urlscan.io logo urlscan.io
SecurityTrails logo

medersa-champs.org Open in urlscan Pro
68.171.212.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com
Effective URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612...
Submission Tags: @ipnigh
Submission: On July 13 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 29 HTTP transactions. The main IP is 68.171.212.28, located in Southfield, United States and belongs to ASACENET1 - ACENET, INC., US. The main domain is medersa-champs.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 16th 2019. Valid for: 3 months.
This is the only time medersa-champs.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 4 68.171.212.28 22878 (ASACENET1)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 52.85.181.129 16509 (AMAZON-02)
2 54.230.202.132 16509 (AMAZON-02)
1 2.18.232.23 16625 (AKAMAI-AS)
1 4 52.213.106.142 16509 (AMAZON-02)
5 104.109.64.186 20940 (AKAMAI-ASN1)
2 54.72.196.194 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
29 11
4    68.171.212.28 (Southfield, United States)

ASN22878 (ASACENET1 - ACENET, INC., US)
PTR: algerie-hebergement.net
medersa-champs.org
5    2a02:26f0:6c00:29c::1efd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
wwwimages2.adobe.com
1    2a02:26f0:6c00:19d::1efd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.adobe.com
5    52.85.181.129 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-181-129.fra50.r.cloudfront.net
static.adobelogin.com
2    54.230.202.132 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-132.fra50.r.cloudfront.net
client.messaging.adobe.com
1    2.18.232.23 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com
assets.adobedtm.com
4    52.213.106.142 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-106-142.eu-west-1.compute.amazonaws.com
dpm.demdex.net
5    104.109.64.186 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-64-186.deploy.static.akamaitechnologies.com
use.typekit.net
2    54.72.196.194 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-196-194.eu-west-1.compute.amazonaws.com
sstats.adobe.com
1    2a02:26f0:6c00:196::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
p.typekit.net
Domain Requested by
5 use.typekit.net medersa-champs.org
use.typekit.net
5 static.adobelogin.com medersa-champs.org
5 wwwimages2.adobe.com medersa-champs.org
wwwimages2.adobe.com
4 dpm.demdex.net 1 redirects medersa-champs.org
assets.adobedtm.com
4 medersa-champs.org 2 redirects static.adobelogin.com
2 sstats.adobe.com assets.adobedtm.com
2 client.messaging.adobe.com medersa-champs.org
1 p.typekit.net use.typekit.net
1 assets.adobedtm.com www.adobe.com
1 www.adobe.com medersa-champs.org
0 api.demandbase.com Failed assets.adobedtm.com
0 c.evidon.com Failed wwwimages2.adobe.com
29 12

This site contains links to these domains. Also see Links.

Domain
www.adobe.com
Subject Issuer Validity Valid
medersa-champs.org
Let's Encrypt Authority X3		 2019-05-16 -
2019-08-14		 3 months crt.sh
*.adobe.com
DigiCert SHA2 Secure Server CA		 2018-11-06 -
2020-02-05		 a year crt.sh
ims-na1.adobelogin.com
DigiCert SHA2 Secure Server CA		 2018-08-30 -
2020-08-28		 2 years crt.sh
*.messaging.adobe.com
DigiCert SHA2 Secure Server CA		 2018-06-27 -
2020-07-01		 2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-06-27 -
2021-07-01		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2018-07-20 -
2020-01-03		 a year crt.sh
sstats.adobe.com
DigiCert SHA2 High Assurance Server CA		 2019-04-14 -
2020-07-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Frame ID: A62952052E24D2B8C1F7530915EA6AD3
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD15630350... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Page Statistics

29
Requests

93 %
HTTPS

30 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

907 kB
Transfer

2236 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/?login=Memberservices@legalshield.com HTTP 302
    https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vmpv2azta3bont9vvbxbe4wm.php
medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/
Redirect Chain
  • https://medersa-champs.org/unex/2/?login=Memberservices@legalshield.com
  • https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/?login=Memberservices@legalshield.com
  • https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede...
34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.171.212.28 Southfield, United States, ASN22878 (ASACENET1 - ACENET, INC., US),
Reverse DNS
algerie-hebergement.net
Software
Apache /
Resource Hash
1adc9c2fb9f83cf7036d1a026daaadf2d471126dc3f8469eaa6c93e2dff6790b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
medersa-champs.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 16:24:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Content-Length
7800
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 13 Jul 2019 16:24:00 GMT
Server
Apache
Location
vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Strict-Transport-Security
max-age=31536000
Vary
User-Agent
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
privacy.min.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29c::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
72049b2d67fdb3fe32b68cca066ec4e0ade3a4838458e446391b46a3aa42ef15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 16:24:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=248, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
3672
main.min.js
www.adobe.com/marketingtech/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adobe.com/marketingtech/main.min.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:19d::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
a4aa7a64652371437c654f39fa8d81570e70a46345b73afc176c5d79f82c094f
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.adobe.com http://adobe.lookbookhq.com https://adobe.lookbookhq.com http://adobeenterprise.lookbookhq.com https://adobeenterprise.lookbookhq.com
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
x-content-type-options
nosniff
status
200
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
4948
last-modified
Fri, 28 Jun 2019 01:58:43 GMT
server
Apache
x-adobe-loc
ew1
date
Sat, 13 Jul 2019 16:24:00 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-security-policy
frame-ancestors *.adobe.com http://adobe.lookbookhq.com https://adobe.lookbookhq.com http://adobeenterprise.lookbookhq.com https://adobeenterprise.lookbookhq.com
accept-ranges
bytes
expires
Sat, 13 Jul 2019 22:24:00 GMT
light.css
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/light.css
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e859dd198f9db558da0e08f8c964e286767e822c8eb9712cc93473e8bd45e177

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 00:06:48 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:22 GMT
server
AmazonS3
age
3601034
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
bK9DcBgF0ntJlLPBNjg5lSlMZjJfmd0E
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
text/css
x-amz-cf-id
bEKsVvJbMMtBxKE49-piyc298Cf-WwZsZHB12_SfAlgzTekkBCjF0g==
via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
spectrum_head.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_head.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
675713619205b2dea877c15f02aed5220881fc575ed66dddb1379eb21731bc7b

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 00:55:21 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:20 GMT
server
AmazonS3
age
3598121
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
WQHpjZTaFzlPn_bmH18GQ4qhnUi.wPjm
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
application/javascript
x-amz-cf-id
zCN917kYuh6GSIq35qR02igMYEISpMLXmtteMkPGL3UAY8JBi3IPpQ==
via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
spectrum_body.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_body.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc7bb89ca704eb9bcf1404f0d4180a73a444b30f735e2becff16e060db34188a

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 May 2019 12:52:00 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:22 GMT
server
AmazonS3
age
5801522
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
lUl4ShEzNTCIufk2gmJcYqAdtPuZxNuv
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
application/javascript
x-amz-cf-id
r54Mq8tS63qCc82fAOoUlgnNRdbdL1OsLKVNY9T187U9_bG8eDFNMA==
via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
AdobeMessagingClient.css
client.messaging.adobe.com/latest/ 		44 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.messaging.adobe.com/latest/AdobeMessagingClient.css
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.132 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-132.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6df01675fda8e149b5b6451ac48ed8f251380d74fc15ceeeecc193457d1471bd

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 10:42:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 10:42:22 GMT
Server
AmazonS3
Age
20489
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50
Connection
keep-alive
X-Amz-Cf-Id
5lammUG6a_wa9yuJTpCtxm46aPsxswd_GohPUctmHyTdR8tV8pmADw==
AdobeMessagingClient.js
client.messaging.adobe.com/latest/ 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.messaging.adobe.com/latest/AdobeMessagingClient.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.132 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-132.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e83c87f082e02dfd8f1acbda5500f0121f9dbc897348ffb3c76597a64235a65c

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 11 Jul 2019 10:42:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 10:42:23 GMT
Server
AmazonS3
Age
19008
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50
Connection
keep-alive
X-Amz-Cf-Id
q5k4dwbLUur6Iw1hF4hU6JdajsKsK-_V-kfV56t9EY41f1lZ-uxFfw==
spectrum_capsindicator.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_capsindicator.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 01:25:21 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:21 GMT
server
AmazonS3
age
4633121
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
paHCkUb2.rPXjkIOJZhy_UJByrepVw59
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
application/javascript
x-amz-cf-id
Kt_YeCoCylL9nNqxgHqHJhBUBUHxQq3W3Bl6gQ-1kJsieDco_7nPkQ==
via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
evidon-sitenotice-tag.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29c::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
2ddb0a13e9ab56c98f38b55305cfd5bb2e123786224d05585969e09d86d3e6e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 16:24:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=190, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
11625
country.js
c.evidon.com/geo/ 		0
0
snthemes.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/ 		234 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/snthemes.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29c::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
ef59184a3de8be1988f073b4830b6ea92432742d54169cb25dc983a8b2ce8dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 16:24:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=409, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7866
settings.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/medersa-champs/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/medersa-champs/settings.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29c::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
launch-EN919758db9a654a17bac7d184b99c4820.min.js
assets.adobedtm.com/ 		580 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Requested by
Host: www.adobe.com
URL: https://www.adobe.com/marketingtech/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
36f7cb6c4fbc21768922ebedb540fdb950a21089bc51a18a7032afc593e83ad0

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 16:24:03 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 19:36:38 GMT
server
Apache
etag
"2960065850fe5eed4bad8b36785e81bb:1562873798"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jul 2019 17:24:03 GMT
en.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/translations/ 		159 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/414/translations/en.js
Requested by
Host: wwwimages2.adobe.com
URL: https://wwwimages2.adobe.com/etc/beagle/public/globalnav/privacy-files/sitenotice/evidon-sitenotice-tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29c::1efd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
6632ced592a3c1f8202599807565643aecea32421d9f13498c78665564c27a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 16:24:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Adobe-Loc
ew1
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.adobe.com
Cache-Control
max-age=362, s-maxage=300
X-Adobe-Content
AEM-acom
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7126
sprite.svg
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/img/sprite.svg
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.181.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-181-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
306c19f28f895bff08ba4e7123afaca5048e6b24f3745a0a526bfc1c5789e94d

Request headers

Referer
https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/light.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 00:59:20 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 12:08:24 GMT
server
AmazonS3
age
3943482
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Vce3DMn0E7acp53UQSgIr1Rqr7EPRa0C
status
200
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50
content-type
image/svg+xml
x-amz-cf-id
FTQJW5fprcmGNQt4wP3q1zVxn39CXMlrMkNZKeA62ELPFhpsbgQG5A==
via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.106.142 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-106-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217
X-TID
gttCHAvtS5s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://medersa-champs.org
X-TID
gttCHAvtS5s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ip.json
api.demandbase.com/api/v2/ 		0
0
hlx1mlm.js
use.typekit.net/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/hlx1mlm.js
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80d144866406d7c42da5a6c1e0c745b9fee83c4ef5b9223c9b408b6d704529e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Sat, 13 Jul 2019 16:24:11 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
11967
login_flow
medersa-champs.org/renga-idprovider/pages/ 		350 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medersa-champs.org/renga-idprovider/pages/login_flow
Requested by
Host: static.adobelogin.com
URL: https://static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/spectrum_body.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.171.212.28 Southfield, United States, ASN22878 (ASACENET1 - ACENET, INC., US),
Reverse DNS
algerie-hebergement.net
Software
Apache /
Resource Hash
4ba3a0f07f589f1f033d6e35c30dd4d2661450f0d3ec426fcb9dd0d8e6969ee4

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sat, 13 Jul 2019 16:24:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
350
Content-Type
text/html; charset=iso-8859-1
rd
dpm.demdex.net/id/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1563035043217
Requested by
Host: medersa-champs.org
URL: https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.106.142 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-106-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f81eecde0700031eaf7f579c8aa396d3b07e47991d7fb3226b8314d02474f78b

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v038-0a2fddbbe.edge-irl1.demdex.com 5.56.0.20190709092241 5ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
53GW9vXwT3E=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1844
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
sstats.adobe.com/ 		90 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.adobe.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=69918887728832319501493061352075467286&ts=1563035050727
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.196.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-196-194.eu-west-1.compute.amazonaws.com
Software
Omniture DC /
Resource Hash
c48c3508e392f1fb27856575fd687d61401f737d072fcf331e68586ebbb2665c

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 13 Jul 2019 16:24:10 GMT
Server
Omniture DC
xserver
www327
Vary
Origin
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://medersa-champs.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
90
id
dpm.demdex.net/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&d_mid=69918887728832319501493061352075467286&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012E9502D5052E7C48-40000D49001C8A36&ts=1563035050915
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.106.142 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-106-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f11099fe0f0d89ab90e2b7cb174a057c836550316d624794ad5b7bee512cfb00

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v038-0a09fc27a.edge-irl1.demdex.com 5.56.0.20190709092241 6ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
Wukh8CxDQdk=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1844
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p.gif
p.typekit.net/ 		35 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.gif?s=1&k=hlx1mlm&ht=tk&h=medersa-champs.org&f=25552.25557.25692.25697&a=1164490&js=1.2.3&app=typekit&e=js&_=1563035051205
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlx1mlm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:196::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org

Response headers

Date
Sat, 13 Jul 2019 16:24:11 GMT
Last-Modified
Thu, 12 Jul 2018 18:17:46 GMT
Server
nginx
ETag
"5b479b4a-23"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Wed, 05 Dec 2018 15:10:09 GMT
m
use.typekit.net/af/9fd8c9/0000000000000000000177e7/27/ 		195 KB
150 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9fd8c9/0000000000000000000177e7/27/m?unicode=AAAKjwAAAAel-VUzlqznVoicU8BIumptCm_3S5rQcPcZ0BzpInnVqx5LL4b_zldDgbtQv2Z-ODwpDRciJo0DHPsbDgu29i9W2OR4ihINJPT1TQRGUSuR_pDdaUPM5ZhCF7tT6EPJyAD9dr3oLQ8nBTvZjihkG6ZdqNUV0lR4Xqg_8cLilApnoY-ozPjV5Hpf5m4ZzqmT8laJ5yy7dLdULD7uu3J6zdTZKRfajPf6JDcyl49166VfvD3R8Zi3OX2Uup-Ue90awlSy5Kryz4NEBDXiT9R4QAE3UJDuTXwKa5xPQL-Uy30Q9EuIsv0SuLJQjySxdQxzc86nxkSB-wOu9cfH0OObANs8gzNO1v8_GJr4z8q5LF_6nAP1UxvwOxQOH_p5TAJtOLsH_aSe1BsYnxbJ5zKHBXhFp5u2W_PJkDadY85nVtb29DRQzqjjxkvqBuduQ_NadGQAAHL7&features=NONE&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlx1mlm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
312411ef9e9b12af86bdda826ed973339a3034849227d1b8cfb6979f82a37586

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org

Response headers

date
Sat, 13 Jul 2019 16:24:11 GMT
content-encoding
gzip
server
nginx
status
200
etag
W/"8c5deb7dc5299b06bb6168970c71aec4cae07754"
vary
Accept-Encoding
content-type
font/opentype
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
m
use.typekit.net/af/1e5f35/0000000000000000000177ec/27/ 		195 KB
149 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1e5f35/0000000000000000000177ec/27/m?unicode=AAAKjwAAAAel-VUzlqznVoicU8BIumptCm_3S5rQcPcZ0BzpInnVqx5LL4b_zldDgbtQv2Z-ODwpDRciJo0DHPsbDgu29i9W2OR4ihINJPT1TQRGUSuR_pDdaUPM5ZhCF7tT6EPJyAD9dr3oLQ8nBTvZjihkG6ZdqNUV0lR4Xqg_8cLilApnoY-ozPjV5Hpf5m4ZzqmT8laJ5yy7dLdULD7uu3J6zdTZKRfajPf6JDcyl49166VfvD3R8Zi3OX2Uup-Ue90awlSy5Kryz4NEBDXiT9R4QAE3UJDuTXwKa5xPQL-Uy30Q9EuIsv0SuLJQjySxdQxzc86nxkSB-wOu9cfH0OObANs8gzNO1v8_GJr4z8q5LF_6nAP1UxvwOxQOH_p5TAJtOLsH_aSe1BsYnxbJ5zKHBXhFp5u2W_PJkDadY85nVtb29DRQzqjjxkvqBuduQ_NadGQAAHL7&features=NONE&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlx1mlm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
88e59f673679c6819b4987fdbec6cf4307f5cd753ca9e616b4df279408735644

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org

Response headers

date
Sat, 13 Jul 2019 16:24:11 GMT
content-encoding
gzip
server
nginx
status
200
etag
W/"a7f13d20ccac58bfea749688fad9aa3b6af82f36"
vary
Accept-Encoding
content-type
font/opentype
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
m
use.typekit.net/af/078880/0000000000000000000177ee/27/ 		201 KB
151 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/078880/0000000000000000000177ee/27/m?unicode=AAAKjwAAAAel-VUzlqznVoicU8BIumptCm_3S5rQcPcZ0BzpInnVqx5LL4b_zldDgbtQv2Z-ODwpDRciJo0DHPsbDgu29i9W2OR4ihINJPT1TQRGUSuR_pDdaUPM5ZhCF7tT6EPJyAD9dr3oLQ8nBTvZjihkG6ZdqNUV0lR4Xqg_8cLilApnoY-ozPjV5Hpf5m4ZzqmT8laJ5yy7dLdULD7uu3J6zdTZKRfajPf6JDcyl49166VfvD3R8Zi3OX2Uup-Ue90awlSy5Kryz4NEBDXiT9R4QAE3UJDuTXwKa5xPQL-Uy30Q9EuIsv0SuLJQjySxdQxzc86nxkSB-wOu9cfH0OObANs8gzNO1v8_GJr4z8q5LF_6nAP1UxvwOxQOH_p5TAJtOLsH_aSe1BsYnxbJ5zKHBXhFp5u2W_PJkDadY85nVtb29DRQzqjjxkvqBuduQ_NadGQAAHL7&features=NONE&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlx1mlm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
edeb74415aff966b73b68b3a230541331a08083bdc087f893577dfcd53155ccd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org

Response headers

date
Sat, 13 Jul 2019 16:24:11 GMT
content-encoding
gzip
server
nginx
status
200
etag
W/"9275a07008020217b471c9bdd2eb538619dc9485"
vary
Accept-Encoding
content-type
font/opentype
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
m
use.typekit.net/af/5acd1b/0000000000000000000177f3/27/ 		201 KB
150 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5acd1b/0000000000000000000177f3/27/m?unicode=AAAKjwAAAAel-VUzlqznVoicU8BIumptCm_3S5rQcPcZ0BzpInnVqx5LL4b_zldDgbtQv2Z-ODwpDRciJo0DHPsbDgu29i9W2OR4ihINJPT1TQRGUSuR_pDdaUPM5ZhCF7tT6EPJyAD9dr3oLQ8nBTvZjihkG6ZdqNUV0lR4Xqg_8cLilApnoY-ozPjV5Hpf5m4ZzqmT8laJ5yy7dLdULD7uu3J6zdTZKRfajPf6JDcyl49166VfvD3R8Zi3OX2Uup-Ue90awlSy5Kryz4NEBDXiT9R4QAE3UJDuTXwKa5xPQL-Uy30Q9EuIsv0SuLJQjySxdQxzc86nxkSB-wOu9cfH0OObANs8gzNO1v8_GJr4z8q5LF_6nAP1UxvwOxQOH_p5TAJtOLsH_aSe1BsYnxbJ5zKHBXhFp5u2W_PJkDadY85nVtb29DRQzqjjxkvqBuduQ_NadGQAAHL7&features=NONE&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlx1mlm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
615441e7d21a22edeb876a6e953cb62d564b7fee3e4c0b16a273cd452ae3337e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org

Response headers

date
Sat, 13 Jul 2019 16:24:11 GMT
content-encoding
gzip
server
nginx
status
200
etag
W/"774ad08c0e8ae29e7c9e74e159caed60d348cecd"
vary
Accept-Encoding
content-type
font/opentype
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
s51076835885995
sstats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype/1/JS-2.8.0-L9UP/ 		43 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype/1/JS-2.8.0-L9UP/s51076835885995
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.196.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-196-194.eu-west-1.compute.amazonaws.com
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
https://medersa-champs.org/Glendale/Adobe/Adobe_CN/Adobe_CN/vmpv2azta3bont9vvbxbe4wm.php?436beD156303504037186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de337186f394ea5c42612a358c1aede5de3&login=Memberservices@legalshield.com
Origin
https://medersa-champs.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 13 Jul 2019 16:24:13 GMT
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sun, 14 Jul 2019 16:24:13 GMT
Server
Omniture DC
xserver
www210
ETag
"3356592217655214080-7123688807545564010"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
https://medersa-champs.org
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Expires
Fri, 12 Jul 2019 16:24:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.evidon.com
URL
https://c.evidon.com/geo/country.js
Domain
api.demandbase.com
URL
https://api.demandbase.com/api/v2/ip.json?key=e4086fa3ea9d74ac2aae2719a0e5285dc7075d7b&rnd=7499&callback=Request_2193347

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| marketingtech object| evidon object| adobePrivacy function| DigitalData object| digitalData function| __satelliteLoadedCallback object| __satelliteLoadedPromise object| _satellite object| launchConfig string| special_day_char object| Modernizr function| scReport function| scJarvisReport function| scUserInteractionEvent function| getEnhancedDropdownParent function| KoreanPolicies object| Mailcheck function| $ function| jQuery object| _ function| getValidatorGroups object| components object| IMS boolean| __satelliteLoaded function| Visitor object| s_c_il number| s_c_in function| DemandbaseAPI boolean| thirdParty_allPagesTags boolean| thirdParty_pageLoadAdobeDotcom boolean| thirdParty_pageLoadAcrobatDotCom boolean| thirdParty_pageLoadMicroSites number| s_objectID number| s_giq function| DIL function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media object| s_adobe object| s_adbadobenonacdc object| s function| Request_2193347 function| handle object| jQuery19102017112722221499 object| views object| AdobeMessagingExperienceClient function| AdobeMessagingClient object| Typekit object| s_i_adbadobenonacdcprod_adbadobeprototype

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.demandbase.com
assets.adobedtm.com
c.evidon.com
client.messaging.adobe.com
dpm.demdex.net
medersa-champs.org
p.typekit.net
sstats.adobe.com
static.adobelogin.com
use.typekit.net
www.adobe.com
wwwimages2.adobe.com
api.demandbase.com
c.evidon.com
104.109.64.186
2.18.232.23
2a02:26f0:6c00:196::19fd
2a02:26f0:6c00:19d::1efd
2a02:26f0:6c00:29c::1efd
52.213.106.142
52.85.181.129
54.230.202.132
54.72.196.194
68.171.212.28
1adc9c2fb9f83cf7036d1a026daaadf2d471126dc3f8469eaa6c93e2dff6790b
2ddb0a13e9ab56c98f38b55305cfd5bb2e123786224d05585969e09d86d3e6e0
306c19f28f895bff08ba4e7123afaca5048e6b24f3745a0a526bfc1c5789e94d
312411ef9e9b12af86bdda826ed973339a3034849227d1b8cfb6979f82a37586
36f7cb6c4fbc21768922ebedb540fdb950a21089bc51a18a7032afc593e83ad0
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca
4ba3a0f07f589f1f033d6e35c30dd4d2661450f0d3ec426fcb9dd0d8e6969ee4
615441e7d21a22edeb876a6e953cb62d564b7fee3e4c0b16a273cd452ae3337e
6632ced592a3c1f8202599807565643aecea32421d9f13498c78665564c27a4a
675713619205b2dea877c15f02aed5220881fc575ed66dddb1379eb21731bc7b
6df01675fda8e149b5b6451ac48ed8f251380d74fc15ceeeecc193457d1471bd
72049b2d67fdb3fe32b68cca066ec4e0ade3a4838458e446391b46a3aa42ef15
80d144866406d7c42da5a6c1e0c745b9fee83c4ef5b9223c9b408b6d704529e9
88e59f673679c6819b4987fdbec6cf4307f5cd753ca9e616b4df279408735644
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4aa7a64652371437c654f39fa8d81570e70a46345b73afc176c5d79f82c094f
c48c3508e392f1fb27856575fd687d61401f737d072fcf331e68586ebbb2665c
dc7bb89ca704eb9bcf1404f0d4180a73a444b30f735e2becff16e060db34188a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83c87f082e02dfd8f1acbda5500f0121f9dbc897348ffb3c76597a64235a65c
e859dd198f9db558da0e08f8c964e286767e822c8eb9712cc93473e8bd45e177
edeb74415aff966b73b68b3a230541331a08083bdc087f893577dfcd53155ccd
ef59184a3de8be1988f073b4830b6ea92432742d54169cb25dc983a8b2ce8dc9
f11099fe0f0d89ab90e2b7cb174a057c836550316d624794ad5b7bee512cfb00
f81eecde0700031eaf7f579c8aa396d3b07e47991d7fb3226b8314d02474f78b