urlscan.io logo urlscan.io
SecurityTrails logo

app.tulsahurricane.com Open in urlscan Pro
147.154.40.164  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652...
Submission: On February 15 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 147.154.40.164, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is app.tulsahurricane.com.
TLS certificate: Issued by R3 on January 7th 2023. Valid for: 3 months.
This is the only time app.tulsahurricane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 147.154.40.164 31898 (ORACLE-BM...)
2 104.87.141.229 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 147.154.45.222 31898 (ORACLE-BM...)
5 4
Apex Domain
Subdomains		 Transfer
2 eloqua.com
s2838906.t.eloqua.com
997 B
2 en25.com
img03.en25.com — Cisco Umbrella Rank: 17354
39 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
6 KB
1 tulsahurricane.com
app.tulsahurricane.com
11 KB
5 4
Domain Requested by
2 s2838906.t.eloqua.com 1 redirects app.tulsahurricane.com
2 img03.en25.com app.tulsahurricane.com
1 cdnjs.cloudflare.com app.tulsahurricane.com
1 app.tulsahurricane.com
5 4

This site contains no links.

Subject Issuer Validity Valid
t.tulsahurricane.com
R3		 2023-01-07 -
2023-04-07		 3 months crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-17 -
2023-07-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elq=526aa4c89055437ab46ff752383366cd&elqaid=293&elqat=1&elqCampaignId=175
Frame ID: E646CB4A8D1B38803672C8F504E4F7FC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Update your preferences!

Page Statistics

5
Requests

80 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

57 kB
Transfer

122 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://s2838906.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=2838906&PURLSiteID=3&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=9&PURLRecordID=0&PURLGUID=A63C7F3A32374943B88F2D90EB0082FD&UseRelativePath=True&elq={526AA4C8-9055-437A-B46F-F752383366CD}&firstPartyCookieDomain=t.tulsahurricane.com&elqGUID=a63c7f3a-3237-4943-b88f-2d90eb0082fd&elq_ck=0&utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elqaid=293&elqat=1&elqCampaignId=175 HTTP 302
  • https://s2838906.t.eloqua.com/eloquaimages/tinydot.gif

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request preferences
app.tulsahurricane.com/ 		53 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elq=526aa4c89055437ab46ff752383366cd&elqaid=293&elqat=1&elqCampaignId=175
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.154.40.164 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
c51a49975795ba51d62415a2e9ac7c46588212366191d46910f15a1d46917700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Content-Encoding
gzip
Content-Length
11144
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Feb 2023 20:25:42 GMT
Expires
-1
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-Xss-Protection
1; mode=block
%7Bad4cab67-46c5-4b0e-9033-42a51c086005%7D_logo.png
img03.en25.com/EloquaImages/clients/PACtulsa/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/PACtulsa/%7Bad4cab67-46c5-4b0e-9033-42a51c086005%7D_logo.png
Requested by
Host: app.tulsahurricane.com
URL: https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elq=526aa4c89055437ab46ff752383366cd&elqaid=293&elqat=1&elqCampaignId=175
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.141.229 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-141-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9be8eb4066ca4b0d8a0f3111e73ede596a3c1ea0b673805a7d3ed4b2b16a48b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.tulsahurricane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Wed, 15 Feb 2023 20:25:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Oct 2021 18:51:40 GMT
ETag
"8b1c6ad975c7d71:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type
image/png
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
34988
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Feb 2023 20:25:44 GMT
livevalidation_standalone.compressed.js
img03.en25.com/i/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/i/livevalidation_standalone.compressed.js
Requested by
Host: app.tulsahurricane.com
URL: https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elq=526aa4c89055437ab46ff752383366cd&elqaid=293&elqat=1&elqCampaignId=175
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.87.141.229 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-141-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.tulsahurricane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 15 Feb 2023 20:25:43 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection
keep-alive
Content-Length
3717
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 03 Oct 2022 17:55:37 GMT
ETag
"8ea8a25751d7d81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Wed, 15 Feb 2023 20:25:43 GMT
cleave.min.js
cdnjs.cloudflare.com/ajax/libs/cleave.js/1.6.0/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleave.js/1.6.0/cleave.min.js
Requested by
Host: app.tulsahurricane.com
URL: https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elq=526aa4c89055437ab46ff752383366cd&elqaid=293&elqat=1&elqCampaignId=175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.tulsahurricane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 20:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1264106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5638
last-modified
Tue, 19 May 2020 10:54:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ec3badc-528d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPMi%2FHU5TBOv1DPT6APfSNx5V2%2FQoI0HJidSr45Qv%2B9bi0REL75YuY0KMYAFWr6HLsj14t%2FfYIrGpM6WzseRe%2F6hY7QguuNDTNvMuBr3a%2F5ReRhbsDvioeAvn6f2VZLPjLMJcPUWO7ZJSQ2UvsTx6XeX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79a0c63f0bd8361d-FRA
expires
Mon, 05 Feb 2024 20:25:43 GMT
tinydot.gif
s2838906.t.eloqua.com/eloquaimages/
Redirect Chain
  • https://s2838906.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=2838906&PURLSiteID=3&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=9&PURLRecordID=0&PURLGUID=A63C7F3A32374943B88F2D90EB0082FD&...
  • https://s2838906.t.eloqua.com/eloquaimages/tinydot.gif
49 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2838906.t.eloqua.com/eloquaimages/tinydot.gif
Requested by
Host: app.tulsahurricane.com
URL: https://app.tulsahurricane.com/preferences?utm_medium=email&elq_cid=32473&ehash=51314d078c8198bAB12ABCDEFGHIJKLMNOPQ9ed4e8c0652fddd506971a0ed21a&elqTrackId=bAB12ABCDEFGHIJKLMNOPQ83b3a27df6&elq=526aa4c89055437ab46ff752383366cd&elqaid=293&elqat=1&elqCampaignId=175
Protocol
HTTP/1.1
Server
147.154.45.222 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.tulsahurricane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Wed, 15 Feb 2023 20:25:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 03 Oct 2022 17:55:32 GMT
ETag
"35eee5451d7d81:0"
Content-Type
image/gif
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
49
X-XSS-Protection
1; mode=block
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Wed, 15 Feb 2023 20:25:43 GMT
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=utf-8
Location
/eloquaimages/tinydot.gif
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
142
X-Xss-Protection
1; mode=block
Expires
-1

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| LiveValidation function| LiveValidationForm object| Validate function| handleFormSubmit function| resetSubmitButton function| addChangeHandler object| form object| nodes number| len undefined| node undefined| selectedValue undefined| j object| dom0 object| fe174 object| dom1 object| fe175 object| dom2 object| fe176 object| dom3 object| fe177 object| dom4 object| fe178 object| dom6 object| fe179 object| dom7 object| fe180 object| dom8 object| fe182 object| dom9 object| fe183 object| dom11 object| fe209 function| getParentElement object| inputs function| Cleave object| cleave object| sports undefined| sportsHeader object| divTags undefined| sportsHeaderRow undefined| sportsColumnOneLength undefined| sportsColumnTwoLength undefined| sportsColumnContainerRow undefined| sportsColumnOne undefined| sportsColumnTwo

1 Cookies

Domain/Path Name / Value
.tulsahurricane.com/ Name: ELOQUA
Value: GUID=A63C7F3A32374943B88F2D90EB0082FD&FPCVISITED=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block