exchangesync.fcasp.com
Open in
urlscan Pro
98.109.114.143
Public Scan
Submission: On April 12 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 5th 2022. Valid for: a year.
This is the only time exchangesync.fcasp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 98.109.114.143 98.109.114.143 | 701 (UUNET) (UUNET) | |
2 6 | 2600:9000:225... 2600:9000:225e:2c00:6:9280:1080:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:1f14:cc6... 2600:1f14:cc6:ea04:b778:4fbe:b841:4815 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 3 |
ASN701 (UUNET, US)
PTR: static-98-109-114-143.nwrknj.fios.verizon.net
exchangesync.fcasp.com |
ASN16509 (AMAZON-02, US)
d.adroll.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
fcasp.com
exchangesync.fcasp.com |
204 KB |
7 |
adroll.com
2 redirects
s.adroll.com — Cisco Umbrella Rank: 2665 d.adroll.com — Cisco Umbrella Rank: 1345 |
22 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
9 | exchangesync.fcasp.com |
exchangesync.fcasp.com
|
6 | s.adroll.com |
2 redirects
exchangesync.fcasp.com
s.adroll.com |
1 | d.adroll.com |
s.adroll.com
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.fcasp.com Go Daddy Secure Certificate Authority - G2 |
2022-12-05 - 2023-12-19 |
a year | crt.sh |
s.adroll.com Amazon RSA 2048 M02 |
2023-02-24 - 2023-08-01 |
5 months | crt.sh |
d.adroll.com Amazon RSA 2048 M02 |
2022-11-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://exchangesync.fcasp.com/sologin.php
Frame ID: 1B66380AA5C829A3496E0821C2A76F91
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
FCI Cyber - SmartOffice Integration PortalDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
AdRoll (Advertising Networks) Expand
Detected patterns
- (?:a|s)\.adroll\.com
SWFObject (Miscellaneous) Expand
Detected patterns
- swfobject.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
prettyPhoto (JavaScript Libraries) Expand
Detected patterns
- (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
- jquery\.prettyPhoto\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://s.adroll.com/j/exp/SNWTKCP2HZFZFL37LBNTVV/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
sologin.php
exchangesync.fcasp.com/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
exchangesync.fcasp.com/css/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.2.min.js
exchangesync.fcasp.com/js/ |
93 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
exchangesync.fcasp.com/swfobject/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
init.js
exchangesync.fcasp.com/js/ |
37 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prettyPhoto.css
exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/css/ |
19 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.prettyPhoto.js
exchangesync.fcasp.com/prettyPhoto_compressed_3.1.5/js/ |
22 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
securimage_show.php
exchangesync.fcasp.com/includes/securimage/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
refresh.png
exchangesync.fcasp.com/includes/securimage/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
57 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 784 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 756 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/SNWTKCP2HZFZFL37LBNTVV/7I6FKV542RCRBATVNZDSAY/ |
0 776 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SNWTKCP2HZFZFL37LBNTVV
d.adroll.com/consent/check/ |
463 B 556 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| swfobject function| init function| fix_so_reference function| fix_owa_reference function| disableclick function| activity_upload_complete function| ex_payer_usernames function| check_for_duplicate_sync_settings function| silent_exchange_calendar_interface_save function| check_for_duplicate_sync_settings_first_run function| test_server function| test_server_creds function| preset_ezmail_folders function| ezmail_folders function| verify_signup_promo_code function| fetch_so_server_sets function| fetch_ex_contact_folders function| test_server_creds_alt function| test_server_creds_alt2 function| proxy_server_creds_alt function| test_server_creds_ex_alt function| test_user_server_creds_ex_alt function| no_interrupt boolean| pp_alreadyInitialized string| adroll_adv_id string| adroll_pix_id boolean| doresize object| scroll_pos object| jQuery17208892960721608874 boolean| hashtag boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
exchangesync.fcasp.com/ | Name: PHPSESSID Value: ctmmr44f76je5lpbj365ft4dm6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d.adroll.com
exchangesync.fcasp.com
s.adroll.com
2600:1f14:cc6:ea04:b778:4fbe:b841:4815
2600:9000:225e:2c00:6:9280:1080:93a1
98.109.114.143
180fdb10498cb086b03525ce5bfa2ca2075191568d0c4d3ad88bde0477fc8942
3ea77227b6346e5d45814a68f53cc47e948b9bcc890f84dab91583f567bda1a0
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6
863d171934bb39601fc7a2252a695ae8336d2824ec00153ab6058a93adb8591a
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
998c5494a209ff71869cd26cc5a4c8dbde22e9a87cbafabf64c2ee8f7acd4959
ab4b5c2a17cce3bd34d41e421c8da09b8f9a6469369fb31c08f575c6634f79fc
b0961386f2d1bee85609436e7db3f1bf0b4469ad6498c4f7d851adc7833cf99d
b8f5e5662f5e81cb0012b0a1614e9409f6a8e0d9303f78412f2aaa02704be3c0
d4fe75259bd6fa7624d8eee17ef7caf81ad15969e268241fd476a8ebf0d4a95d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52