urlscan.io logo urlscan.io
SecurityTrails logo

concierge.synergyonline.com Open in urlscan Pro
20.82.13.59  Public Scan

Go To Rescan Add Verdict Report
URL: https://concierge.synergyonline.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 17 via api from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 20.82.13.59, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is concierge.synergyonline.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 14th 2024. Valid for: 6 months.
This is the only time concierge.synergyonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 20.82.13.59 8075 (MICROSOFT...)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
10 4
Apex Domain
Subdomains		 Transfer
6 synergyonline.com
concierge.synergyonline.com
299 KB
1 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 279
32 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6375
4 KB
0 azure.com Failed
prod-96.westus.logic.azure.com Failed
10 4
Domain Requested by
6 concierge.synergyonline.com concierge.synergyonline.com
1 res-1.cdn.office.net
1 static.wixstatic.com
0 prod-96.westus.logic.azure.com Failed concierge.synergyonline.com
10 4

This site contains no links.

Subject Issuer Validity Valid
concierge.synergyonline.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.wixstatic.com
R11		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://concierge.synergyonline.com/
Frame ID: 2760F38AFA6AEE4C722E26E1E65569F4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Concierge Appointment Booking Tool

Page Statistics

10
Requests

80 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

335 kB
Transfer

666 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
concierge.synergyonline.com/ 		664 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
https://concierge.synergyonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.13.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
371fcf8c1b587e3f71527f2a79ec86644925498a99a78f1e45ed86b0eee2965f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Thu, 17 Oct 2024 23:53:35 GMT
etag
"67143859"
last-modified
Wed, 15 Mar 2023 17:09:33 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
main.f67211f3.js
concierge.synergyonline.com/static/js/ 		474 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://concierge.synergyonline.com/static/js/main.f67211f3.js
Requested by
Host: concierge.synergyonline.com
URL: https://concierge.synergyonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.13.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7155701f5478fd79e00cebb912318b5b423691b0f1daba66d745f9555309777
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://concierge.synergyonline.com/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"67143859"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 17 Oct 2024 23:53:34 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Wed, 15 Mar 2023 17:09:33 GMT
vary
Accept-Encoding
main.adbac11a.css
concierge.synergyonline.com/static/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://concierge.synergyonline.com/static/css/main.adbac11a.css
Requested by
Host: concierge.synergyonline.com
URL: https://concierge.synergyonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.13.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b71459aa885e801ef495f22d7ec103839cc2886e177310726fea0e108d80b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://concierge.synergyonline.com/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"67143859"
referrer-policy
same-origin
x-content-type-options
nosniff
date
Thu, 17 Oct 2024 23:53:35 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Wed, 15 Mar 2023 17:09:33 GMT
vary
Accept-Encoding
invoke
prod-96.westus.logic.azure.com/workflows/6a7a0cf23f494228b084ee5489753b43/triggers/manual/paths/ 		0
0
invoke
prod-96.westus.logic.azure.com/workflows/6a7a0cf23f494228b084ee5489753b43/triggers/manual/paths/ 		0
0
2021-Synergy-Logo-White.png
static.wixstatic.com/media/a98213_6a85163eed2e40feaf1978ae071be70d~mv2.png/v1/fill/w_101,h_91,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a98213_6a85163eed2e40feaf1978ae071be70d~mv2.png/v1/fill/w_101,h_91,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/2021-Synergy-Logo-White.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a400:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.25.3.2 /
Resource Hash
34060fd0832ace5e83e78ea92a6f2bc040916cbda2feae5ad1e7e36b0ded8eb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-cache
Miss from cloudfront
x-amz-cf-id
gqTFv_0yJvrj5bGz0Y8BfIyXs2gx9qCKLCIGrQFNa7YKGxzF0_fGrQ==
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
via
1.1 google, 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-seen-by
image-manipulator-5f67fb55d4-jxb7c
content-length
3320
alt-svc
h3=":443"; ma=86400
date
Thu, 17 Oct 2024 23:53:36 GMT
content-type
image/webp
vary
Accept
server
openresty/1.25.3.2
x-amz-cf-pop
FRA6-C1
wix-tracer
2naRUQRqRqElp2QAAL6Uhkk4Uvr
ProximaNovaFont.7bc9ce404c297c24f210.otf
concierge.synergyonline.com/static/media/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://concierge.synergyonline.com/static/media/ProximaNovaFont.7bc9ce404c297c24f210.otf
Requested by
Host: concierge.synergyonline.com
URL: https://concierge.synergyonline.com/static/css/main.adbac11a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.13.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://concierge.synergyonline.com
Referer
https://concierge.synergyonline.com/static/css/main.adbac11a.css

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"67143859"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
62892
date
Thu, 17 Oct 2024 23:53:35 GMT
x-xss-protection
1; mode=block
content-type
font/otf
last-modified
Wed, 15 Mar 2023 17:09:33 GMT
LuloCleanOneBold.5452a28cd207074b0f46.otf
concierge.synergyonline.com/static/media/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://concierge.synergyonline.com/static/media/LuloCleanOneBold.5452a28cd207074b0f46.otf
Requested by
Host: concierge.synergyonline.com
URL: https://concierge.synergyonline.com/static/css/main.adbac11a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.13.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7b4dae7b927a4ff1e2e2f2fb758a07f780901150af8c14a7a16bc56ae9d0d32
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://concierge.synergyonline.com
Referer
https://concierge.synergyonline.com/static/css/main.adbac11a.css

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"67143859"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
90628
date
Thu, 17 Oct 2024 23:53:35 GMT
x-xss-protection
1; mode=block
content-type
font/otf
last-modified
Wed, 15 Mar 2023 17:09:33 GMT
segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:241b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://concierge.synergyonline.com
Referer
https://concierge.synergyonline.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.17247e68.1729209215.15faa193&TotalRTCDNTime=24&CompressionType=&FileSize=31824"}],"include_subdomains ":true}
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Thu, 17 Oct 2024 23:53:35 GMT
content-type
font/woff2
last-modified
Wed, 14 Dec 2022 21:53:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=630720000
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=104.126.36.23,b=368746899,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
346b9e01-101e-004d-7550-14307b000000
access-control-allow-origin
*
content-length
31824
favicon.ico
concierge.synergyonline.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://concierge.synergyonline.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.13.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a06d86ebe0fadcdbc5329bfafc46129cd7a7353d2046190b162f9a821d2f685
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://concierge.synergyonline.com/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
etag
"67143859"
referrer-policy
same-origin
x-content-type-options
nosniff
content-length
1711
date
Thu, 17 Oct 2024 23:53:35 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Wed, 15 Mar 2023 17:09:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prod-96.westus.logic.azure.com
URL
https://prod-96.westus.logic.azure.com/workflows/6a7a0cf23f494228b084ee5489753b43/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=Y7BYGAUv2lruo85Nql9lvqde9uraPbo0-j_kcAwfGeU
Domain
prod-96.westus.logic.azure.com
URL
https://prod-96.westus.logic.azure.com/workflows/6a7a0cf23f494228b084ee5489753b43/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=Y7BYGAUv2lruo85Nql9lvqde9uraPbo0-j_kcAwfGeU

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkconcierge object| __globalSettings__ object| __stylesheet__ object| __themeState__ object| __packages__ number| __currentId__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block