exchangesync.fcasp.com Open in urlscan Pro
98.109.114.143  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Page URL
2. https://exchangesync.fcasp.com/sologin.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response url.emailprotection.link/	5 KB 3 KB	400ms 63ms	Document text/html	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash 2dc817edf1e17b74a4dbe69673f76a920fd48849f066ba28794cb330d5a7e3ff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 30 Jan 2023 16:46:40 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Robots-Tag noindex
GET H/1.1	200 OK	new_style.css url.emailprotection.link/new/css/	8 KB 2 KB	36ms 34ms	Stylesheet text/css	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/css/new_style.css Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash 8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069 Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag W/"62d025ae-1e80" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive X-Robots-Tag noindex
GET H/1.1	200 OK	new_screenshot.js Show response url.emailprotection.link/new/js/	1 KB 979 B	104ms 34ms	Script application/javascript	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/js/new_screenshot.js Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592 Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag W/"62d025ae-574" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-Robots-Tag noindex
GET H/1.1	200 OK	tooltipster.css url.emailprotection.link/new/css/	10 KB 3 KB	71ms 34ms	Stylesheet text/css	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/css/tooltipster.css Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86 Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag W/"62d025ae-2965" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive X-Robots-Tag noindex
GET H/1.1	200 OK	jquery-1.9.1.js Show response url.emailprotection.link/new/js/libs/	142 KB 47 KB	141ms 71ms	Script application/javascript	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash 6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964 Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag W/"62d025ae-23758" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-Robots-Tag noindex
GET H/1.1	200 OK	jquery.tooltipster.min.js Show response url.emailprotection.link/new/js/libs/	17 KB 6 KB	105ms 34ms	Script application/javascript	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag W/"62d025ae-43a9" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-Robots-Tag noindex
GET H/1.1	200 OK	new_scanning.js Show response url.emailprotection.link/new/js/	947 B 758 B	107ms 36ms	Script application/javascript	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/js/new_scanning.js Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash 04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag W/"62d025ae-3b3" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-Robots-Tag noindex
GET H/1.1	200 OK	scanning_70.gif url.emailprotection.link/new/images/	30 KB 30 KB	68ms 68ms	Image image/gif	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Show image Full URL https://url.emailprotection.link/new/images/scanning_70.gif Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8 Request headers accept-language en-GB,en;q=0.9 Referer https://url.emailprotection.link/?bg1AMRrQtaMNgmh7pF-RnnfjT4WbS5iQAiVIYFSVHD0uSA9o9nPtkbS3rgw7FVEixy74Av23xWenAf-E-BHSHc6lnLFSpWjETqJXKZrYyztzAiNyPtxjdMbBoJZSkpG8v User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag "62d025ae-78dd" Content-Type image/gif Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 30941
GET H/1.1	200 OK	notosans-regular.ttf url.emailprotection.link/new/fonts/	306 KB 306 KB	35ms 34ms	Font application/octet-stream	185.64.213.245 IMED
General Check archive.org Show headers Download Go to Full URL https://url.emailprotection.link/new/fonts/notosans-regular.ttf Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/new/css/new_style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB), Reverse DNS intermedia.co.uk Software nginx / Resource Hash c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b Request headers Referer https://url.emailprotection.link/new/css/new_style.css Origin https://url.emailprotection.link accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:40 GMT Last-Modified Thu, 14 Jul 2022 14:18:22 GMT Server nginx ETag "62d025ae-4c738" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 313144
GET H/1.1	200 OK	Primary Request sologin.php Show response exchangesync.fcasp.com/	4 KB 4 KB	692ms 159ms	Document text/html	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/sologin.php Requested by Host: url.emailprotection.link URL: https://url.emailprotection.link/new/js/new_scanning.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / PHP/5.3.3 Resource Hash cfc38b6ed3c81ca03a320c5f48b71713105afea36c0e237668284ce3fd33e500 Request headers Referer https://url.emailprotection.link/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 3664 Content-Type text/html; charset=UTF-8 Date Mon, 30 Jan 2023 16:46:42 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache X-Powered-By PHP/5.3.3
GET H/1.1	200 OK	style.css exchangesync.fcasp.com/css/	6 KB 7 KB	132ms 132ms	Stylesheet text/css	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/css/style.css?v4 Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:42 GMT Last-Modified Mon, 23 Aug 2021 17:54:22 GMT Server Apache ETag "2401fa-1935-5ca3db502c0d8" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 6453
GET H/1.1	200 OK	jquery-1.7.2.min.js Show response exchangesync.fcasp.com/js/	93 KB 93 KB	400ms 129ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/js/jquery-1.7.2.min.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:43 GMT Last-Modified Thu, 28 Feb 2013 22:56:29 GMT Server Apache ETag "240a8f-17278-4d6d0cd19df36" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 94840
GET H/1.1	200 OK	swfobject.js Show response exchangesync.fcasp.com/swfobject/	10 KB 10 KB	433ms 134ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/swfobject/swfobject.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash 8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:43 GMT Last-Modified Thu, 28 Feb 2013 22:56:47 GMT Server Apache ETag "240aa3-27ec-4d6d0ce31920b" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 10220
GET H/1.1	200 OK	init.js Show response exchangesync.fcasp.com/js/	37 KB 37 KB	444ms 138ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/js/init.js?v=2.85 Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash d4fe75259bd6fa7624d8eee17ef7caf81ad15969e268241fd476a8ebf0d4a95d Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:43 GMT Last-Modified Tue, 20 Dec 2022 21:31:30 GMT Server Apache ETag "240226-925a-5f04928c46768" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 37466
GET H/1.1	200 OK	prettyPhoto.css exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/css/	19 KB 20 KB	396ms 129ms	Stylesheet text/css	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/css/prettyPhoto.css Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash 998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:42 GMT Last-Modified Fri, 28 Mar 2014 18:01:58 GMT Server Apache ETag "840499-4dce-4f5ae7f75a4c3" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 19918
GET H/1.1	200 OK	jquery.prettyPhoto.js Show response exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/js/	22 KB 22 KB	497ms 147ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/js/jquery.prettyPhoto.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash 7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:43 GMT Last-Modified Fri, 28 Mar 2014 18:02:03 GMT Server Apache ETag "84049f-562c-4f5ae7fc44db9" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 22060
GET H/1.1	200 OK	securimage_show.php exchangesync.fcasp.com/includes/securimage/	6 KB 7 KB	789ms 488ms	Image image/png	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Show image Full URL https://exchangesync.fcasp.com/includes/securimage/securimage_show.php?22c33c30d3108fffd812d081c1ada6e3 Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / PHP/5.3.3 Resource Hash a0a8265ce47ec6ec7446d0fdf70bd41282f8eb9f39fe107fa8753baff4058886 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Jan 2023 16:46:43 GMT Last-Modified Mon, 30 Jan 2023 16:46:44GMT Server Apache X-Powered-By PHP/5.3.3 Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 6339 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	refresh.png exchangesync.fcasp.com/includes/securimage/images/	5 KB 5 KB	382ms 127ms	Image image/png	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Show image Full URL https://exchangesync.fcasp.com/includes/securimage/images/refresh.png Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Mon, 30 Jan 2023 16:46:43 GMT Last-Modified Tue, 13 Dec 2016 14:00:32 GMT Server Apache ETag "1740021-12e3-5438aa4be7121" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 4835
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	57 KB 19 KB	150ms 49ms	Script text/javascript	2600:9000:211e:8a00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 187dd959c1c8b5b67dd697aa19ebe24c0973eae61cc3f93baea8f91220b72e40 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers X-Amz-Version-Id bntwPEMHiM2VGhRpRaGiN3p9n4.eWDa1 Content-Encoding gzip Via 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront) Date Mon, 30 Jan 2023 16:41:41 GMT Age 304 X-Amz-Cf-Pop FRA56-C2 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 18 Jan 2023 16:29:54 GMT Server AmazonS3 Etag W/"0746318b259b1f107827e097348569d8" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type text/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id 07spnOvEsIfG7E4divrHcspXLVpFQdYN1NMeKEa6SVSIPu5M-O0Vwg==
GET		index.js s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/	0 0
GET		fpconsent.js s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/	0 0
GET		index.js s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/	0 0
GET H2	200	SNWTKCP2HZFZFL37LBNTVV Show response d.adroll.com/consent/check/	467 B 560 B	195ms 58ms	Script application/javascript	2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/SNWTKCP2HZFZFL37LBNTVV?pv=79120565856.9311&arrfrr=https%3A%2F%2Fexchangesync.fcasp.com%2Fsologin.php&_s=15ae0b9d17b69e34bce31c48144d906f&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 -, , ASN (), Reverse DNS Software nginx/1.22.1 / Resource Hash 5e91689625051022ec3da566acdf2cfdf359e5dfc0dc37f0043b98a5fe44a5f2 Request headers accept-language en-GB,en;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 16:46:44 GMT server nginx/1.22.1 content-length 467 content-type application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s.adroll.com

URL

https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js

Domain

s.adroll.com

URL

https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js

Domain

s.adroll.com

URL

https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/index.js

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| swfobject function| init function| fix_so_reference function| fix_owa_reference function| disableclick function| activity_upload_complete function| ex_payer_usernames function| check_for_duplicate_sync_settings function| silent_exchange_calendar_interface_save function| check_for_duplicate_sync_settings_first_run function| test_server function| test_server_creds function| preset_ezmail_folders function| ezmail_folders function| verify_signup_promo_code function| fetch_so_server_sets function| fetch_ex_contact_folders function| test_server_creds_alt function| test_server_creds_alt2 function| proxy_server_creds_alt function| test_server_creds_ex_alt function| test_user_server_creds_ex_alt function| no_interrupt boolean| pp_alreadyInitialized string| adroll_adv_id string| adroll_pix_id boolean| doresize object| scroll_pos object| jQuery17205029028857611841 boolean| hashtag boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			exchangesync.fcasp.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9nb1rfr33oc7nccpfqj1bhgor4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.adroll.com
exchangesync.fcasp.com
s.adroll.com
url.emailprotection.link
s.adroll.com
185.64.213.245
2600:9000:211e:8a00:6:9280:1080:93a1
2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
98.109.114.143
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
187dd959c1c8b5b67dd697aa19ebe24c0973eae61cc3f93baea8f91220b72e40
2dc817edf1e17b74a4dbe69673f76a920fd48849f066ba28794cb330d5a7e3ff
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5e91689625051022ec3da566acdf2cfdf359e5dfc0dc37f0043b98a5fe44a5f2
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959
a0a8265ce47ec6ec7446d0fdf70bd41282f8eb9f39fe107fa8753baff4058886
b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
cfc38b6ed3c81ca03a320c5f48b71713105afea36c0e237668284ce3fd33e500
d4fe75259bd6fa7624d8eee17ef7caf81ad15969e268241fd476a8ebf0d4a95d
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea