urlscan.io logo urlscan.io
SecurityTrails logo

app.rdstation.email Open in urlscan Pro
35.223.116.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u26151045.ct.sendgrid.net/ls/click?upn=u001.S8cWMqOemycr68ZmQuYWKutS5H3kMtk-2FpAqdH24djxkhGbGEu00-2BGypdRT-2FzSueomqSazWSQ...
Effective URL: https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental...
Submission: On March 23 via manual from HU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 35.223.116.65, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is app.rdstation.email.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 29th 2023. Valid for: a year.
This is the only time app.rdstation.email was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.122 11377 (SENDGRID)
1 35.223.116.65 396982 (GOOGLE-CL...)
1 52.222.250.26 16509 (AMAZON-02)
2 2
Domain Requested by
1 d335luupugsy2.cloudfront.net app.rdstation.email
1 app.rdstation.email
1 u26151045.ct.sendgrid.net 1 redirects
2 3

This site contains links to these domains. Also see Links.

Domain
www.experimenteser.com.br
Subject Issuer Validity Valid
*.rdstation.email
Sectigo RSA Domain Validation Secure Server CA		 2023-09-29 -
2024-10-29		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station
Frame ID: 5A735D321DC7E2A9209B5EFEF225B7E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page title example

Page URL History Show full URLs

  1. https://u26151045.ct.sendgrid.net/ls/click?upn=u001.S8cWMqOemycr68ZmQuYWKutS5H3kMtk-2FpAqdH24djxkhGbGEu00-2BGy... HTTP 302
    https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summi... Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

120 kB
Transfer

134 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u26151045.ct.sendgrid.net/ls/click?upn=u001.S8cWMqOemycr68ZmQuYWKutS5H3kMtk-2FpAqdH24djxkhGbGEu00-2BGypdRT-2FzSueomqSazWSQO9ejeeh3sM9hVP8nUNv-2B7YQW6PDK-2FHwPAqUTvXqDOzX3faY0gqrneFoXhlFvDV1orTa5D6pAp41t-2FzM8ISlx07eAWuFXw-2FpbgrXlPAjX4f2K1HKibpS470p0TsnveCK4ddree-2FUElhrqktOukO4hr6pwgLiJ2TDwoQQ-3D8Lbd_M38kyxM4Yk6wRWAX5SDa2rKLSQCAVWAMc1fNHAzkvCJONhc6qp6xSkJCB7Jm-2BFciZiQfzgqKpiJ1yCziaZa3Cq2-2BIMIiMRlfk9r2NaOGBJTJhnBNPRy7xnh3o9PptINybmbjeQrnZeS3R4qlRF7sjry-2FEG0DcaYTD2La1t-2B5cFLnq2k21uS5eTrzniG-2F1aTU1yeCDuZZ-2FhVieWMk4Xg980162qAI1Beud3JsLTeg99a07-2BpEvN90sa-2FtDb0tC913YYmaO-2B7qLFWhV9KSmNwfJzhJM0KcODSHLr0chztTPTsRkc8dWDgNlg0O13KhtGIALmI5jAWwoiQgQTkSfdj-2F61ddNVGrIYtexdqXx5Wt2y884A8vM9T6wg-2BbtcxEiZAI0GskhBaWg2qb1MQs0tWY-2FhrcIvBtKXZ9DavIcqSNf9QDWRyB4NkgiZyAffkjMs3SCL8lLLLBGOsUaY-2FAr8aQah5zbiIb589Xb39gY6hQnVZ-2FcmUOBXrAAHj3eBWbY3nz-2FvswyQ5iKJV4h9z1S9cOUNFJTh0PQ8wx-2FofS2JC60EwvGGF21nMmoEry7C7awa8KLNxPeKU-2BMV7FxJdhJMfeEjU0jZEyZ8IpPq-2FBZs6hP2UYR4eaxZc3esVb-2FF8afa0nIO6I279nzLGsyduW8PUOm6NvBNOKWxaePzPCujqH1TUTe2HElAqOzQl2Ay0WveBv HTTP 302
    https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 45b539de-4380-45ac-9a62-f8186afb1f2e
app.rdstation.email/mail/
Redirect Chain
  • https://u26151045.ct.sendgrid.net/ls/click?upn=u001.S8cWMqOemycr68ZmQuYWKutS5H3kMtk-2FpAqdH24djxkhGbGEu00-2BGypdRT-2FzSueomqSazWSQO9ejeeh3sM9hVP8nUNv-2B7YQW6PDK-2FHwPAqUTvXqDOzX3faY0gqrneFoXhlFvDV1...
  • https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
d8021c13b5df69dd11f25fd876fc6ed322e29f3fb2939c06de53f204ab92843d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: wss:; font-src 'self' https: data:; img-src 'self' https: http: data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'self' https: 'unsafe-inline' http: blob:
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https: http: wss:; font-src 'self' https: data:; img-src 'self' https: http: data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'self' https: 'unsafe-inline' http: blob:
content-security-policy-report-only
base-uri 'none'; connect-src 'self' *.browser-intake-datadoghq.com *.browser-intake-us5-datadoghq.com api.segment.io api-iam.intercom.io cdn.segment.com front-hub-service.rdops.systems incident-io-ruby-client.production.rdops.systems measurement-api.criteo.com pagead2.googlesyndication.com wss://nexus-websocket-a.intercom.io; font-src 'self' d3ndvx6e67vt0s.cloudfront.net fonts.gstatic.com; img-src 'self' https:; object-src 'none'; script-src 'self' d3ndvx6e67vt0s.cloudfront.net cdn.rollbar.com cdn.segment.com js.intercomcdn.com script.hotjar.com static.hotjar.com widget.intercom.io www.google-analytics.com connect.facebook.net bat.bing.com bam-cell.nr-data.net snap.licdn.com www.googleadservices.com cdn.tiny.cloud rdstation-frontend.storage.googleapis.com d335luupugsy2.cloudfront.net js.driftt.com widget.drift.com static.criteo.net sslwidget.criteo.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ www.datadoghq-browser-agent.com *.rdops.systems 'report-sample' 'nonce-xmji8GN8uxvvPvqmFDZL0aGxYcEnJ0EBX1QesQTOJrg=' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline' http: blob:
content-type
text/html; charset=utf-8
date
Sat, 23 Mar 2024 23:08:28 GMT
etag
W/"d8021c13b5df69dd11f25fd876fc6ed3"
expect-ct
enforce, max-age=86400
feature-policy
microphone 'none'; geolocation 'none'; camera 'none';
referrer-policy
unsafe-url
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
b8c5de25021bfa5474a7cbc140e1c981
x-robots-tag
noindex, nofollow
x-runtime
0.068608
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
194
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Mar 2024 23:08:28 GMT
Location
https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station
Server
nginx
X-Robots-Tag
noindex, nofollow
cms%2Ffiles%2F452373%2F1709753425Emkt_MARCO_-_SER_-_Gestao_RH.jpg
d335luupugsy2.cloudfront.net/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d335luupugsy2.cloudfront.net/cms%2Ffiles%2F452373%2F1709753425Emkt_MARCO_-_SER_-_Gestao_RH.jpg
Requested by
Host: app.rdstation.email
URL: https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-26.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d73fcc1d969721b0bfe78b552d4c974a6c42b8f1c47c368d13a8e659c5f54c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.rdstation.email/mail/45b539de-4380-45ac-9a62-f8186afb1f2e?utm_campaign=ser_o_principal_summit_sobre_saude_mental&utm_medium=email&utm_source=RD+Station
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:06:47 GMT
x-amz-version-id
g2PIkUnbR4f2ZKEvnfj1bNN8UD6YxtdM
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Mar 2024 19:31:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
102
etag
"51360b2d93f46f970c2c7c0d02d33ac2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
,image/jpeg
accept-ranges
bytes
content-length
117117
x-amz-cf-id
9DWjju1OdXc1DM8F4sPdUVDQMtCILtQo7ftOusa08DPcsJHMBYV3jA==

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
app.rdstation.email/ Name: rdsm_target_version
Value: stable
app.rdstation.email/ Name: __rdsid
Value: 8ad5ae44d1d9a19b22a3b7e098291cee

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: http: wss:; font-src 'self' https: data:; img-src 'self' https: http: data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'self' https: 'unsafe-inline' http: blob:
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.rdstation.email
d335luupugsy2.cloudfront.net
u26151045.ct.sendgrid.net
167.89.123.122
35.223.116.65
52.222.250.26
6d73fcc1d969721b0bfe78b552d4c974a6c42b8f1c47c368d13a8e659c5f54c6
d8021c13b5df69dd11f25fd876fc6ed322e29f3fb2939c06de53f204ab92843d