visa-mid-prod1-m.adobe-campaign.com Open in urlscan Pro
44.233.131.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a306&e=cDE9JTQwcWNYMUdPVnYyJTJCelR4M1hpV25uRHF3OG4lMkZzTEYxUmQ0QnNMNk1...
Effective URL:
https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D
Submission: On November 18 via manual (November 18th 2022, 3:22:19 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 44.233.131.176, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is visa-mid-prod1-m.adobe-campaign.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 18th 2022. Valid for: a year.

This is the only time visa-mid-prod1-m.adobe-campaign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	54.212.243.99 54.212.243.99	16509 (AMAZON-02) (AMAZON-02)
1	44.233.131.176 44.233.131.176	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
7	104.18.11.106 104.18.11.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	4

2 54.212.243.99 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-243-99.us-west-2.compute.amazonaws.com

visa-mid-prod1.campaign.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.131.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-131-176.us-west-2.compute.amazonaws.com

visa-mid-prod1-m.adobe-campaign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.11.106 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

resource.message.card.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	visa.com resource.message.card.visa.com	99 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
2	adobe.com 1 redirects visa-mid-prod1.campaign.adobe.com	971 B
1	adobe-campaign.com visa-mid-prod1-m.adobe-campaign.com	5 KB
11	4

	Domain	Requested by
7	resource.message.card.visa.com	visa-mid-prod1-m.adobe-campaign.com
2	fonts.googleapis.com	visa-mid-prod1-m.adobe-campaign.com
2	visa-mid-prod1.campaign.adobe.com	1 redirects visa-mid-prod1-m.adobe-campaign.com
1	visa-mid-prod1-m.adobe-campaign.com
11	4

This site contains links to these domains. Also see Links.

Domain
visa-mid-prod1.campaign.adobe.com

Subject Issuer	Validity	Valid
*.adobe-campaign.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-18` - `2023-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
resource.message.card.visa.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.campaign.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-20` - `2023-08-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D
Frame ID: 11AEAE09DEC685F40D562AA82F6DD5EB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FireFighters First Activation Welcome Consumer Debit - 11378

Page URL History Show full URLs

http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a306&e=cDE9JTQwcWNYMUdPVnYyJTJCelR4M1hpV25uRHF3OG4... HTTP 302
https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

106 kB
Transfer

135 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a306&e=cDE9JTQwbmIxMUVaSm5kaUJzdDdKS1NZNzNhYmlabk1mN1JUcWNOZzhFMVdKJTJCYU1ZJTNE&s=3yEyVAiQdp7dVVMkHp6Fkj7H5dFlyKPNwf0lveytHmA
Title: Click Here

Search URL Search Domain Scan URL

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a307

Search URL Search Domain Scan URL

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a308
Title: firefightersfirstcu.org

Search URL Search Domain Scan URL

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a309
Title: Home

Search URL Search Domain Scan URL

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a30a
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a30b
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a30c&e=cDE9MTAwMDQ1MzA&s=aK874tPwo8nbPgTF_Wyp6ph2Nyggr7uIX6gw6ktjUdM
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a306&e=cDE9JTQwcWNYMUdPVnYyJTJCelR4M1hpV25uRHF3OG4lMkZzTEYxUmQ0QnNMNk1LeTJxb0klM0Q&s=b0aMM2kHQKhAnMo395031aK8oMy4vsgJ88fxqgJqQB8 HTTP 302
https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request m.jsp Show response
visa-mid-prod1-m.adobe-campaign.com/nl/jsp/
Redirect Chain

http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,334a306&e=cDE9JTQwcWNYMUdPVnYyJTJCelR4M1hpV25uRHF3OG4lMkZzTEYxUmQ0QnNMNk1LeTJxb0klM0Q&s=b0aMM2kHQKhAnMo395031aK8oMy4vsgJ88fxqgJqQB8
https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

28 KB
5 KB

989ms
334ms

Document
text/html

44.233.131.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.131.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-131-176.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

57698add00d5f9dd149f15e093d1fadd4cfe992dffe8706d884fa21cada00d2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4992
Content-Security-Policy: script-src 'none'
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Nov 2022 15:22:14 GMT
Server: Apache
Vary: Accept-Encoding
X-Robots-Tag: noindex
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: close
Content-Type: text/plain; charset=utf-8
Content-length: 17
Date: Fri, 18 Nov 2022 15:22:13 GMT
Location: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D
P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server: Apache
X-Robots-Tag: noindex

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 77ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:200,400,700

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac89d7e4b7c14d902ef5f62dd07f8d1ff2db26b27eccecceb573b6961f9958b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 15:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:22:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 15:22:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
717 B 78ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,400,700

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 15:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:22:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 15:22:14 GMT

GET
H2 200 logo.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/firefighters-first-cu/ 15 KB
15 KB 295ms
214ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/firefighters-first-cu/logo.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3440fca1ff4e9514526f073d498960a6aa099abbcf3a145874d90249f7c2815c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:14 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 15242
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Jul 2021 12:26:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522abb696f-FRA
expires: Fri, 18 Nov 2022 19:22:14 GMT

GET
H2 200 RedDebitCard_Generic.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/firefighters-first-cu/ 64 KB
64 KB 312ms
231ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/firefighters-first-cu/RedDebitCard_Generic.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0287e500bd2018a8dde674a96f8fae54714ac5f0ad6b18551ca5ade162b0ed0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:14 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 65420
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Jul 2021 12:31:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522abd696f-FRA
expires: Fri, 18 Nov 2022 19:22:14 GMT

GET
H2 200 icon-activate-card.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/ 2 KB
2 KB 300ms
219ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/icon-activate-card.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77657508e2167b424c2b9a17b95d12e44246939f9fbed27b0c60d6bbe2d19f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:14 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 2051
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Mar 2021 03:27:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522abe696f-FRA
expires: Fri, 18 Nov 2022 19:22:14 GMT

GET
H2 200 dotted_line.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/ 4 KB
4 KB 517ms
436ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/dotted_line.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f311525ec1305d6bad801ce01c1dbc480a78c2bda8ef0eff80208ea8e3c3eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:15 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 4319
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Mar 2021 03:27:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522ac2696f-FRA
expires: Fri, 18 Nov 2022 19:22:15 GMT

GET
H2 200 icon-pay2.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/ 6 KB
6 KB 570ms
490ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/icon-pay2.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452f30f7a8712e623fdd8bac16df3d134b20f8773450f0db08d52f134470ac01

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:15 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 5832
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Mar 2021 03:27:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522abf696f-FRA
expires: Fri, 18 Nov 2022 19:22:15 GMT

GET
H2 200 dotted_line_reversed.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/ 4 KB
5 KB 303ms
223ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/dotted_line_reversed.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8000fe13a93b30a076df7d0afa0b64480057e9a0cda468fc4f1a61a9fcfdcfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:14 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 4526
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Mar 2021 03:27:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522ac1696f-FRA
expires: Fri, 18 Nov 2022 19:22:14 GMT

GET
H2 200 icon-purchase.png
resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/ 3 KB
3 KB 461ms
459ms Image
image/png 104.18.11.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resource.message.card.visa.com/content/dam/vcmp/vcs/banks/general/rapp/modern-2020/icon-purchase.png

Requested by

Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.11.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc00abb91ca24d9cf896c6c962ebf8716c010c9edf6dbbefc4566d34b2e4c6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'; object-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:22:15 GMT
content-security-policy: script-src 'self'; object-src 'self'
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: attachment
content-length: 3075
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Mar 2021 03:27:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76c1b3522ab8696f-FRA
expires: Fri, 18 Nov 2022 19:22:15 GMT

GET
H/1.1 200
OK /
visa-mid-prod1.campaign.adobe.com/r/ 44 B
283 B 559ms
185ms Image
image/gif 54.212.243.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,1
Requested by: Host: visa-mid-prod1-m.adobe-campaign.com
URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.212.243.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-212-243-99.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 2e09cc2e7dde2d5636fe0bed0d424e497967fbcbfbc380ff278d856b068abf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visa-mid-prod1-m.adobe-campaign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Nov 2022 15:22:15 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=100
Content-length: 44

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adobe.com/	1970-01-20 17:09:04	Name: AMCV_DA5A75E95BF53B340A495C73%40AdobeOrg Value: MCMID%7C13147696162154741750070931694131085311
.adobe.com/	1969-12-31 23:59:59	Name: nlid Value: 5d2b5e7\|4dfd42c
.adobe.com/	1970-01-20 17:09:04	Name: nllastdelid Value: 4dfd42c
.resource.message.card.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: a764dc3c153d2017132e8fbdd0cc8142363f2cda-1668784935

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D Message: Mixed Content: The page at 'https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D' was loaded over HTTPS, but requested an insecure element 'http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D(Line 498) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-EHyOnMkEOB8pNSL3baDzuqKTbGusqfCCk0DtZlLVpKs='), or a nonce ('nonce-...') is required to enable inline execution.
security	warning	URL: https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D Message: Mixed Content: The page at 'https://visa-mid-prod1-m.adobe-campaign.com/nl/jsp/m.jsp?c=%40qcX1GOVv2%2BzTx3XiWnnDqw8n%2FsLF1Rd4BsL6MKy2qoI%3D' was loaded over HTTPS, but requested an insecure element 'http://visa-mid-prod1.campaign.adobe.com/r/?id=h5d2b5e7,4dfd42c,1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'none'
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
resource.message.card.visa.com
visa-mid-prod1-m.adobe-campaign.com
visa-mid-prod1.campaign.adobe.com
104.18.11.106
2a00:1450:4001:806::200a
44.233.131.176
54.212.243.99
2e09cc2e7dde2d5636fe0bed0d424e497967fbcbfbc380ff278d856b068abf5f
3440fca1ff4e9514526f073d498960a6aa099abbcf3a145874d90249f7c2815c
452f30f7a8712e623fdd8bac16df3d134b20f8773450f0db08d52f134470ac01
57698add00d5f9dd149f15e093d1fadd4cfe992dffe8706d884fa21cada00d2b
5cc00abb91ca24d9cf896c6c962ebf8716c010c9edf6dbbefc4566d34b2e4c6a
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
ac89d7e4b7c14d902ef5f62dd07f8d1ff2db26b27eccecceb573b6961f9958b3
b0287e500bd2018a8dde674a96f8fae54714ac5f0ad6b18551ca5ade162b0ed0
b8f311525ec1305d6bad801ce01c1dbc480a78c2bda8ef0eff80208ea8e3c3eb
d77657508e2167b424c2b9a17b95d12e44246939f9fbed27b0c60d6bbe2d19f8
f8000fe13a93b30a076df7d0afa0b64480057e9a0cda468fc4f1a61a9fcfdcfd

visa-mid-prod1-m.adobe-campaign.com Open in urlscan Pro 44.233.131.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

106 kBTransfer

135 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

3 Console Messages

Security Headers

Indicators

visa-mid-prod1-m.adobe-campaign.com Open in urlscan Pro
44.233.131.176 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

106 kB
Transfer

135 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions