urlscan.io logo urlscan.io
SecurityTrails logo

synergyathletictraining.com Open in urlscan Pro
209.59.138.165  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Submission Tags: @ipnigh
Submission: On May 05 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 209.59.138.165, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is synergyathletictraining.com.
This is the only time synergyathletictraining.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
5 209.59.138.165 32244 (LIQUIDWEB)
1 104.17.93.1 13335 (CLOUDFLAR...)
1 2 35.181.91.36 16509 (AMAZON-02)
7 4
Apex Domain
Subdomains		 Transfer
5 synergyathletictraining.com
synergyathletictraining.com
102 KB
2 adobe.com
stats.adobe.com
2 KB
1 ucsf.edu
hr.ucsf.edu
13 KB
7 3
Domain Requested by
5 synergyathletictraining.com synergyathletictraining.com
2 stats.adobe.com 1 redirects synergyathletictraining.com
1 hr.ucsf.edu synergyathletictraining.com
7 3

This site contains no links.

Subject Issuer Validity Valid
*.ucsf.edu
InCommon RSA Server CA		 2020-04-15 -
2022-04-15		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Frame ID: C41BDC8CF6082BA97A78173BEF68C142
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

14 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

116 kB
Transfer

280 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s0621125717151?AQB=1&ndh=1&t=5%2F4%2F2020%2014%3A38%3A32%202%20-120&fid=0B077AD4CC4613E3-0C8F62F5ED463A10&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fsynergyathletictraining.com%2Fpurchase%2Forder%2Fpreview%2FNEW%2520PDF%2FPDF.html&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s0621125717151?AQB=1&pccr=true&vidn=2F58AF24051588EE-6000087E6A1D7327&ndh=1&t=5%2F4%2F2020%2014%3A38%3A32%202%20-120&fid=0B077AD4CC4613E3-0C8F62F5ED463A10&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fsynergyathletictraining.com%2Fpurchase%2Forder%2Fpreview%2FNEW%2520PDF%2FPDF.html&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PDF.html
synergyathletictraining.com/purchase/order/preview/NEW%20PDF/ 		255 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
HTTP/1.1
Server
209.59.138.165 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server.designproficient.com
Software
Apache /
Resource Hash
97f2a0fef8fd60d0df305d077f1b85090989d0f6e481076618c7f820c301f6c2

Request headers

Host
synergyathletictraining.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 12:38:30 GMT
Server
Apache
Last-Modified
Sun, 14 Feb 2016 21:28:38 GMT
Accept-Ranges
bytes
Cache-Control
public, must-revalidate, proxy-revalidate
Expires
Tue, 05 May 2020 13:38:30 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Keep-Alive
timeout=2, max=500
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
ath5djs.htm
synergyathletictraining.com/purchase/order/preview/NEW%20PDF/Sign%20in%20-%20Adobe%20Files_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/Sign%20in%20-%20Adobe%20Files_files/ath5djs.htm
Requested by
Host: synergyathletictraining.com
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
HTTP/1.1
Server
209.59.138.165 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server.designproficient.com
Software
Apache / PHP/7.0.33
Resource Hash

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 12:38:30 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.0.33
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://synergyathletictraining.com/wp-json/>; rel="https://api.w.org/"
Content-Length
2754
Keep-Alive
timeout=2, max=500
Expires
Wed, 11 Jan 1984 05:00:00 GMT
d_002.htm
synergyathletictraining.com/purchase/order/preview/NEW%20PDF/Sign%20in%20-%20Adobe%20Files_files/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/Sign%20in%20-%20Adobe%20Files_files/d_002.htm
Requested by
Host: synergyathletictraining.com
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
HTTP/1.1
Server
209.59.138.165 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server.designproficient.com
Software
Apache / PHP/7.0.33
Resource Hash

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 12:38:30 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.0.33
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://synergyathletictraining.com/wp-json/>; rel="https://api.w.org/"
Content-Length
2753
Keep-Alive
timeout=2, max=500
Expires
Wed, 11 Jan 1984 05:00:00 GMT
d.htm
synergyathletictraining.com/purchase/order/preview/NEW%20PDF/Sign%20in%20-%20Adobe%20Files_files/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/Sign%20in%20-%20Adobe%20Files_files/d.htm
Requested by
Host: synergyathletictraining.com
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
HTTP/1.1
Server
209.59.138.165 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server.designproficient.com
Software
Apache / PHP/7.0.33
Resource Hash

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 12:38:30 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.0.33
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://synergyathletictraining.com/wp-json/>; rel="https://api.w.org/"
Content-Length
2749
Keep-Alive
timeout=2, max=500
Expires
Wed, 11 Jan 1984 05:00:00 GMT
pdf-icon.png
hr.ucsf.edu/assets/img/icons/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hr.ucsf.edu/assets/img/icons/pdf-icon.png
Requested by
Host: synergyathletictraining.com
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.93.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6913e0e3a6f5dfd89af95fcb3a043d358b06b854d98bf3e6d04b4ad92274ad6

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 12:38:32 GMT
content-security-policy-report-only
default-src 'self'; script-src 'self' 'sha256-+bxmTszuFZAEl+A4bkmdO3v4s6CzSSQf3YPCFakiHLI=' 'sha256-zOvxDzMFHyhH5EjkYDoXMjB8y+VTd403M4TLCcGDhoM=' 'sha256-CY65tr+aybCoDRXEiYFZMV0i8LIaS7HiCPFpiKsDy7w=' 'sha256-B4d5OWO/6JCTmM+Sqvn/LjbcFRdvqfESkR784TdLvy4=' 'sha256-MFP3tagZuIGTWXqsuWcVY8UdPpd5e7HbsbRdpkJeonc=' 'sha256-aH40kSuCzh9k0/2u6810PyYSptxNESPsIQhimohKrTE=' 'sha256-qNbiKQM3Xlj21Hwb0El4Z/tuYNSlU074pXm7af6jpWk=' 'sha256-UA/9RYRSBRmZJzP8uiPsSWu175ljKLYMfrGegPIQCwo=' 'sha256-c2tEW5x40YOquKjjFXG54WW3SALauaruJFUg3CB0rV8=' 'sha256-GnLfl+am9QKwYMZBd013ju2JNu5O1Hx8uVCJXifKsuA=' 'sha256-nx8ngEPmNFqFhqawAZijFkOKuaBr1VAS4EQyY17xbiM=' 'sha256-/p0SJWTOQpaqgf3iImrx7l5UpZHqUMe2xrI+MDnKulg=' 'sha256-GFcmUXmEZfLH1y67cSTI5MrMjbcaHoTnyAmHnkBmaC4=' 'sha256-8bGqkIV5zFq3yKsf+5vd+d1Q0RjvuF7Jphd5II8aoFg=' 'sha256-XrpMPJ9kH47XRsKc/lv5EkBw1IQdtU4hvOreUJl9sWQ=' 'sha256-B1IUXxxtI3pIDyhRUTQ0+ukp0wJl6IFvD4T0PP2KFfI=' https://www.google-analytics.com/analytics.js https://platform.twitter.com/widgets.js 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' *.ucsf.edu https://www.google-analytics.com; object-src 'none'; frame-src 'self' https://platform.twitter.com/;
cf-cache-status
MISS
last-modified
Fri, 27 Jun 2014 19:41:56 GMT
server
cloudflare
etag
"2f20-4fcd6808b3837"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
cf-ray
58ea84e2ba6acadc-ARN
content-length
12064
cf-request-id
02867161b40000cadce6871200000001
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f7ca77a8ac88efd0254763ffd1e11bb301f729c71988b7abb7f2e32d58126dc

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
s0621125717151
stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/
Redirect Chain
  • http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s0621125717151?AQB=1&ndh=1&t=5%2F4%2F2020%2014%3A38%3A32%202%20-120&fid=0B077AD4CC4613E3-0C8F62F5ED463A10&ce=UTF-8&ns=adobecorp&pag...
  • http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s0621125717151?AQB=1&pccr=true&vidn=2F58AF24051588EE-6000087E6A1D7327&ndh=1&t=5%2F4%2F2020%2014%3A38%3A32%202%20-120&fid=0B077AD4CC...
43 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s0621125717151?AQB=1&pccr=true&vidn=2F58AF24051588EE-6000087E6A1D7327&ndh=1&t=5%2F4%2F2020%2014%3A38%3A32%202%20-120&fid=0B077AD4CC4613E3-0C8F62F5ED463A10&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fsynergyathletictraining.com%2Fpurchase%2Forder%2Fpreview%2FNEW%2520PDF%2FPDF.html&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: synergyathletictraining.com
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
HTTP/1.1
Server
35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 12:38:31 GMT
x-content-type-options
nosniff
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 06 May 2020 12:38:32 GMT
server
jag
xserver
anedge-65fb49f79-vhzzk
etag
3411669286972129280-4618137628938910306
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 04 May 2020 12:38:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 May 2020 12:38:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 12:38:32 GMT
server
jag
access-control-allow-origin
*
xserver
anedge-65fb49f79-gqn9t
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
location
http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s0621125717151?AQB=1&pccr=true&vidn=2F58AF24051588EE-6000087E6A1D7327&ndh=1&t=5%2F4%2F2020%2014%3A38%3A32%202%20-120&fid=0B077AD4CC4613E3-0C8F62F5ED463A10&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fsynergyathletictraining.com%2Fpurchase%2Forder%2Fpreview%2FNEW%2520PDF%2FPDF.html&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-type
text/plain;charset=utf-8
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 04 May 2020 12:38:32 GMT
squarespinner_2x.gif
synergyathletictraining.com/renga-idprovider/resources/web_v2/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://synergyathletictraining.com/renga-idprovider/resources/web_v2/img/squarespinner_2x.gif
Requested by
Host: synergyathletictraining.com
URL: http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
Protocol
HTTP/1.1
Server
209.59.138.165 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server.designproficient.com
Software
Apache / PHP/7.0.33
Resource Hash
809f8ae06345b954cb8e3510f5ead05be45a93d863a4b220e125141cd6772ba6

Request headers

Referer
http://synergyathletictraining.com/purchase/order/preview/NEW%20PDF/PDF.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 12:38:31 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.0.33
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://synergyathletictraining.com/wp-json/>; rel="https://api.w.org/"
Content-Length
2738
Keep-Alive
timeout=2, max=499
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| special_day_char function| css_browser_selector function| Visitor function| AppMeasurement function| s_gi function| s_pgicq number| CSSBS number| CSSBS_webkit number| CSSBS_chrome number| CSSBS_mac number| CSSBS_js number| CSSBS_portrait number| s_objectID number| s_giq undefined| s_code string| s_account string| scJsHost function| scReport object| s_c_il number| s_c_in object| s object| s_i_adbimsqa_adbadobenonacdcqa number| ob function| FastClick function| getValidatorGroups function| getEnhancedDropdownParent object| components function| _now function| debounce function| $ function| jQuery object| jQuery19109835201223576722 object| IMS

2 Cookies

Domain/Path Name / Value
.synergyathletictraining.com/ Name: s_cc
Value: true
.synergyathletictraining.com/ Name: s_fid
Value: 0B077AD4CC4613E3-0C8F62F5ED463A10