![](/screenshots/94ac56ae-4408-4111-a326-9cd7682d5684.png)
ac.activehosted.com
Open in
urlscan Pro
2606:4700::6811:586d
Public Scan
Effective URL: https://ac.activehosted.com/proc.php?nl=51&c=17348&m=3985071&s=c76800d9de70ae4ae1bb9590a455d724&act=unsub
Submission Tags: falconsandbox
Submission: On November 21 via api from US
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 28th 2020. Valid for: 6 months.
This is the only time ac.activehosted.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.165.225.92 54.165.225.92 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 2606:4700::68... 2606:4700::6811:586d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
7 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-225-92.compute-1.amazonaws.com
ac.emlnk1.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
activehosted.com
ac.activehosted.com |
119 KB |
2 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
googleapis.com
fonts.googleapis.com |
764 B |
1 |
emlnk1.com
1 redirects
ac.emlnk1.com |
211 B |
7 | 4 |
Domain | Requested by | |
---|---|---|
4 | ac.activehosted.com |
ac.activehosted.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
ac.activehosted.com
|
1 | ac.emlnk1.com | 1 redirects |
7 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.activecampaign.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl763678.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-10-28 - 2021-05-06 |
6 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ac.activehosted.com/proc.php?nl=51&c=17348&m=3985071&s=c76800d9de70ae4ae1bb9590a455d724&act=unsub
Frame ID: 4C5FCD6178F8D4BD7FDF74858C3CFC5D
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/94ac56ae-4408-4111-a326-9cd7682d5684.png)
Page URL History Show full URLs
-
https://ac.emlnk1.com/proc.php?nl=51&c=17348&m=3985071&s=c76800d9de70ae4ae1bb9590a455d724&act=unsub
HTTP 301
https://ac.activehosted.com/proc.php?nl=51&c=17348&m=3985071&s=c76800d9de70ae4ae1bb9590a455d724&act=unsub Page URL
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Email marketing
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ac.emlnk1.com/proc.php?nl=51&c=17348&m=3985071&s=c76800d9de70ae4ae1bb9590a455d724&act=unsub
HTTP 301
https://ac.activehosted.com/proc.php?nl=51&c=17348&m=3985071&s=c76800d9de70ae4ae1bb9590a455d724&act=unsub Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
proc.php
ac.activehosted.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 764 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
build.css
ac.activehosted.com/node_modules/@activecampaign/camp-core-css/dist/ |
948 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
camp-colors.css
ac.activehosted.com/admin/css/ |
1 KB 620 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unsubscribe.css
ac.activehosted.com/admin/css/ |
1 KB 603 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ac.activehosted.com/ | Name: PHPSESSID Value: a4621fa8495b003534247a222daf0eb5 |
|
.activehosted.com/ | Name: __cfduid Value: d526016342727a8ab586b7478ae052b491605996758 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ac.activehosted.com
ac.emlnk1.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700::6811:586d
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
54.165.225.92
5488b30f5ca41b290700dac54c16b27a4394eaf69a7f11cf55403fbac5a542c0
862ea4c7412548ae6f04c9e22d1ffeca6e30c6638331d2422d4e76336768dd2b
b9a9189ce038813c4f8b68e5b7b695ead251e7c98b00f55c5eeb41e70d37b76d
cbe6df73827a5a9c55dff60a17a684eae3091ba429bc151f9e519d11bfa1a950
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
df7867b41abead0ab6340eebedefbffbcf2e43232cc5655756c7905aee86b1b8
fc245097329a0300c852e7b5b67212cc8617c73c62c26e9658e082dc7796a5c2