exchangesync.fcasp.com Open in urlscan Pro
98.109.114.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchangesync.fcasp.com/sologin.php
Submission: On April 12 via manual (April 12th 2023, 6:32:29 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 98.109.114.143, located in Bergenfield, United States and belongs to UUNET, US. The main domain is exchangesync.fcasp.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 5th 2022. Valid for: a year.

This is the only time exchangesync.fcasp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	98.109.114.143 98.109.114.143		701 (UUNET) (UUNET)
2 6	2600:9000:225... 2600:9000:225e:2c00:6:9280:1080:93a1		16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:cc6... 2600:1f14:cc6:ea04:b778:4fbe:b841:4815		16509 (AMAZON-02) (AMAZON-02)
14	3

9 98.109.114.143 (Bergenfield, United States)

ASN701 (UUNET, US)
PTR: static-98-109-114-143.nwrknj.fios.verizon.net

exchangesync.fcasp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225e:2c00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:cc6:ea04:b778:4fbe:b841:4815 (Boardman, United States)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	fcasp.com exchangesync.fcasp.com	204 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2665 d.adroll.com — Cisco Umbrella Rank: 1345	22 KB
14	2

	Domain	Requested by
9	exchangesync.fcasp.com	exchangesync.fcasp.com
6	s.adroll.com	2 redirects exchangesync.fcasp.com s.adroll.com
1	d.adroll.com	s.adroll.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
*.fcasp.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2023-12-19`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M02	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://exchangesync.fcasp.com/sologin.php
Frame ID: 1B66380AA5C829A3496E0821C2A76F91
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FCI Cyber - SmartOffice Integration Portal

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
jquery\.prettyPhoto\.js

Page Statistics

14
Requests

86 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

225 kB
Transfer

258 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 10

https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sologin.php Show response exchangesync.fcasp.com/	4 KB 4 KB	809ms 138ms	Document text/html	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / PHP/5.3.3 Resource Hash `ab4b5c2a17cce3bd34d41e421c8da09b8f9a6469369fb31c08f575c6634f79fc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 3664 Content-Type text/html; charset=UTF-8 Date Wed, 12 Apr 2023 18:32:24 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache X-Powered-By PHP/5.3.3
GET H/1.1	200 OK	style.css exchangesync.fcasp.com/css/	6 KB 7 KB	348ms 115ms	Stylesheet text/css	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/css/style.css?v4 Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Mon, 23 Aug 2021 17:54:22 GMT Server Apache ETag "2401fa-1935-5ca3db502c0d8" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 6453
GET H/1.1	200 OK	jquery-1.7.2.min.js Show response exchangesync.fcasp.com/js/	93 KB 93 KB	353ms 118ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/js/jquery-1.7.2.min.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Thu, 28 Feb 2013 22:56:29 GMT Server Apache ETag "240a8f-17278-4d6d0cd19df36" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 94840
GET H/1.1	200 OK	swfobject.js Show response exchangesync.fcasp.com/swfobject/	10 KB 10 KB	354ms 118ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/swfobject/swfobject.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Thu, 28 Feb 2013 22:56:47 GMT Server Apache ETag "240aa3-27ec-4d6d0ce31920b" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 10220
GET H/1.1	200 OK	init.js Show response exchangesync.fcasp.com/js/	37 KB 37 KB	357ms 119ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/js/init.js?v=2.85 Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `d4fe75259bd6fa7624d8eee17ef7caf81ad15969e268241fd476a8ebf0d4a95d` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Tue, 20 Dec 2022 21:31:30 GMT Server Apache ETag "240226-925a-5f04928c46768" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 37466
GET H/1.1	200 OK	prettyPhoto.css exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/css/	19 KB 20 KB	350ms 117ms	Stylesheet text/css	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/css/prettyPhoto.css Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Fri, 28 Mar 2014 18:01:58 GMT Server Apache ETag "840499-4dce-4f5ae7f75a4c3" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 19918
GET H/1.1	200 OK	jquery.prettyPhoto.js Show response exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/js/	22 KB 22 KB	358ms 120ms	Script text/javascript	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Full URL https://exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/js/jquery.prettyPhoto.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Fri, 28 Mar 2014 18:02:03 GMT Server Apache ETag "84049f-562c-4f5ae7fc44db9" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 22060
GET H/1.1	200 OK	securimage_show.php exchangesync.fcasp.com/includes/securimage/	6 KB 7 KB	698ms 461ms	Image image/png	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Show image Full URL https://exchangesync.fcasp.com/includes/securimage/securimage_show.php?3dc914361ae2da303097e24c5edde8da Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / PHP/5.3.3 Resource Hash `863d171934bb39601fc7a2252a695ae8336d2824ec00153ab6058a93adb8591a` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Wed, 12 Apr 2023 18:32:25GMT Server Apache X-Powered-By PHP/5.3.3 Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 6556 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	refresh.png exchangesync.fcasp.com/includes/securimage/images/	5 KB 5 KB	356ms 118ms	Image image/png	98.109.114.143 UUNET
General Check archive.org Show headers Download Go to Show image Full URL https://exchangesync.fcasp.com/includes/securimage/images/refresh.png Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 98.109.114.143 Bergenfield, United States, ASN701 (UUNET, US), Reverse DNS static-98-109-114-143.nwrknj.fios.verizon.net Software Apache / Resource Hash `b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/sologin.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:25 GMT Last-Modified Tue, 13 Dec 2016 14:00:32 GMT Server Apache ETag "1740021-12e3-5438aa4be7121" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 4835
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	57 KB 18 KB	180ms 40ms	Script text/javascript	2600:9000:225e:2c00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: exchangesync.fcasp.com URL: https://exchangesync.fcasp.com/sologin.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `3ea77227b6346e5d45814a68f53cc47e948b9bcc890f84dab91583f567bda1a0` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers X-Amz-Version-Id t8nIDyz1ZEIeIyJq7klqu_Z2M8c8EFwE Content-Encoding gzip Via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) Date Wed, 12 Apr 2023 17:56:29 GMT Age 2158 X-Amz-Cf-Pop FRA60-P4 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Tue, 04 Apr 2023 14:25:58 GMT Server AmazonS3 Etag W/"16f10b1afd628b05d51fd113b057bc1c" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type text/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id iRFCABUrBRjFN9cITth93EP6bmTM1oQ4zOWrvL5O35Ca_akrDaYHEQ==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js https://s.adroll.com/j/exp/index.js	28 B 784 B	42ms 42ms	Script application/javascript	2600:9000:225e:2c00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Protocol HTTP/1.1 Server 2600:9000:225e:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers X-Amz-Version-Id KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP Date Wed, 12 Apr 2023 18:11:38 GMT Via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) Age 1249 X-Amz-Cf-Pop FRA60-P4 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28 Last-Modified Tue, 21 Mar 2023 16:39:30 GMT Server AmazonS3 Etag "5816cced8568d223aa09d889f300692b" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id lHa-Ss4UylCmYTIj0zXjC9iMWv-hNq1M2zkaza4a52RIyl4lt6IvgQ== Redirect headers Date Wed, 12 Apr 2023 18:32:26 GMT Via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) Server AmazonS3 X-Amz-Cf-Pop FRA60-P4 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/exp/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0 X-Cache Error from cloudfront X-Amz-Cf-Id 0qX_W9Y3g-_NsJmJltQ4V7rcCc6ysOzQK9RL7V8Ose5C7EWGA8pZfA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js https://s.adroll.com/j/pre/index.js	0 756 B	41ms 41ms	Script application/javascript	2600:9000:225e:2c00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Protocol HTTP/1.1 Server 2600:9000:225e:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Date Wed, 12 Apr 2023 08:19:43 GMT Via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) Age 36764 X-Amz-Cf-Pop FRA60-P4 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id RsI7z2OSa_F5YxafWJuV8BDNjmfZWaJCfKeHZ5K2g1KfpTb7ZHm8KA== Redirect headers Date Wed, 12 Apr 2023 18:32:26 GMT Via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) Server AmazonS3 X-Amz-Cf-Pop FRA60-P4 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/pre/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0 X-Cache Error from cloudfront X-Amz-Cf-Id 4zCzlxC7izc9uG2vVvXGA0f-Df0FD3ykGMD4spyFKtSjNAgQHKQziw==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/	0 776 B	713ms 632ms	Script text/javascript	2600:9000:225e:2c00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Wed, 12 Apr 2023 18:32:27 GMT X-Amz-Version-Id _UmGFBSWrwQYaLh9byOvxHyuGJ8d3dQB Via 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P4 X-Amz-Server-Side-Encryption AES256 X-Cache Miss from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 12 Apr 2023 11:39:24 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id ObO7ojMC8lgOJQp6zY-ILGAxuZDtG0Ay1PAX69vazrxr8AHzV4cXNw==
GET H2	200	SNWTKCP2HZFZFL37LBNTVV Show response d.adroll.com/consent/check/	463 B 556 B	600ms 190ms	Script application/javascript	2600:1f14:cc6:ea04:b778:4fbe:b841:4815 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/SNWTKCP2HZFZFL37LBNTVV?pv=21234944908.370636&arrfrr=https%3A%2F%2Fexchangesync.fcasp.com%2Fsologin.php&_s=d351c54a106cae1657479496c5ade090&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:cc6:ea04:b778:4fbe:b841:4815 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash `180fdb10498cb086b03525ce5bfa2ca2075191568d0c4d3ad88bde0477fc8942` Request headers accept-language de-DE,de;q=0.9 Referer https://exchangesync.fcasp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 18:32:26 GMT server nginx/1.22.1 content-length 463 content-type application/javascript

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| swfobject function| init function| fix_so_reference function| fix_owa_reference function| disableclick function| activity_upload_complete function| ex_payer_usernames function| check_for_duplicate_sync_settings function| silent_exchange_calendar_interface_save function| check_for_duplicate_sync_settings_first_run function| test_server function| test_server_creds function| preset_ezmail_folders function| ezmail_folders function| verify_signup_promo_code function| fetch_so_server_sets function| fetch_ex_contact_folders function| test_server_creds_alt function| test_server_creds_alt2 function| proxy_server_creds_alt function| test_server_creds_ex_alt function| test_user_server_creds_ex_alt function| no_interrupt boolean| pp_alreadyInitialized string| adroll_adv_id string| adroll_pix_id boolean| doresize object| scroll_pos object| jQuery17208892960721608874 boolean| hashtag boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			exchangesync.fcasp.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ctmmr44f76je5lpbj365ft4dm6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.adroll.com
exchangesync.fcasp.com
s.adroll.com
2600:1f14:cc6:ea04:b778:4fbe:b841:4815
2600:9000:225e:2c00:6:9280:1080:93a1
98.109.114.143
180fdb10498cb086b03525ce5bfa2ca2075191568d0c4d3ad88bde0477fc8942
3ea77227b6346e5d45814a68f53cc47e948b9bcc890f84dab91583f567bda1a0
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
863d171934bb39601fc7a2252a695ae8336d2824ec00153ab6058a93adb8591a
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959
ab4b5c2a17cce3bd34d41e421c8da09b8f9a6469369fb31c08f575c6634f79fc
b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d
b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0
d4fe75259bd6fa7624d8eee17ef7caf81ad15969e268241fd476a8ebf0d4a95d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52