98.109.114.143 Open in urlscan Pro
98.109.114.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://98.109.114.143/sologin.php
Submission: On October 30 via manual (October 30th 2022, 6:26:37 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 14 HTTP transactions. The main IP is 98.109.114.143, located in Bergenfield, United States and belongs to UUNET, US. The main domain is 98.109.114.143.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 11th 2022. Valid for: a year.

This is the only time 98.109.114.143 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	98.109.114.143 98.109.114.143		701 (UUNET) (UUNET)
2 6	2600:9000:211... 2600:9000:211e:4800:6:9280:1080:93a1		16509 (AMAZON-02) (AMAZON-02)
1	52.215.52.102 52.215.52.102		16509 (AMAZON-02) (AMAZON-02)
14	3

9 98.109.114.143 (Bergenfield, United States)

ASN701 (UUNET, US)
PTR: static-98-109-114-143.nwrknj.fios.verizon.net

98.109.114.143	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211e:4800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.52.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-52-102.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2369 d.adroll.com — Cisco Umbrella Rank: 1440	21 KB
14	1

	Domain	Requested by
6	s.adroll.com	2 redirects 98.109.114.143 s.adroll.com
1	d.adroll.com	s.adroll.com
14	2

This site contains no links.

Subject Issuer	Validity	Valid
*.fcasp.com Go Daddy Secure Certificate Authority - G2	`2022-02-11` - `2023-01-16`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://98.109.114.143/sologin.php
Frame ID: 120CC2497D7084CA44175FE3FCD501BB
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FCI Cyber - SmartOffice Integration Portal

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
jquery\.prettyPhoto\.js

Page Statistics

14
Requests

21 %
HTTPS

33 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

223 kB
Transfer

254 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 10

https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sologin.php Show response 98.109.114.143/	4 KB 4 KB	509ms 134ms	Document text/html	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / PHP/5.3.3 Resource Hash `9b8e45327031c99acfcc383b634d2e96869f9680d48dc47dd2be4bad1bbd75c3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 3631 Content-Type text/html; charset=UTF-8 Date Sun, 30 Oct 2022 18:26:32 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache X-Powered-By PHP/5.3.3
GET H/1.1	200 OK	style.css 98.109.114.143/css/	6 KB 7 KB	331ms 111ms	Stylesheet text/css	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/css/style.css?v4 Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:32 GMT Last-Modified Mon, 23 Aug 2021 17:54:22 GMT Server Apache ETag "2401fa-1935-5ca3db502c0d8" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 6453
GET H/1.1	200 OK	jquery-1.7.2.min.js Show response 98.109.114.143/js/	93 KB 93 KB	335ms 112ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/js/jquery-1.7.2.min.js Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:32 GMT Last-Modified Thu, 28 Feb 2013 22:56:29 GMT Server Apache ETag "240a8f-17278-4d6d0cd19df36" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 94840
GET H/1.1	200 OK	swfobject.js Show response 98.109.114.143/swfobject/	10 KB 10 KB	336ms 111ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/swfobject/swfobject.js Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:32 GMT Last-Modified Thu, 28 Feb 2013 22:56:47 GMT Server Apache ETag "240aa3-27ec-4d6d0ce31920b" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 10220
GET H/1.1	200 OK	init.js Show response 98.109.114.143/js/	37 KB 37 KB	338ms 113ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/js/init.js?v=2.85 Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `85e0f02016c9d7ce86daabb6222340358305398f81960f0397f6dc041b0f623a` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:32 GMT Last-Modified Mon, 23 Aug 2021 17:54:22 GMT Server Apache ETag "240226-920f-5ca3db502dc30" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 37391
GET H/1.1	200 OK	prettyPhoto.css 98.109.114.143/prettyPhoto_compressed_3.1.5/css/	19 KB 20 KB	332ms 112ms	Stylesheet text/css	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/prettyPhoto_compressed_3.1.5/css/prettyPhoto.css Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:32 GMT Last-Modified Fri, 28 Mar 2014 18:01:58 GMT Server Apache ETag "840499-4dce-4f5ae7f75a4c3" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 19918
GET H/1.1	200 OK	jquery.prettyPhoto.js Show response 98.109.114.143/prettyPhoto_compressed_3.1.5/js/	22 KB 22 KB	338ms 113ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://98.109.114.143/prettyPhoto_compressed_3.1.5/js/jquery.prettyPhoto.js Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:32 GMT Last-Modified Fri, 28 Mar 2014 18:02:03 GMT Server Apache ETag "84049f-562c-4f5ae7fc44db9" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 22060
GET H/1.1	200 OK	securimage_show.php 98.109.114.143/includes/securimage/	5 KB 6 KB	661ms 423ms	Image image/png	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Show image Full URL https://98.109.114.143/includes/securimage/securimage_show.php?fca0eef435eb06703e10bb958d42821a Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / PHP/5.3.3 Resource Hash `9ee6a5d53929f25e0fc6872397d2b634452fee22af40d0d6b0dafeebd5f2fb1e` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 18:26:33 GMT Last-Modified Sun, 30 Oct 2022 18:26:33GMT Server Apache X-Powered-By PHP/5.3.3 Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 5529 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	refresh.png 98.109.114.143/includes/securimage/images/	5 KB 5 KB	340ms 113ms	Image image/png	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Show image Full URL https://98.109.114.143/includes/securimage/images/refresh.png Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 18:26:33 GMT Last-Modified Tue, 13 Dec 2016 14:00:32 GMT Server Apache ETag "1740021-12e3-5438aa4be7121" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 4835
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	54 KB 17 KB	101ms 22ms	Script text/javascript	2600:9000:211e:4800:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: 98.109.114.143 URL: https://98.109.114.143/sologin.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `7fd2ec35b25b299043a5f55a2fa26692265abc769c4d9c37d6ad51c88a5cc5ed` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers X-Amz-Version-Id fmkbU__STDFOlCGxbJ0JPrhhMwGUIFrY Content-Encoding gzip Via 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront) Date Sun, 30 Oct 2022 17:33:02 GMT Age 3251 X-Amz-Cf-Pop FRA56-C2 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 13 Oct 2022 19:02:46 GMT Server AmazonS3 Etag W/"71cd62a09ac1a67884aa404a4e486380" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type text/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id 2vLoLqLRDH_Zpy_K238OfDdCHmZ8pxNt5P6w7SdIxdMYSqoUJfvxXQ==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js https://s.adroll.com/j/exp/index.js	28 B 785 B	21ms 21ms	Script application/javascript	2600:9000:211e:4800:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Protocol HTTP/1.1 Server 2600:9000:211e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers X-Amz-Version-Id 3TnMO1iw0qw17MhnYw4sprJhuU7ahGp7 Date Sun, 30 Oct 2022 06:35:05 GMT Via 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront) Age 42761 X-Amz-Cf-Pop FRA56-C2 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28 Last-Modified Fri, 14 Oct 2022 18:57:24 GMT Server AmazonS3 Etag "5816cced8568d223aa09d889f300692b" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id bkYoUiscQiqY2kpN10aQTX_pBsXvuUyFjLVFS7s5fsZE9iOirSKm3Q== Redirect headers Date Sun, 30 Oct 2022 18:26:33 GMT Via 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront) Server AmazonS3 X-Amz-Cf-Pop FRA56-C2 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/exp/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0 X-Cache Miss from cloudfront X-Amz-Cf-Id bsy8zk5q-KXly0v-9JP7TpWqws4ERz9fn6uqx2DRpRkq3Qy9o1kEhA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js https://s.adroll.com/j/pre/index.js	0 756 B	21ms 21ms	Script application/javascript	2600:9000:211e:4800:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Protocol HTTP/1.1 Server 2600:9000:211e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Date Sun, 30 Oct 2022 04:32:29 GMT Via 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront) Age 50059 X-Amz-Cf-Pop FRA56-C2 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id JwqxHXaw9-tWvhDKXPA5xkgyEeM0G8ASbCjSiiJ9qze26LrOksUPQw== Redirect headers Date Sun, 30 Oct 2022 18:26:34 GMT Via 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront) Server AmazonS3 X-Amz-Cf-Pop FRA56-C2 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/pre/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0 X-Cache Miss from cloudfront X-Amz-Cf-Id 4IiqIHq8ZuPLv55VG-Iv-4fD3nC68jaD22J9bYES7wzXWP6TlaP4Mw==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/	0 805 B	732ms 689ms	Script text/javascript	2600:9000:211e:4800:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers X-Amz-Version-Id BQzeF6YbqjrrvyprmfPTI6TyRbrEQ41J Date Sun, 30 Oct 2022 18:26:35 GMT Via 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-C2 X-Amz-Server-Side-Encryption AES256 X-Cache RefreshHit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Thu, 27 Oct 2022 21:51:08 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id WcQSdtPULuXtZFLibevsPMjcBnvv3xRZI0DlG8TqDtZ-a5Vb8L6-hw==
GET H2	200	SNWTKCP2HZFZFL37LBNTVV Show response d.adroll.com/consent/check/	452 B 545 B	146ms 44ms	Script application/javascript	52.215.52.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/SNWTKCP2HZFZFL37LBNTVV?arrfrr=https%3A%2F%2F98.109.114.143%2Fsologin.php&_s=7bb87eb0a81de85e1411b0f72bebbd09&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.52.102 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-52-102.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash `be320230894cec47e431ea3e1b195f48fe9571a41ce9c70773987a973e009698` Request headers accept-language de-DE,de;q=0.9 Referer https://98.109.114.143/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 18:26:33 GMT server nginx/1.20.0 content-length 452 content-type application/javascript

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| swfobject function| init function| fix_so_reference function| fix_owa_reference function| disableclick function| activity_upload_complete function| ex_payer_usernames function| check_for_duplicate_sync_settings function| silent_exchange_calendar_interface_save function| check_for_duplicate_sync_settings_first_run function| test_server function| test_server_creds function| preset_ezmail_folders function| ezmail_folders function| verify_signup_promo_code function| fetch_so_server_sets function| fetch_ex_contact_folders function| test_server_creds_alt function| test_server_creds_alt2 function| proxy_server_creds_alt function| test_server_creds_ex_alt function| test_user_server_creds_ex_alt function| no_interrupt boolean| pp_alreadyInitialized string| adroll_adv_id string| adroll_pix_id boolean| doresize object| scroll_pos object| jQuery17206184713178041135 boolean| hashtag boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			98.109.114.143/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0n0fe839ee4sjudopfjmo3a166

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.adroll.com
s.adroll.com
2600:9000:211e:4800:6:9280:1080:93a1
52.215.52.102
98.109.114.143
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
7fd2ec35b25b299043a5f55a2fa26692265abc769c4d9c37d6ad51c88a5cc5ed
85e0f02016c9d7ce86daabb6222340358305398f81960f0397f6dc041b0f623a
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959
9b8e45327031c99acfcc383b634d2e96869f9680d48dc47dd2be4bad1bbd75c3
9ee6a5d53929f25e0fc6872397d2b634452fee22af40d0d6b0dafeebd5f2fb1e
b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d
b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0
be320230894cec47e431ea3e1b195f48fe9571a41ce9c70773987a973e009698
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52