synergyscience.org
Open in
urlscan Pro
2606:4700:3032::ac43:ac90
Malicious Activity!
Public Scan
Effective URL: https://synergyscience.org/m0355/home/?sslchannel=true&sessionid=EQVlsQGHJ3VofqHZgEXuor0ndBaI7IuEthn2uglj6ijxXDGDjQYQx16dYQ...
Submission: On December 21 via manual from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2020. Valid for: a year.
This is the only time synergyscience.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2606:4700:303... 2606:4700:3032::ac43:ac90 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
synergyscience.org
synergyscience.org |
138 KB |
0 |
grammarly.com
Failed
static.grammarly.com Failed |
|
19 | 2 |
Domain | Requested by | |
---|---|---|
13 | synergyscience.org |
synergyscience.org
|
0 | static.grammarly.com Failed |
synergyscience.org
|
19 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-05-22 - 2021-05-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://synergyscience.org/m0355/home/?sslchannel=true&sessionid=EQVlsQGHJ3VofqHZgEXuor0ndBaI7IuEthn2uglj6ijxXDGDjQYQx16dYQb7mHWGUXMUzHWBOAUJZGSW
Frame ID: 79C8B3DB44761D185CF3A88CCC87E1FE
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://synergyscience.org/m0355/ Page URL
- https://synergyscience.org/m0355/home/?sslchannel=true&sessionid=EQVlsQGHJ3VofqHZgEXuor0ndBaI7IuEthn2ug... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://synergyscience.org/m0355/ Page URL
- https://synergyscience.org/m0355/home/?sslchannel=true&sessionid=EQVlsQGHJ3VofqHZgEXuor0ndBaI7IuEthn2uglj6ijxXDGDjQYQx16dYQb7mHWGUXMUzHWBOAUJZGSW Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
synergyscience.org/m0355/ |
208 B 973 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
synergyscience.org/m0355/home/ |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
synergyscience.org/m0355/home/plus/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deprecatedGuidelines.css
synergyscience.org/m0355/home/plus/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageStyle.css
synergyscience.org/m0355/home/plus/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deprecatedFormInputs.css
synergyscience.org/m0355/home/plus/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
businessApproveAdminChange_businessApproveEmailChange_businessConfirmEmailChange_businessGetQuote_bu_9694083d.css
synergyscience.org/m0355/home/plus/ |
144 B 409 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.css
synergyscience.org/m0355/home/plus/ |
54 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newFunnelPageStyle.css
synergyscience.org/m0355/home/plus/ |
675 B 557 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newFunnelPageStyle.js.t%C3%A9l%C3%A9chargement
synergyscience.org/m0355/home/plus/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliatesTerms_businessAdminWelcome_businessCX_businessExperienceSurvey_businessHR_businessHome_bus_7ed9b741.css
synergyscience.org/m0355/home/plus/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.css
synergyscience.org/m0355/home/plus/ |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plus.png
synergyscience.org/m0355/home/plus/ |
106 KB 107 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
akkurat-regular.woff2
static.grammarly.com/assets/files/29e757590a24815b6170ac2fafab050d/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
akkurat-bold.woff2
static.grammarly.com/assets/files/98b3f0b5cff5d8fcaaa28cf31371a183/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Inter-Regular.woff2
static.grammarly.com/assets/files/55c843b0b146c9d1db049e4751172fe1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
akkurat-bold.woff
static.grammarly.com/assets/files/0d13cf93e764d35b0c6c7ebabdf53d10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Inter-Regular.woff
static.grammarly.com/assets/files/da83100fc42a3c359ae8e3038a4a5e90/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
akkurat-regular.woff
static.grammarly.com/assets/files/f00a7952f3956f7871056a1138c16fee/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.grammarly.com
- URL
- https://static.grammarly.com/assets/files/29e757590a24815b6170ac2fafab050d/akkurat-regular.woff2
- Domain
- static.grammarly.com
- URL
- https://static.grammarly.com/assets/files/98b3f0b5cff5d8fcaaa28cf31371a183/akkurat-bold.woff2
- Domain
- static.grammarly.com
- URL
- https://static.grammarly.com/assets/files/55c843b0b146c9d1db049e4751172fe1/Inter-Regular.woff2
- Domain
- static.grammarly.com
- URL
- https://static.grammarly.com/assets/files/0d13cf93e764d35b0c6c7ebabdf53d10/akkurat-bold.woff
- Domain
- static.grammarly.com
- URL
- https://static.grammarly.com/assets/files/da83100fc42a3c359ae8e3038a4a5e90/Inter-Regular.woff
- Domain
- static.grammarly.com
- URL
- https://static.grammarly.com/assets/files/f00a7952f3956f7871056a1138c16fee/akkurat-regular.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
synergyscience.org/ | Name: wp_woocommerce_session_fa818dfb6c61062658202515475ec7d7 Value: 403f634668549b7fe5c47ccc955fe35e%7C%7C1608728564%7C%7C1608724964%7C%7Ceb12935d1f3a93dd7dd83304b6296492 |
|
synergyscience.org/ | Name: SERVERID Value: app1inst5 |
|
synergyscience.org/ | Name: bwfan_session Value: 1 |
|
synergyscience.org/ | Name: bwfan_visitor Value: uFLNjUmQd2HHWioz |
|
synergyscience.org/ | Name: PHPSESSID Value: bf0b67c45493ea805f952ba136acddbb |
|
.synergyscience.org/ | Name: __cfduid Value: d67db65d53c5a77b2f672dfd6b4658a541608555762 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
static.grammarly.com
synergyscience.org
static.grammarly.com
2606:4700:3032::ac43:ac90
253d5d7badcb59c615aea3d554e25eafd9f92d1e41ca870c2906efa072203408
399232a02a5a60aee12000ea4b9c7ef5ebba0a15fc621d61342d38fbd2484e4a
3c078de985687108da6433c87dbac5f11a1ddc3f9901d5285a03aab27a399f0d
3d5db5158c5dea4dc74479939f022323a87c6a966b01c78c71eb00d4ac5364af
6c762068da47767414b8ce1d70f784788ea5cd3c9016580cbf7c793b841e4cb4
6e89afe32f8dfc9fad77dcaf135be5d0128b7d3a00d68ebf3836153e9950c6a5
8e7f8f9e3317745759389b3d702bcce10654cd07521442426def69b4b06838bb
8f26fd01d3ca04771eb23bdaee63019069e84d2e8f508a4b4aa3a8dff1fe2b18
a8a651288f2b76da3aeb6b852b18aeb68eb791d02713c4b0b8e6f1140840e303
b933ae8bb710e40d6ef165e101cf72b2fcaa2e7031f2d77123c23d338bc9abff
baa835336978397f8d305d5b364930c2b214aab573a4f4df99719b8e3550550e
f96b84492a2b5d4d79093c6182a9469e7a3e7994d6ebd1b213a022631f1fce87