www2.brightsquid.com

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 13.224.194.13, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www2.brightsquid.com.
TLS certificate: Issued by Amazon on February 16th 2020. Valid for: a year.

This is the only time www2.brightsquid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.224.194.81 13.224.194.81	16509 (AMAZON-02) (AMAZON-02)
1	13.224.194.13 13.224.194.13	16509 (AMAZON-02) (AMAZON-02)
1	13.224.194.41 13.224.194.41	16509 (AMAZON-02) (AMAZON-02)
1	52.55.21.70 52.55.21.70	14618 (AMAZON-AES) (AMAZON-AES)
3	3

1 13.224.194.81 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-81.fra2.r.cloudfront.net

link.brightsquid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-13.fra2.r.cloudfront.net

www2.brightsquid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-41.fra2.r.cloudfront.net

assets.activedemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.21.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-21-70.compute-1.amazonaws.com

submit.activedemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	activedemand.com assets.activedemand.com submit.activedemand.com	20 KB
2	brightsquid.com 1 redirects link.brightsquid.com www2.brightsquid.com	25 KB
3	2

	Domain	Requested by
1	submit.activedemand.com	www2.brightsquid.com
1	assets.activedemand.com	www2.brightsquid.com
1	www2.brightsquid.com
1	link.brightsquid.com	1 redirects
3	4

This site contains links to these domains. Also see Links.

Domain
link.brightsquid.com

Subject Issuer	Validity	Valid
*.brightsquid.com Amazon	`2020-02-16` - `2021-03-16`	a year	crt.sh
*.activedemand.com Amazon	`2020-02-19` - `2021-03-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535
Frame ID: 9F2070A8C5DD234D7324E50A5195B618
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.brightsquid.com/s/ECJNoEwvNmLa82ke9pi8 HTTP 302
https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedema... Page URL

Detected technologies

Microsoft Word (Editors) Expand

Overall confidence: 100%
Detected patterns

html /(?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

44 kB
Transfer

43 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://link.brightsquid.com/s/ECJNoEwvNmLa82ke9pi8
Title: View In Browser

Search URL Search Domain Scan URL

URL: https://link.brightsquid.com/s/ON3F0qOtcNP43oAjOa0V
Title: health.brightsquid.com

Search URL Search Domain Scan URL

URL: https://link.brightsquid.com/s/cUl9ox6eYBTrskYHxqP8
Title: brightsquid.com/pages/virtual-care-for-covid-19

Search URL Search Domain Scan URL

URL: https://link.brightsquid.com/s/uAvwa2lftXXSGYvzjsf9
Title:

Search URL Search Domain Scan URL

URL: https://link.brightsquid.com/s/gKCmQpal3SLymE1T5kY1
Title: View the Privacy Policy

Search URL Search Domain Scan URL

URL: https://link.brightsquid.com/s/gH8P1O4oJTLh6KKyUil1
Title: Opt Out / Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.brightsquid.com/s/ECJNoEwvNmLa82ke9pi8 HTTP 302
https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request d1c084e8-83f1-4695-ad5e-c24055c654b7 Show response
www2.brightsquid.com/submit/view_email/
Redirect Chain

https://link.brightsquid.com/s/ECJNoEwvNmLa82ke9pi8
https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&...

23 KB
24 KB

339ms
271ms

Document
text/html

13.224.194.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.194.13 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-13.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

7b77d250d136bd6873607c16df2d302005ec43c1dace754d2bb14b03e0a1003f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www2.brightsquid.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: session_uid=ImUxMGQxOGJkLWE1MGEtNDI2MS1iZjJiLTVkZThkMmI0YmVhMyI%3D--b48428dc0dd1bdfd0a51f943655527f853260e62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 17 Apr 2020 21:01:50 GMT
Server: Apache
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
WWW-Authenticate: NoAuthRequired
X-Request-Id: 12356be2-4e48-4d48-82f8-78e9fa8afe9a
X-Runtime: 0.068610
X-Content-Type-Options: nosniff
ETag: W/"7b77d250d136bd6873607c16df2d3020"
Status: 200 OK
X-Cache: Miss from cloudfront
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: UWuXcqd6-92jNrnRM8JevCciz_WUH2HrcmenVoT_Wp_pRrtDaqgEBQ==

Redirect headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 17 Apr 2020 21:01:49 GMT
Server: Apache
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
WWW-Authenticate: NoAuthRequired
X-Request-Id: 651e3d85-8743-4d55-9c5f-167b9f599658
X-Runtime: 0.451199
X-Content-Type-Options: nosniff
Set-Cookie: session_uid=ImUxMGQxOGJkLWE1MGEtNDI2MS1iZjJiLTVkZThkMmI0YmVhMyI%3D--b48428dc0dd1bdfd0a51f943655527f853260e62; domain=.brightsquid.com; path=/; expires=Tue, 17 Apr 2040 21:01:49 -0000
Location: https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535
Status: 302 Found
X-Cache: Miss from cloudfront
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: ynhslMCVgvDZU7hI9_oKiGgohxJgvU_fQXXQUghibIedb6Gnf_K4Jg==

GET
H/1.1 200
OK Wordmark_Multi_RGB.png
assets.activedemand.com/content_images/204599/images/original/ 19 KB
20 KB 132ms
25ms Image
image/png 13.224.194.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.activedemand.com/content_images/204599/images/original/Wordmark_Multi_RGB.png?1551993164
Requested by: Host: www2.brightsquid.com
URL: https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4c758142d59a05d00d70b9211fe301dd719483d613fe7bafd4d9ea78e2806bd

Request headers

Referer: https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 14:53:17 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Thu, 07 Mar 2019 21:12:46 GMT
Server: AmazonS3
Age: 22113
ETag: "f32c0440f37d44035fcad9d0336a09c5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 19859
X-Amz-Cf-Id: imD6BvWZABAkz52hS7X5g8m2CIMcfHVtfejBM1rS7UoBtwjHZEpKpw==

GET
H/1.1 200
OK open
submit.activedemand.com/submit/ 43 B
506 B 271ms
211ms Image
image/gif 52.55.21.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://submit.activedemand.com/submit/open?type=image&token=Y2hfaWQ9Mjg5MjYyODE5

Requested by

Host: www2.brightsquid.com
URL: https://www2.brightsquid.com/submit/view_email/d1c084e8-83f1-4695-ad5e-c24055c654b7?utm_source=activedemand&utm_medium=email&utm_campaign=activedemand+campaign+48666&ad_rid=302074836&ad_caid=48666&ad_wid=316534&ad_chid=289262819&ad_sid=991006535

Protocol

HTTP/1.1

Server

52.55.21.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-21-70.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.021305
Date: Fri, 17 Apr 2020 21:01:50 GMT
WWW-Authenticate: NoAuthRequired
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/gif
Status: 200 OK
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Transfer-Encoding: binary
Content-Disposition: attachment; filename="pixel.gif"
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Request-Id: 8cc9aa37-bd97-4922-802b-aa34ef39e96b

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.brightsquid.com/	1970-01-26 16:11:49	Name: session_uid Value: ImUxMGQxOGJkLWE1MGEtNDI2MS1iZjJiLTVkZThkMmI0YmVhMyI%3D--b48428dc0dd1bdfd0a51f943655527f853260e62

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.activedemand.com
link.brightsquid.com
submit.activedemand.com
www2.brightsquid.com
13.224.194.13
13.224.194.41
13.224.194.81
52.55.21.70
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
7b77d250d136bd6873607c16df2d302005ec43c1dace754d2bb14b03e0a1003f
b4c758142d59a05d00d70b9211fe301dd719483d613fe7bafd4d9ea78e2806bd

www2.brightsquid.com Open in urlscan Pro 13.224.194.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

3 IPs

1 Countries

44 kBTransfer

43 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www2.brightsquid.com Open in urlscan Pro
13.224.194.13 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

44 kB
Transfer

43 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions