urlscan.io logo urlscan.io
SecurityTrails logo

medersa-champs.org Open in urlscan Pro
68.171.212.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com
Effective URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064...
Submission Tags: 6118812
Submission: On July 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 68.171.212.28, located in Southfield, United States and belongs to ASACENET1 - ACENET, INC., US. The main domain is medersa-champs.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 16th 2019. Valid for: 3 months.
This is the only time medersa-champs.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 4 68.171.212.28 22878 (ASACENET1)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 52.85.181.129 16509 (AMAZON-02)
2 54.230.202.132 16509 (AMAZON-02)
1 2.18.232.23 16625 (AKAMAI-AS)
1 5 52.211.104.45 16509 (AMAZON-02)
1 54.230.202.24 16509 (AMAZON-02)
2 54.72.196.194 16509 (AMAZON-02)
25 10
4    68.171.212.28 (Southfield, United States)

ASN22878 (ASACENET1 - ACENET, INC., US)
PTR: algerie-hebergement.net
medersa-champs.org
5    2a02:26f0:6c00:288::1efd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
wwwimages2.adobe.com
1    2a02:26f0:6c00:19d::1efd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.adobe.com
5    52.85.181.129 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-181-129.fra50.r.cloudfront.net
static.adobelogin.com
2    54.230.202.132 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-132.fra50.r.cloudfront.net
client.messaging.adobe.com
1    2.18.232.23 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
assets.adobedtm.com
5    52.211.104.45 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-104-45.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.230.202.24 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-24.fra50.r.cloudfront.net
api.demandbase.com
2    54.72.196.194 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-196-194.eu-west-1.compute.amazonaws.com
sstats.adobe.com
Domain Requested by
5 dpm.demdex.net 1 redirects medersa-champs.org
assets.adobedtm.com
5 static.adobelogin.com medersa-champs.org
5 wwwimages2.adobe.com medersa-champs.org
wwwimages2.adobe.com
4 medersa-champs.org 2 redirects static.adobelogin.com
2 sstats.adobe.com assets.adobedtm.com
2 client.messaging.adobe.com medersa-champs.org
1 api.demandbase.com assets.adobedtm.com
1 assets.adobedtm.com www.adobe.com
1 www.adobe.com medersa-champs.org
0 use.typekit.net Failed medersa-champs.org
0 c.evidon.com Failed wwwimages2.adobe.com
25 11

This site contains links to these domains. Also see Links.

Domain
www.adobe.com
Subject Issuer Validity Valid
medersa-champs.org
Let's Encrypt Authority X3		 2019-05-16 -
2019-08-14		 3 months crt.sh
*.adobe.com
DigiCert SHA2 Secure Server CA		 2018-11-06 -
2020-02-05		 a year crt.sh
ims-na1.adobelogin.com
DigiCert SHA2 Secure Server CA		 2018-08-30 -
2020-08-28		 2 years crt.sh
*.messaging.adobe.com
DigiCert SHA2 Secure Server CA		 2018-06-27 -
2020-07-01		 2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-06-27 -
2021-07-01		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2018-09-20 -
2020-11-19		 2 years crt.sh
sstats.adobe.com
DigiCert SHA2 High Assurance Server CA		 2019-04-14 -
2020-07-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Frame ID: 69015B92D910457559AE906B3EF42320
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC015630306... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Page Statistics

25
Requests

92 %
HTTPS

22 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

298 kB
Transfer

1416 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hlwcne3sazqxxoq7qkp75ezk.php
medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/
Redirect Chain
  • https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com
  • https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/?login=Memberservices@legalshield.com
  • https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa...
34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.171.212.28 Southfield, United States, ASN22878 (ASACENET1 - ACENET, INC., US),
Reverse DNS
algerie-hebergement.net
Software
Apache /
Resource Hash
1adc9c2fb9f83cf7036d1a026daaadf2d471126dc3f8469eaa6c93e2dff6790b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
medersa-champs.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 15:10:43 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Content-Length
7800
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 13 Jul 2019 15:10:43 GMT
Server
Apache
Location
hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Strict-Transport-Security
max-age=31536000
Vary
User-Agent
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
privacy.min.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:288::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
72049b2d67fdb3fe32b68cca066ec4e0ade3a4838458e446391b46a3aa42ef15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 15:10:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=588, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
3672
main.min.js
www.adobe.com/marketingtech/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adobe.com/marketingtech/main.min.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:19d::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
a4aa7a64652371437c654f39fa8d81570e70a46345b73afc176c5d79f82c094f
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.adobe.com http://adobe.lookbookhq.com https://adobe.lookbookhq.com http://adobeenterprise.lookbookhq.com https://adobeenterprise.lookbookhq.com
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
x-content-type-options
nosniff
status
200
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
4948
last-modified
Fri, 28 Jun 2019 01:58:43 GMT
server
Apache
x-adobe-loc
ew1
date
Sat, 13 Jul 2019 15:10:43 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-security-policy
frame-ancestors *.adobe.com http://adobe.lookbookhq.com https://adobe.lookbookhq.com http://adobeenterprise.lookbookhq.com https://adobeenterprise.lookbookhq.com
accept-ranges
bytes
expires
Sat, 13 Jul 2019 21:10:43 GMT
light.css
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/light.css
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e859dd198f9db558da0e08f8c964e286767e822c8eb9712cc93473e8bd45e177

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 00:06:48 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:22 GMT
server
AmazonS3
age
3596643
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
bK9DcBgF0ntJlLPBNjg5lSlMZjJfmd0E
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
text/css
x-amz-cf-id
ggjlmvXhxvSvvAU_zBsIcUrBUhzA4l4sadQudm5-Q1vb-V6Ohh6-TQ==
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
spectrum_head.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_head.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
675713619205b2dea877c15f02aed5220881fc575ed66dddb1379eb21731bc7b

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 00:55:21 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:20 GMT
server
AmazonS3
age
3593730
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
WQHpjZTaFzlPn_bmH18GQ4qhnUi.wPjm
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
application/javascript
x-amz-cf-id
a5yHZYHtvHm5oJDz7VKrrotIgCQyXuE_KOlPAlfS0n5mQy60VMrANg==
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
spectrum_body.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_body.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc7bb89ca704eb9bcf1404f0d4180a73a444b30f735e2becff16e060db34188a

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 May 2019 12:52:00 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:22 GMT
server
AmazonS3
age
5797131
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
lUl4ShEzNTCIufk2gmJcYqAdtPuZxNuv
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
application/javascript
x-amz-cf-id
dCynJsfCsWn8D993b1OKV0Fa67wD3RToqZzyLbnQpUQiKiqCCOVAwg==
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
AdobeMessagingClient.css
client.messaging.adobe.com/latest/ 		44 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.messaging.adobe.com/latest/AdobeMessagingClient.css
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.132 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-132.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6df01675fda8e149b5b6451ac48ed8f251380d74fc15ceeeecc193457d1471bd

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 10:42:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 10:42:22 GMT
Server
AmazonS3
Age
16091
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 bd5652a800046ffa43683320c0e731b4.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50
Connection
keep-alive
X-Amz-Cf-Id
CTvwOl6Z86o5xNZHdPCqSx1YUQfmCpOXO1ZBvbwT7G7yIKpgR9W6Vg==
AdobeMessagingClient.js
client.messaging.adobe.com/latest/ 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.messaging.adobe.com/latest/AdobeMessagingClient.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.132 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-132.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e83c87f082e02dfd8f1acbda5500f0121f9dbc897348ffb3c76597a64235a65c

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 10:42:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 10:42:23 GMT
Server
AmazonS3
Age
16091
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bd5652a800046ffa43683320c0e731b4.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50
Connection
keep-alive
X-Amz-Cf-Id
DdC4cKffYMJ4w9G6awM_9euJ2faeWyoXm9J9p6BLsICtvJGD-r6Xuw==
spectrum_capsindicator.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_capsindicator.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 01:25:21 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:21 GMT
server
AmazonS3
age
4628730
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
paHCkUb2.rPXjkIOJZhy_UJByrepVw59
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
application/javascript
x-amz-cf-id
k0_uA9N_BGUN8Oh744KtdfuxNG7elBzbHlQlW4DGUSYEcHXaecFR0A==
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
evidon-sitenotice-tag.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:288::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
2ddb0a13e9ab56c98f38b55305cfd5bb2e123786224d05585969e09d86d3e6e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 15:10:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=636, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
11625
country.js
c.evidon.com/geo/ 		0
0
snthemes.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/ 		234 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/snthemes.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:288::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
ef59184a3de8be1988f073b4830b6ea92432742d54169cb25dc983a8b2ce8dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 15:10:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=818, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7866
settings.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/medersa-champs/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/medersa-champs/settings.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:288::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
launch-EN919758db9a654a17bac7d184b99c4820.min.js
assets.adobedtm.com/ 		580 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Requested by
Host: www.adobe.com
URL: https://www.adobe.com/marketingtech/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
36f7cb6c4fbc21768922ebedb540fdb950a21089bc51a18a7032afc593e83ad0

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 15:10:45 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 19:36:38 GMT
server
Apache
etag
"2960065850fe5eed4bad8b36785e81bb:1562873798"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jul 2019 16:10:45 GMT
en.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/translations/ 		159 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/translations/en.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/evidon-sitenotice-tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:288::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
6632ced592a3c1f8202599807565643aecea32421d9f13498c78665564c27a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 15:10:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=632, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7126
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.104.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-104-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913
X-TID
OLJ5xPy7SdM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://medersa-champs.org
X-TID
OLJ5xPy7SdM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ip.json
api.demandbase.com/api/v2/ 		455 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.demandbase.com/api/v2/ip.json?key=e4086fa3ea9d74ac2aae2719a0e5285dc7075d7b&rnd=2424&callback=Request_9511683
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-24.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4688fd11b34a869fb435eafd31d55192059c87eb0fc4ba1e0910502d6c210acc

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 15:10:47 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Request-ID
9cf55a8c-204d-45ac-831f-c1153e9939e2
X-Amz-Cf-Id
nI_7VCbiZOEyFfbRTritm3JlrKfezYYnFwBi8c3K7OOai6NznA1KxA==
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding, Origin
Content-Type
application/javascript;charset=utf-8
Via
1.1 aac86dd0bb06b97ef178f97d0c65ee5f.cloudfront.net (CloudFront)
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Api-Version
v2
Identification-Source
STANDARD
Expires
Fri, 12 Jul 2019 15:10:47 GMT
rd
dpm.demdex.net/id/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563030645913
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.104.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-104-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3b43acaf50440a63bc5a604b445b78b79435c561d8aabc65efadb69e634f1214

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v038-020759f54.edge-irl1.demdex.com 5.56.0.20190709092241 5ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
G07M11g+R4k=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1847
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
sstats.adobe.com/ 		90 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.adobe.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=43529497181185796554587084159688823794&ts=1563030646174
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.196.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-196-194.eu-west-1.compute.amazonaws.com
Software
Omniture DC /
Resource Hash
d3f8a430bf8dafd837346beef6da2d5cb5a4025b5500f8a3177b6772e339eec5

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 13 Jul 2019 15:10:47 GMT
Server
Omniture DC
xserver
www327
Vary
Origin
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://medersa-champs.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
90
id
dpm.demdex.net/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&d_mid=43529497181185796554587084159688823794&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012E94FA3B852E25DE-60002D490026C040&ts=1563030647433
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.104.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-104-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ae4026f402d038d4d83d2d8eaa291de90d743feb26bd4bf570d7f9c19d913f14

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v038-00cc96a7a.edge-irl1.demdex.com 5.56.0.20190709092241 8ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
Mkq9QOVUQiU=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1848
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
dpm.demdex.net/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&d_mid=43529497181185796554587084159688823794&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012E94FA3B852E25DE-60002D490026C040&d_cid_ic=mcid%0143529497181185796554587084159688823794&ts=1563030648958
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.104.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-104-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c6c09f68f552d4aa69fb331b4d30b3ecb356c3e689c5a450fc2288d7f8f04828

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v038-0d6b19c85.edge-irl1.demdex.com 5.56.0.20190709092241 9ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
tpAah+YPS5k=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1849
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sprite.svg
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/img/sprite.svg
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
306c19f28f895bff08ba4e7123afaca5048e6b24f3745a0a526bfc1c5789e94d

Request headers

Referer
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/light.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 00:59:20 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:24 GMT
server
AmazonS3
age
3939091
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Vce3DMn0E7acp53UQSgIr1Rqr7EPRa0C
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
image/svg+xml
x-amz-cf-id
xt1TQlwAkZvDmynCohrNtwnYDEd_2NwvygVmEZQK99AgT3ZPDJA6Ww==
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
hlx1mlm.js
use.typekit.net/ 		0
0
login_flow
medersa-champs.org/renga-idprovider/pages/ 		350 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medersa-champs.org/renga-idprovider/pages/login_flow
Requested by
Host: static.adobelogin.com
URL: https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_body.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.171.212.28 Southfield, United States, ASN22878 (ASACENET1 - ACENET, INC., US),
Reverse DNS
algerie-hebergement.net
Software
Apache /
Resource Hash
4ba3a0f07f589f1f033d6e35c30dd4d2661450f0d3ec426fcb9dd0d8e6969ee4

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sat, 13 Jul 2019 15:10:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
350
Content-Type
text/html; charset=iso-8859-1
s55810253445048
sstats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype/1/JS-2.8.0-L9UP/ 		43 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype/1/JS-2.8.0-L9UP/s55810253445048
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.196.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-196-194.eu-west-1.compute.amazonaws.com
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/hlwcne3sazqxxoq7qkp75ezk.php?D9HbC01563030643c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348c1237013c60387c064d1b679d8fa3348&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 13 Jul 2019 15:11:02 GMT
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sun, 14 Jul 2019 15:11:02 GMT
Server
Omniture DC
xserver
www210
ETag
"3356582788054515712-7123864729405658104"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Expires
Fri, 12 Jul 2019 15:11:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.evidon.com
URL
https://c.evidon.com/geo/country.js
Domain
use.typekit.net
URL
https://use.typekit.net/hlx1mlm.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| marketingtech object| evidon object| adobePrivacy function| DigitalData object| digitalData function| __satelliteLoadedCallback object| __satelliteLoadedPromise object| _satellite object| launchConfig boolean| __satelliteLoaded function| Visitor object| s_c_il number| s_c_in function| DemandbaseAPI number| s_objectID number| s_giq function| DIL function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media object| s_adobe object| s_adbadobenonacdc object| s function| handle string| special_day_char object| Modernizr function| scReport function| scJarvisReport function| scUserInteractionEvent function| getEnhancedDropdownParent function| KoreanPolicies object| Mailcheck function| $ function| jQuery object| _ function| getValidatorGroups object| components object| IMS object| jQuery1910029794202429078487 object| views boolean| thirdParty_allPagesTags boolean| thirdParty_pageLoadAdobeDotcom boolean| thirdParty_pageLoadAcrobatDotCom boolean| thirdParty_pageLoadMicroSites object| AdobeMessagingExperienceClient function| AdobeMessagingClient object| s_i_adbadobenonacdcprod_adbadobeprototype

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.demandbase.com
assets.adobedtm.com
c.evidon.com
client.messaging.adobe.com
dpm.demdex.net
medersa-champs.org
sstats.adobe.com
static.adobelogin.com
use.typekit.net
www.adobe.com
wwwimages2.adobe.com
c.evidon.com
use.typekit.net
2.18.232.23
2a02:26f0:6c00:19d::1efd
2a02:26f0:6c00:288::1efd
52.211.104.45
52.85.181.129
54.230.202.132
54.230.202.24
54.72.196.194
68.171.212.28
1adc9c2fb9f83cf7036d1a026daaadf2d471126dc3f8469eaa6c93e2dff6790b
2ddb0a13e9ab56c98f38b55305cfd5bb2e123786224d05585969e09d86d3e6e0
306c19f28f895bff08ba4e7123afaca5048e6b24f3745a0a526bfc1c5789e94d
36f7cb6c4fbc21768922ebedb540fdb950a21089bc51a18a7032afc593e83ad0
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca
3b43acaf50440a63bc5a604b445b78b79435c561d8aabc65efadb69e634f1214
4688fd11b34a869fb435eafd31d55192059c87eb0fc4ba1e0910502d6c210acc
4ba3a0f07f589f1f033d6e35c30dd4d2661450f0d3ec426fcb9dd0d8e6969ee4
6632ced592a3c1f8202599807565643aecea32421d9f13498c78665564c27a4a
675713619205b2dea877c15f02aed5220881fc575ed66dddb1379eb21731bc7b
6df01675fda8e149b5b6451ac48ed8f251380d74fc15ceeeecc193457d1471bd
72049b2d67fdb3fe32b68cca066ec4e0ade3a4838458e446391b46a3aa42ef15
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4aa7a64652371437c654f39fa8d81570e70a46345b73afc176c5d79f82c094f
ae4026f402d038d4d83d2d8eaa291de90d743feb26bd4bf570d7f9c19d913f14
c6c09f68f552d4aa69fb331b4d30b3ecb356c3e689c5a450fc2288d7f8f04828
d3f8a430bf8dafd837346beef6da2d5cb5a4025b5500f8a3177b6772e339eec5
dc7bb89ca704eb9bcf1404f0d4180a73a444b30f735e2becff16e060db34188a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83c87f082e02dfd8f1acbda5500f0121f9dbc897348ffb3c76597a64235a65c
e859dd198f9db558da0e08f8c964e286767e822c8eb9712cc93473e8bd45e177
ef59184a3de8be1988f073b4830b6ea92432742d54169cb25dc983a8b2ce8dc9