cloud.emergencyassistanceplus.com Open in urlscan Pro
13.111.116.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clicks.procastnetworks.com/email/S-201@5777@9rmEI9e8zVLWTLvF58NGm_NsrOG1WsZZI0UgSN-1XNg.@
Effective URL:
http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019...
Submission: On April 25 via manual (April 25th 2019, 12:11:56 pm UTC) from GB

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 12 domains to perform 25 HTTP transactions. The main IP is 13.111.116.61, located in Indianapolis, United States and belongs to EXACT-7 - ExactTarget, Inc., US. The main domain is cloud.emergencyassistanceplus.com.

This is the only time cloud.emergencyassistanceplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	78.33.18.213 78.33.18.213	8468 (ENTANET E...) (ENTANET ENTANET International Limited)
1	13.111.116.61 13.111.116.61	22606 (EXACT-7) (EXACT-7 - ExactTarget)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	184.30.218.32 184.30.218.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.235.246.56 23.235.246.56	20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC)
5	2a02:26f0:6c0... 2a02:26f0:6c00:194::41ae	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:6c0... 2a02:26f0:6c00:19c::41ae	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	13.111.36.128 13.111.36.128	22606 (EXACT-7) (EXACT-7 - ExactTarget)
1	23.235.246.33 23.235.246.33	20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	68.232.201.19 68.232.201.19	22606 (EXACT-7) (EXACT-7 - ExactTarget)
25	15

1 78.33.18.213 (United Kingdom) 1 redirects

ASN8468 (ENTANET ENTANET International Limited, GB)
PTR: 78-33-18-213.static.enta.net

clicks.procastnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.111.116.61 (Indianapolis, United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: cloud.emergencyassistanceplus.com

cloud.emergencyassistanceplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.218.32 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-218-32.deploy.static.akamaitechnologies.com

mc.exacttarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.235.246.56 (Tempe, United States)

ASN20454 (SSASN2 - SECURED SERVERS LLC, US)

www.moosevip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:194::41ae (European Union)

ASN20940 (AKAMAI-ASN1, US)

image.mybenefitprograms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:19c::41ae (European Union)

ASN20940 (AKAMAI-ASN1, US)

image.mybenefitprograms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.111.36.128 (Indianapolis, United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.mybenefitprograms.com

click.mybenefitprograms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.235.246.33 (Tempe, United States)

ASN20454 (SSASN2 - SECURED SERVERS LLC, US)

enroll.emergencyassistanceplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.201.19 (Indianapolis, United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: e.s1.exct.net

e.s1.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mybenefitprograms.com image.mybenefitprograms.com click.mybenefitprograms.com	405 KB
2	gstatic.com fonts.gstatic.com	45 KB
2	cloudflare.com cdnjs.cloudflare.com	12 KB
2	moosevip.com www.moosevip.com	416 KB
2	exacttarget.com 1 redirects mc.exacttarget.com	6 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	fontawesome.com use.fontawesome.com	60 KB
2	emergencyassistanceplus.com cloud.emergencyassistanceplus.com enroll.emergencyassistanceplus.com	44 KB
1	exct.net e.s1.exct.net	196 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	14 KB
1	jquery.com code.jquery.com	24 KB
1	procastnetworks.com 1 redirects clicks.procastnetworks.com	328 B
25	12

	Domain	Requested by
8	image.mybenefitprograms.com	cloud.emergencyassistanceplus.com
2	fonts.gstatic.com	cloud.emergencyassistanceplus.com
2	cdnjs.cloudflare.com	cloud.emergencyassistanceplus.com
2	www.moosevip.com	cloud.emergencyassistanceplus.com
2	mc.exacttarget.com	1 redirects cloud.emergencyassistanceplus.com
2	use.fontawesome.com	cloud.emergencyassistanceplus.com
1	e.s1.exct.net	ajax.googleapis.com
1	enroll.emergencyassistanceplus.com	cloud.emergencyassistanceplus.com
1	click.mybenefitprograms.com	cloud.emergencyassistanceplus.com
1	stackpath.bootstrapcdn.com	cloud.emergencyassistanceplus.com
1	code.jquery.com	cloud.emergencyassistanceplus.com
1	ajax.googleapis.com	cloud.emergencyassistanceplus.com
1	fonts.googleapis.com	cloud.emergencyassistanceplus.com
1	cloud.emergencyassistanceplus.com
1	clicks.procastnetworks.com	1 redirects
25	15

This site contains links to these domains. Also see Links.

Domain
image.mybenefitprograms.com

Subject Issuer	Validity	Valid
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
akamai-san1.exacttarget.com DigiCert SHA2 Secure Server CA	`2019-01-16` - `2020-01-22`	a year	crt.sh
*.moosevip.com Network Solutions OV Server CA 2	`2016-05-19` - `2019-06-06`	3 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
click.mybenefitprograms.com DigiCert SHA2 Secure Server CA	`2018-07-12` - `2020-07-16`	2 years	crt.sh
*.emergencyassistanceplus.com Network Solutions OV Server CA 2	`2018-10-07` - `2019-10-11`	a year	crt.sh
akamai-san23.exacttarget.com DigiCert SHA2 Secure Server CA	`2018-08-08` - `2020-07-13`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.s1.exct.net DigiCert SHA2 Secure Server CA	`2016-10-19` - `2020-01-17`	3 years	crt.sh

This page contains 2 frames:

Primary Page: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Frame ID: 4C5FB6910CE39F531B32C0DD97049EC9
Requests: 24 HTTP requests in this frame

Frame: https://enroll.emergencyassistanceplus.com/enroll.aspx?job=bg-26254&offer=100481&tc=b5663&enroll=true
Frame ID: 3B8BFAEF19866A959055EBA524FB6601
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://clicks.procastnetworks.com/email/S-201@5777@9rmEI9e8zVLWTLvF58NGm_NsrOG1WsZZI0UgSN-1XNg.@ HTTP 302
http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

25
Requests

68 %
HTTPS

38 %
IPv6

12
Domains

15
Subdomains

15
IPs

5
Countries

1060 kB
Transfer

1435 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/8b85089c-a2ff-4496-b08d-e2eca734cc09.pdf
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clicks.procastnetworks.com/email/S-201@5777@9rmEI9e8zVLWTLvF58NGm_NsrOG1WsZZI0UgSN-1XNg.@ HTTP 302
http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://mc.exacttarget.com/cloudpages/utilities/t.js HTTP 301
https://mc.exacttarget.com/cloudpages/utilities/t.js

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set bg26254-b4 Show response
cloud.emergencyassistanceplus.com/
Redirect Chain

http://clicks.procastnetworks.com/email/S-201@5777@9rmEI9e8zVLWTLvF58NGm_NsrOG1WsZZI0UgSN-1XNg.@
http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

220 KB
44 KB

666ms
511ms

Document
text/html

13.111.116.61
ExactTarget

General

Check archive.org

Show headers Download Go to

Full URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 13.111.116.61 Indianapolis, United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS: cloud.emergencyassistanceplus.com
Software: /
Resource Hash: 4435d6d2d9255a97f777d6c1f7b1e61a1f4d81eeebbdb6e849d208139202b544

Request headers

Host: cloud.emergencyassistanceplus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Set-Cookie: ADRUM_BTa=R:0|g:36e67860-1ba9-4747-acbd-39e66940065a; expires=Thu, 25-Apr-2019 12:12:08 GMT; path=/ ADRUM_BT1=R:0|i:88068|e:158; expires=Thu, 25-Apr-2019 12:12:08 GMT; path=/
Date: Thu, 25 Apr 2019 12:11:38 GMT
Connection: close
Content-Length: 44482

Redirect headers

Date: Thu, 25 Apr 2019 12:11:38 GMT
Server: none
location: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
X-server-tag: erebor
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 43ms
6ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Thu, 25 Apr 2019 12:11:39 GMT
content-encoding: gzip
last-modified: Thu, 10 May 2018 15:10:14 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
528 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300,700,900

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4353c6db4ac43de6f1fae66b8f643c754fbe3aa1d91ac1975f8922329ecce9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 25 Apr 2019 12:11:39 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 25 Apr 2019 12:11:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Thu, 25 Apr 2019 12:11:39 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 09 Mar 2019 03:59:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 4090333
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33593
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Mar 2020 03:59:26 GMT

GET
H/1.1

200
OK

t.js Show response
mc.exacttarget.com/cloudpages/utilities/
Redirect Chain

http://mc.exacttarget.com/cloudpages/utilities/t.js
https://mc.exacttarget.com/cloudpages/utilities/t.js

18 KB
6 KB

186ms
135ms

Script
text/javascript

184.30.218.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.exacttarget.com/cloudpages/utilities/t.js

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.218.32 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-218-32.deploy.static.akamaitechnologies.com

Software

Resource Hash

37ca2dba711c927604371ab060fde196637e060d9db7fced06daad9f564f343d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .exacttarget.com .marketingcloudapps.com .exct.net .salesforce.com
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Content-Security-Policy: frame-ancestors *.exacttarget.com *.marketingcloudapps.com *.exct.net *.salesforce.com
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Date: Thu, 25 Apr 2019 12:11:39 GMT
Strict-Transport-Security: max-age=7776000
Content-Type: text/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4980
X-Content-Type-Options: nosniff
Expires: -1

Redirect headers

Location: https://mc.exacttarget.com/cloudpages/utilities/t.js
Date: Thu, 25 Apr 2019 12:11:39 GMT
Server: BigIP
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 5e95b198-5440-1d27-516d-c4a1a74fbaa8
www.moosevip.com/documents/1627648/2028805/nurse-escort-realstorypic.png/ 189 KB
189 KB 586ms
254ms Image
image/png 23.235.246.56
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moosevip.com/documents/1627648/2028805/nurse-escort-realstorypic.png/5e95b198-5440-1d27-516d-c4a1a74fbaa8?t=1534796825607

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.235.246.56 Tempe, United States, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

edc064b7d93df3dcaa7933632b33bc22c8336752aaf234f1e0088b3a1ea4aa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Aug 2018 20:27:05 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
Content-Disposition: inline; filename="nurse-escort-realstorypic.png"
Content-Length: 193199
X-XSS-Protection: 1

GET
H/1.1 200
OK ad37ba9d-3148-4a58-a5d8-1b42742f0f74.jpg
image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ 40 KB
41 KB 404ms
222ms Image
image/jpeg 2a02:26f0:6c00:194::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ad37ba9d-3148-4a58-a5d8-1b42742f0f74.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:194::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4fa2ab0840d4f0cf418f690d240c805add4b5a874a08560b5c254502610496f3

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:39 GMT
Last-Modified: Thu, 21 Jun 2018 23:36:44 GMT
Server: AkamaiNetStorage
ETag: "eac7188e345c6a864327b967851f97ba:1529624204.350159"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41276

GET
H/1.1 200
OK 4a82518b-8383-497f-e0c5-c03c7986e45a
www.moosevip.com/documents/1627648/2028805/van-realstorypic.png/ 226 KB
226 KB 713ms
381ms Image
image/png 23.235.246.56
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moosevip.com/documents/1627648/2028805/van-realstorypic.png/4a82518b-8383-497f-e0c5-c03c7986e45a?t=1534796825990

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.235.246.56 Tempe, United States, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

c363e714dd8d02bf608d69c97b4e1ba02da27f1c4ff987e019a85922fb297a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Aug 2018 20:27:05 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
Content-Disposition: inline; filename="van-realstorypic.png"
Content-Length: 231120
X-XSS-Protection: 1

GET
H/1.1 200
OK a8d992e7-32f9-4c98-835e-34cac3616736.jpg
image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ 57 KB
57 KB 120ms
110ms Image
image/jpeg 2a02:26f0:6c00:19c::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/a8d992e7-32f9-4c98-835e-34cac3616736.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:19c::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7ec6a7041c391271666e650a5accfc8a3644c3cd54e96a99843f7ef9c5598921

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:39 GMT
Last-Modified: Thu, 21 Jun 2018 23:36:53 GMT
Server: AkamaiNetStorage
ETag: "492b1a4f9dbc09bda54c7cd502316a82:1529624213.701522"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57914

GET
H/1.1 200
OK 1228ef97-54b6-421c-ab64-bd8c174ad091.jpg
image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ 28 KB
28 KB 252ms
242ms Image
image/jpeg 2a02:26f0:6c00:19c::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/1228ef97-54b6-421c-ab64-bd8c174ad091.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:19c::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8ce4725d84042706cf296acd3adc0142a76755bd354f3183b727f41cdcf4997b

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
Last-Modified: Thu, 21 Jun 2018 23:36:45 GMT
Server: AkamaiNetStorage
ETag: "0cd5136e7d81e786f5f01d4ed2b265bc:1529624205.469921"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28170

GET
H/1.1 200
OK e7b76054-00c1-4025-8c64-285b75bab381.jpg
image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ 24 KB
24 KB 133ms
123ms Image
image/jpeg 2a02:26f0:6c00:194::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/e7b76054-00c1-4025-8c64-285b75bab381.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:194::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e40736b0a71792232905f746cd60dedd395e0f2e0d1a6f03030f5fcdbe6d9b07

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:39 GMT
Last-Modified: Fri, 22 Jun 2018 20:15:31 GMT
Server: AkamaiNetStorage
ETag: "251378b65bcba063e8f095ab8e2ac0bd:1529698531.925546"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24700

GET
H/1.1 200
OK d7ba3e89-15d5-48e8-9cdb-0b217ea21d03.jpg
image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ 72 KB
73 KB 258ms
248ms Image
image/jpeg 2a02:26f0:6c00:194::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/d7ba3e89-15d5-48e8-9cdb-0b217ea21d03.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:194::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bbd99058ee94140549234865be4494ed8c32095955f03dd982229561e6a4db71

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
Last-Modified: Thu, 21 Jun 2018 23:36:52 GMT
Server: AkamaiNetStorage
ETag: "4392b2bda255af43c0a09a4773fdb182:1529624212.553825"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74172

GET
H/1.1 200
OK ad332dce-4120-42fb-9ab3-62d0d03e6dc8.jpg
image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ 63 KB
64 KB 312ms
303ms Image
image/jpeg 2a02:26f0:6c00:194::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.mybenefitprograms.com/lib/fe4c15707c6303747c1d/m/1/ad332dce-4120-42fb-9ab3-62d0d03e6dc8.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:194::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 26e50574dc8f80aa85945d4375461ac3584f6d656969b89d20ac462a7b1b1f01

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
Last-Modified: Thu, 21 Jun 2018 23:36:51 GMT
Server: AkamaiNetStorage
ETag: "105c71dd960dc97270b10a768ce62e61:1529624211.366333"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64861

GET
H2 200 iframeResizer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/ 13 KB
5 KB 11ms
11ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/iframeResizer.min.js

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd3c9ac3c7d63f8005ab22bd26a19260c89d30c1d6a16020857f0e4df01f334

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Thu, 25 Apr 2019 12:11:39 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:43 GMT
server: cloudflare
etag: W/"5afd496b-3335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 14 Apr 2020 12:11:39 GMT
cache-control: public, max-age=30672000
cf-ray: 4cd03885cae997aa-FRA
served-in-seconds: 0.036

GET
H/1.1 200
OK jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 35ms
10ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

Date: Thu, 25 Apr 2019 12:11:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1111d"
Vary: Accept-Encoding
X-HW: 1556194299.dop018.fr8.shc,1556194299.dop018.fr8.t,1556194299.cds019.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 14ms
10ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Thu, 25 Apr 2019 12:11:39 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 14 Apr 2020 12:11:39 GMT
cache-control: public, max-age=30672000
cf-ray: 4cd038860b3d97aa-FRA
served-in-seconds: 0.026

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 50 KB
14 KB 49ms
12ms Script
text/javascript 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Thu, 25 Apr 2019 12:11:39 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:53 GMT
access-control-allow-origin: *
etag: "1544639633"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 14049

GET
H/1.1 200
OK open.aspx
click.mybenefitprograms.com/ 43 B
199 B 806ms
131ms Image
image/gif 13.111.36.128
ExactTarget

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.mybenefitprograms.com/open.aspx?ffcb10-ffcf14-ffcf14-fe6415707260047c7d12-ffcf14-ffcf14-ffcf14
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.36.128 Indianapolis, United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS: click.mybenefitprograms.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
Cache-Control: no-cache; max-age=0
Connection: close
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK Cookie set enroll.aspx
enroll.emergencyassistanceplus.com/ Frame 3B8B 0
0 685ms
235ms Document
text/html 23.235.246.33
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://enroll.emergencyassistanceplus.com/enroll.aspx?job=bg-26254&offer=100481&tc=b5663&enroll=true
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.235.246.33 Tempe, United States, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: enroll.emergencyassistanceplus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=3rte3ckwqhh4bzfsmwjznk5z; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 25 Apr 2019 12:11:40 GMT
Content-Length: 48533

GET
H/1.1 200
OK 36f53115-fd8f-4e3e-b94a-584664f78355.jpg
image.mybenefitprograms.com/lib/fe6415707260047c7d12/m/2/ 68 KB
68 KB 171ms
153ms Image
image/jpeg 2a02:26f0:6c00:19c::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mybenefitprograms.com/lib/fe6415707260047c7d12/m/2/36f53115-fd8f-4e3e-b94a-584664f78355.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19c::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: affe7ebf5125a50f13ed4067e879d6f8a607038773041a18798a18611cdb0c43

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
Last-Modified: Thu, 29 Nov 2018 20:23:46 GMT
Server: AkamaiNetStorage
ETag: "846340f93167062d9e5d4e93bd68a019:1543523026.949856"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69295

GET
H/1.1 200
OK 09c80f56-1b52-438f-bf4a-9c57b9440c2a.jpg
image.mybenefitprograms.com/lib/fe6415707260047c7d12/m/2/ 51 KB
51 KB 213ms
201ms Image
image/jpeg 2a02:26f0:6c00:194::41ae
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mybenefitprograms.com/lib/fe6415707260047c7d12/m/2/09c80f56-1b52-438f-bf4a-9c57b9440c2a.jpg
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:194::41ae , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: aabeefe572277fbb4958d38ea8c18f8bfed85bad3e6f668c757036adfcea1856

Request headers

Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 25 Apr 2019 12:11:40 GMT
Last-Modified: Thu, 29 Nov 2018 19:15:54 GMT
Server: AkamaiNetStorage
ETag: "b3fa810dbf4ef5b097f6336b9aa85d51:1543518954.235789"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52347

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v14/ 23 KB
23 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Fri, 08 Mar 2019 22:41:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:15 GMT
server: sffe
age: 4109420
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 23316
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 22:41:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v14/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Sat, 09 Mar 2019 04:48:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:09 GMT
server: sffe
age: 4087370
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 22820
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 04:48:49 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 49 KB
50 KB 7ms
7ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by: Host: cloud.emergencyassistanceplus.com
URL: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin: http://cloud.emergencyassistanceplus.com

Response headers

date: Thu, 25 Apr 2019 12:11:39 GMT
last-modified: Thu, 10 May 2018 15:10:31 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "8a8c0474283e0d9ef41743e5e486bf05"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 50372

POST
H/1.1 200
OK v1 Show response
e.s1.exct.net/ 6 B
196 B 607ms
119ms XHR
text/plain 68.232.201.19
ExactTarget

General

Check archive.org

Show headers Download Go to

Full URL: https://e.s1.exct.net/v1
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.232.201.19 Indianapolis, United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS: e.s1.exct.net
Software: /
Resource Hash: 1afc73e07986a0444e7c0c6597933b433f4ecd86863ae4754be1cbadbdbc4a53

Request headers

Accept: */*
Referer: http://cloud.emergencyassistanceplus.com/bg26254-b4?utm_source=emailmarketing&utm_medium=email&utm_campaign=e_5030877_01&utm_content=2019-04-25
Origin: http://cloud.emergencyassistanceplus.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: http://cloud.emergencyassistanceplus.com
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Origin
Access-Control-Max-Age: 3600

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
enroll.emergencyassistanceplus.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3rte3ckwqhh4bzfsmwjznk5z
cloud.emergencyassistanceplus.com/	1970-01-19 00:16:34	Name: ADRUM_BT1 Value: R:0\|i:88068\|e:158
cloud.emergencyassistanceplus.com/	1970-01-19 00:16:34	Name: ADRUM_BTa Value: R:0\|g:36e67860-1ba9-4747-acbd-39e66940065a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
click.mybenefitprograms.com
clicks.procastnetworks.com
cloud.emergencyassistanceplus.com
code.jquery.com
e.s1.exct.net
enroll.emergencyassistanceplus.com
fonts.googleapis.com
fonts.gstatic.com
image.mybenefitprograms.com
mc.exacttarget.com
stackpath.bootstrapcdn.com
use.fontawesome.com
www.moosevip.com
13.111.116.61
13.111.36.128
184.30.218.32
205.185.208.52
209.197.3.15
23.111.9.35
23.235.246.33
23.235.246.56
2606:4700::6813:c597
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200a
2a00:1450:4001:818::200a
2a02:26f0:6c00:194::41ae
2a02:26f0:6c00:19c::41ae
68.232.201.19
78.33.18.213
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
1afc73e07986a0444e7c0c6597933b433f4ecd86863ae4754be1cbadbdbc4a53
26e50574dc8f80aa85945d4375461ac3584f6d656969b89d20ac462a7b1b1f01
37ca2dba711c927604371ab060fde196637e060d9db7fced06daad9f564f343d
4353c6db4ac43de6f1fae66b8f643c754fbe3aa1d91ac1975f8922329ecce9b9
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4435d6d2d9255a97f777d6c1f7b1e61a1f4d81eeebbdb6e849d208139202b544
4bd3c9ac3c7d63f8005ab22bd26a19260c89d30c1d6a16020857f0e4df01f334
4fa2ab0840d4f0cf418f690d240c805add4b5a874a08560b5c254502610496f3
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
7ec6a7041c391271666e650a5accfc8a3644c3cd54e96a99843f7ef9c5598921
8ce4725d84042706cf296acd3adc0142a76755bd354f3183b727f41cdcf4997b
aabeefe572277fbb4958d38ea8c18f8bfed85bad3e6f668c757036adfcea1856
affe7ebf5125a50f13ed4067e879d6f8a607038773041a18798a18611cdb0c43
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbd99058ee94140549234865be4494ed8c32095955f03dd982229561e6a4db71
c363e714dd8d02bf608d69c97b4e1ba02da27f1c4ff987e019a85922fb297a3f
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e40736b0a71792232905f746cd60dedd395e0f2e0d1a6f03030f5fcdbe6d9b07
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
edc064b7d93df3dcaa7933632b33bc22c8336752aaf234f1e0088b3a1ea4aa85
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

cloud.emergencyassistanceplus.com Open in urlscan Pro 13.111.116.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

68 %HTTPS

38 %IPv6

12 Domains

15 Subdomains

15 IPs

5 Countries

1060 kBTransfer

1435 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Indicators

cloud.emergencyassistanceplus.com Open in urlscan Pro
13.111.116.61 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

68 %
HTTPS

38 %
IPv6

12
Domains

15
Subdomains

15
IPs

5
Countries

1060 kB
Transfer

1435 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions