exchangesync.fcasp.com
Open in
urlscan Pro
98.109.114.143
Public Scan
Effective URL: https://exchangesync.fcasp.com/sologin.php
Submission: On January 30 via manual from US — Scanned from GB
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 5th 2022. Valid for: a year.
This is the only time exchangesync.fcasp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 185.64.213.245 185.64.213.245 | 50152 (IMED) (IMED) | |
9 | 98.109.114.143 98.109.114.143 | 701 (UUNET) (UUNET) | |
1 | 2600:9000:211... 2600:9000:211e:8a00:6:9280:1080:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a05:d018:cc3... 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 | () () | |
23 | 5 |
ASN50152 (IMED, GB)
PTR: intermedia.co.uk
url.emailprotection.link |
ASN701 (UUNET, US)
PTR: static-98-109-114-143.nwrknj.fios.verizon.net
exchangesync.fcasp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
fcasp.com
exchangesync.fcasp.com |
203 KB |
9 |
emailprotection.link
url.emailprotection.link — Cisco Umbrella Rank: 90427 |
399 KB |
2 |
adroll.com
s.adroll.com — Cisco Umbrella Rank: 2416 d.adroll.com |
19 KB |
23 | 3 |
Domain | Requested by | |
---|---|---|
9 | exchangesync.fcasp.com |
url.emailprotection.link
exchangesync.fcasp.com |
9 | url.emailprotection.link |
url.emailprotection.link
|
1 | d.adroll.com |
s.adroll.com
|
1 | s.adroll.com |
exchangesync.fcasp.com
s.adroll.com |
23 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.emailprotection.link GeoTrust RSA CA 2018 |
2022-07-27 - 2023-08-27 |
a year | crt.sh |
*.fcasp.com Go Daddy Secure Certificate Authority - G2 |
2022-12-05 - 2023-12-19 |
a year | crt.sh |
s.adroll.com Amazon |
2022-07-03 - 2023-08-01 |
a year | crt.sh |
d.adroll.com Amazon RSA 2048 M01 |
2022-11-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://exchangesync.fcasp.com/sologin.php
Frame ID: 67F41D0A5BDF9E47D2122EAD0EC07E2E
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
FCI Cyber - SmartOffice Integration PortalPage URL History Show full URLs
- https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWe... Page URL
- https://exchangesync.fcasp.com/sologin.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
AdRoll (Advertising Networks) Expand
Detected patterns
- (?:a|s)\.adroll\.com
SWFObject (Miscellaneous) Expand
Detected patterns
- swfobject.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
prettyPhoto (JavaScript Libraries) Expand
Detected patterns
- (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
- jquery\.prettyPhoto\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Page URL
- https://exchangesync.fcasp.com/sologin.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
url.emailprotection.link/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new_style.css
url.emailprotection.link/new/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new_screenshot.js
url.emailprotection.link/new/js/ |
1 KB 979 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tooltipster.css
url.emailprotection.link/new/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.js
url.emailprotection.link/new/js/libs/ |
142 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.tooltipster.min.js
url.emailprotection.link/new/js/libs/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new_scanning.js
url.emailprotection.link/new/js/ |
947 B 758 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scanning_70.gif
url.emailprotection.link/new/images/ |
30 KB 30 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notosans-regular.ttf
url.emailprotection.link/new/fonts/ |
306 KB 306 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
sologin.php
exchangesync.fcasp.com/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
exchangesync.fcasp.com/css/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.2.min.js
exchangesync.fcasp.com/js/ |
93 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
exchangesync.fcasp.com/swfobject/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
init.js
exchangesync.fcasp.com/js/ |
37 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prettyPhoto.css
exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/css/ |
19 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.prettyPhoto.js
exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/js/ |
22 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
securimage_show.php
exchangesync.fcasp.com/includes/securimage/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
refresh.png
exchangesync.fcasp.com/includes/securimage/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
57 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index.js
s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fpconsent.js
s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
index.js
s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SNWTKCP2HZFZFL37LBNTVV
d.adroll.com/consent/check/ |
467 B 560 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s.adroll.com
- URL
- https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js
- Domain
- s.adroll.com
- URL
- https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js
- Domain
- s.adroll.com
- URL
- https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/index.js
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| swfobject function| init function| fix_so_reference function| fix_owa_reference function| disableclick function| activity_upload_complete function| ex_payer_usernames function| check_for_duplicate_sync_settings function| silent_exchange_calendar_interface_save function| check_for_duplicate_sync_settings_first_run function| test_server function| test_server_creds function| preset_ezmail_folders function| ezmail_folders function| verify_signup_promo_code function| fetch_so_server_sets function| fetch_ex_contact_folders function| test_server_creds_alt function| test_server_creds_alt2 function| proxy_server_creds_alt function| test_server_creds_ex_alt function| test_user_server_creds_ex_alt function| no_interrupt boolean| pp_alreadyInitialized string| adroll_adv_id string| adroll_pix_id boolean| doresize object| scroll_pos object| jQuery17205029028857611841 boolean| hashtag boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
exchangesync.fcasp.com/ | Name: PHPSESSID Value: 9nb1rfr33oc7nccpfqj1bhgor4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d.adroll.com
exchangesync.fcasp.com
s.adroll.com
url.emailprotection.link
s.adroll.com
185.64.213.245
2600:9000:211e:8a00:6:9280:1080:93a1
2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
98.109.114.143
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
187dd959c1c8b5b67dd697aa19ebe24c0973eae61cc3f93baea8f91220b72e40
2dc817edf1e17b74a4dbe69673f76a920fd48849f066ba28794cb330d5a7e3ff
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5e91689625051022ec3da566acdf2cfdf359e5dfc0dc37f0043b98a5fe44a5f2
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959
a0a8265ce47ec6ec7446d0fdf70bd41282f8eb9f39fe107fa8753baff4058886
b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
cfc38b6ed3c81ca03a320c5f48b71713105afea36c0e237668284ce3fd33e500
d4fe75259bd6fa7624d8eee17ef7caf81ad15969e268241fd476a8ebf0d4a95d
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea