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rui-forms-all.min.css
synergyscience.org/danac/home/root/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth-login.css
synergyscience.org/danac/home/root/ |
142 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loop.png
synergyscience.org/danac/FUNC/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0b.jpg
synergyscience.org/danac/home/root/ |
118 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
museo-sans-500-v1.woff
s1.rui.au.reastatic.net/rui-static/font/ |
15 KB 15 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
synergyscience.org/ | Name: PHPSESSID Value: c266717f4d61fc5f28f77cdbbbe2d920 |
|
synergyscience.org/ | Name: SERVERID Value: app1inst6 |
|
.synergyscience.org/ | Name: __cfduid Value: d19969956c0ae515076f2e69b7f9f00631602000031 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s1.rui.au.reastatic.net
synergyscience.org
2600:9000:203c:f400:1e:c291:240:93a1
2606:4700:3032::ac43:ac90
12a52a043e56f239193b5cac6b56d7dfb26888d5ee7183e84afb8a299f4b2ad2
3af11ecc276c43a57fd031e2377a4e2f027c3dc17b36af4abb19ccd2284994ef
7e5491716d4bab50405712cc09b025aa10456a119e206e2677f8a30358846703
9fc1596deb549cbcf4772ed470bd01e461a625525ad632bf394e2401000f50e7
9fc58f0089d1f9b5bbf896d7c345c7f2880b6000f34acfc518c8fcd580600c8a
ae7201b3cbcdee4d90a5ac451789bf02d4095d08207aad62be33c2e1ea07991e
b50adbf5b4dc387ad81d2773f1b03692c682eefbf67dd5c07f8bf488e0c63b0b
beca68bc6021dd642034bd2c1bfec8e82adacce6a96dc4deaf6e21ca14cc68e4