All Vendors
deanon

OpenSend

Claims "100% legally compliant" while running 25+ trackers without consent, CNAME-cloaking a first-party subdomain to undisclosed Hyros ad attribution, and operating a covert cross-domain PII transport channel that injects visitor names and emails into URLs via window.name before destroying the evidence.

343 IOCs100% pre-consent
90
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what OpenSend discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

100% pre-consent activity3 critical disclosure gaps
CRITICAL

Consent Compliance

No GDPR mention in privacy policy, no CCPA mention, no consent banner, 25+ trackers firing without consent, explicit DNT refusal

GDPR Art 5(3)GDPR Art 6GDPR Art 7ePrivacy Directive Art 5(3)CCPA §1798.100
CRITICAL

Consent Laundering

Consent obtained on third-party publishing sites, not on the site where identification happens. Cross-domain PII transport via window.name bypasses same-origin policy.

GDPR Art 6(1)(a)GDPR Art 7(2)ePrivacy Art 5(3)
CRITICAL

CNAME Cloaking

t.opensend.com CNAME-cloaked to 191412.edge.hyros.com. All 43 first-party cookies sent to undisclosed Hyros infrastructure. Hyros not disclosed anywhere.

GDPR Art 28GDPR Art 13CCPA §1798.140(v)
CRITICAL

Pre-Consent Activity

OpenSend was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy
HIGH

Cookie-Less Claim

Sets 39+ cookies on first visit. Uses localStorage as cookie alternative with JS-managed expiry. Falls back to fingerprinting for cookieless browsers.

ePrivacy Directive Art 5(3)GDPR Art 5(1)(a)
Disclosure Gaps

Claims vs. Observed Behavior

7 gaps
3 CRIT4 HIGH
Classified:BTI-X01BTI-X02BTI-X04BTI-X05BTI-X08BTI-X09

CNAME Cloaking

GDPR Art 28 · GDPR Art 13 · CCPA §1798.140(v)CRITICAL
They Claim

Protected by end-to-end encryption

Observed Behavior

t.opensend.com CNAME-cloaked to 191412.edge.hyros.com. All 43 first-party cookies sent to undisclosed Hyros infrastructure. Hyros not disclosed anywhere.

DNS lookup: t.opensend.com → CNAME → 191412.edge.hyros.com → 52.205.62.94. Network request: GET /v1/lst/universal-script with all first-party cookies attached

Undisclosed Subprocessors

GDPR Art 28(2) · GDPR Art 13(1)(e) · CCPA §1798.110HIGH
They Claim

Privacy policy lists Facebook, Google, Microsoft, Twitter as partners

Observed Behavior

Also uses HubSpot (portal 24030046), ActiveCampaign (account 801465941), Fueled.io (API key exposed), Metricool, eulerapp.com/Bubble.io, Hyros (CNAME-cloaked), ipinfo.io — none disclosed

Network traffic analysis: 8+ third-party domains receiving data not listed in privacy policy or any subprocessor list

Session Recording

GDPR Art 9 · ePrivacy Art 5(3) · CIPAHIGH
They Claim

No disclosure of session recording in privacy policy or on-page notice

Observed Behavior

Microsoft Clarity (tag eqnd2gytr9) actively records full session replays of mouse movements, clicks, scrolls, and form interactions without any user disclosure or consent

CDT MCP: clarity.ms scripts loaded, _clck/_clsk cookies set, Bing/Clarity cookie sync active via c.bing.com

Encrypted Payloads

GDPR Art 5(1)(a) transparency · GDPR Art 15 right of accessHIGH
They Claim

Protected by end-to-end encryption

Observed Behavior

All aggle.net request and response bodies use custom encryption preventing security audit. Security teams cannot determine what data is collected or what match results are returned.

Network traffic: POST to oirt-dev.aggle.net/csc, /evt, /ack, /ost all contain encrypted payloads (custom encoding, not standard base64)

Customer Impact

What This Means For You

If you deploy OpenSend's pixel on your site, every visitor is immediately enrolled in a 200M-profile identity graph shared across thousands of other sites. Their name, email, and mailing address are resolved and made available to you — but also to every other OpenSend client. A CNAME-cloaked subdomain will route your visitors' first-party cookies to Hyros, an ad attribution platform you did not authorize and that is not disclosed in any DPA or subprocessor list. Microsoft Clarity will begin recording full session replays of your visitors' interactions without their knowledge or consent. The window-name-unpacker.js script will inject resolved PII into your URL parameters, making it appear that visitors provided their own information. Your site inherits OpenSend's entire compliance debt: GDPR Article 6 (no legal basis for processing), ePrivacy Article 5(3) (no consent for cookies and tracking), CCPA §1798.100 (no notice at collection), and GDPR Article 28 (undisclosed subprocessors including Hyros).
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use OpenSend

  • Audit your DNS for CNAME records pointing to *.edge.hyros.com — OpenSend likely provisioned a t.yourdomain.com subdomain routing your visitors' cookies to undisclosed Hyros infrastructure
  • Review your CSP and network logs for traffic to aggle.net, cdn-t.aggle.net, oirt-dev.aggle.net — these are OpenSend's identity resolution endpoints
  • Demand OpenSend provide a complete subprocessor list including Hyros and verify your DPA covers all 8+ undisclosed third parties
  • Monitor localStorage for _oir_* keys that persist encrypted tracking data beyond cookie clearing with JavaScript-managed expiry
  • Require OpenSend to disable Microsoft Clarity session recording on your properties or add explicit disclosure and consent

If You're Evaluating OpenSend

  • Run a test deployment and capture a full HAR file — count third-party requests, cookies set pre-consent, and CNAME-cloaked destinations before signing
  • Request OpenSend's SOC 2 report, DPA, and complete subprocessor list — verify Hyros, Fueled.io, ActiveCampaign, and aggle.net are disclosed
  • Ask OpenSend to explain the window-name-unpacker.js cross-domain PII transport mechanism and its legal basis under GDPR Article 6
  • Verify CNAME cloaking: run nslookup on any subdomain they ask you to create — if it resolves to *.edge.hyros.com, that is undisclosed third-party tracking
  • Ask for explicit written confirmation that your visitor data is siloed, not shared with other clients, and not used to enrich their shared identity graph

Negotiation Leverage

  • CNAME cloaking to Hyros: t.opensend.com resolves to 191412.edge.hyros.com. All 43 first-party cookies are sent to Hyros infrastructure via this cloaked subdomain. Hyros is not disclosed in any privacy policy, DPA, or subprocessor list. Demand complete disclosure of all CNAME destinations provisioned on client domains and written confirmation that no tracking subdomain points to undisclosed third parties.
  • Cross-domain PII transport: window-name-unpacker.js passes firstname, lastname, and email between domains via window.name, injects PII into URL query parameters via history.replaceState, stores in sessionStorage, then clears window.name to destroy evidence. This bypasses same-origin policy and constitutes covert personal data processing under GDPR Article 5(1)(a). Demand written explanation of legal basis and right to disable this mechanism.
  • Zero consent mechanism: 25+ third-party domains and 43 cookies fire on page load with no CMP, no cookie banner, and no opt-out. OpenSend explicitly refuses DNT. Demand contractual guarantee that a consent gate will be deployed, or an indemnification clause covering all regulatory fines resulting from consent violations on sites running the OpenSend pixel.
  • Encrypted payloads preventing audit: All aggle.net request and response bodies use custom encryption preventing security audit. Your security team cannot determine what data is collected or what match results are returned. Demand technical documentation of all data fields collected and returned by the OIR SDK, right to audit decrypted payloads, and contractual guarantee that payload contents match documentation.
  • Undisclosed subprocessors: Active third parties not listed in privacy policy include Hyros, Fueled.io (API key 4peVNCRSnkRvsyKdJO1thfmqUxWnm7), ActiveCampaign (account 801465941), Metricool, eulerapp.com/Bubble.io, and Microsoft Clarity (tag eqnd2gytr9 with session recording). Demand complete subprocessor list with DPA coverage for each and right to approve or reject future subprocessor additions per GDPR Article 28(2).
Runtime Detections

Runtime Detections

11 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

C01C01

C03C03

C07C07

C08C08

C09C09

C10C10

C13C13

C14C14

BTI-C14Identity Resolution

PII deanonymization

C15C15

C18C18

IOC Manifest

IOC Manifest

336 INDICATORS

Indicators of compromise across 7 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*www.opensend.com/_next/static/chunks/animations-*-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/*.*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/424.*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/*-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/webpack-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/vendors-*-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/main-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/_app-*-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/vhApz-i9SShWyk1NBXckO/_ssgManifest.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/index-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/vhApz-i9SShWyk1NBXckO/_buildManifest.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/react-*.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/facebook-pixel.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/url-params-cookie.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/window-name-unpacker.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/deferred-tracking-loader.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/fueled-bootstrap.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/utm-params.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/611.*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/connect-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/reconnect-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/index.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/connect.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/reconnect.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/personas.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/revive-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/success-stories-categories/health-wellness.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/success-stories-categories/consumer-goods.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/success-stories-categories/%5Bslug%5D-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/success-stories-categories/apparel-fashion-jewelry.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/post/identify-website-visitors.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/success-stories-categories/furniture-home-decor-textiles.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/post/what-is-remarketing.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/post/%5Bslug%5D-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/how-it-works.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/how-it-works-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/faq.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/blog.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/faq-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/opensend-vs-tie.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/blog-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/915-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/opensend-vs-instant.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/pricing.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/opensend-vs-digioh.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/partner.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/%5B...slug%5D-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/success-stories.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/success-stories-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/pricing-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/book-a-demo.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/partner-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/book-a-demo-*.js*
Tracking script
EXFIL
*www.opensend.com/_next/static/chunks/pages/personas-*.js*
Data collection endpoint
TRACK
*www.opensend.com/js/tracking/footercode2v1-update.js*
Tracking script
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/case-studies/trueclassic-flowium.json*
Data collection endpoint
EXFIL
*www.opensend.com/_next/data/vhApz-i9SShWyk1NBXckO/success-story/benchmade-has-seen-a-significant-growth-since-using-opensend-showing-a-12x-roi-in-only-30-days.json*
Data collection endpoint
TRACK
*www.opensend.com/_next/static/chunks/pages/case-studies/%5Bslug%5D-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/success-story/%5Bslug%5D-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/opensend-vs-wunderkind-*.js*
Tracking script
TRACK
*www.opensend.com/_next/static/chunks/pages/opensend-vs-retention-*.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/footercdnv1.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/footercode3.js*
Tracking script
TRACK
*www.opensend.com/js/tracking/footercode1.js*
Tracking script
TRACK
www.opensend.com/_next/static/chunks/animations-fc104530-ce1a46bfcda4bf34.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/animations-6391b56b-4661485f42b44cba.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/424.7e8eef687367bf6b.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/4478.41ef7a781825612f.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/8712.0345ff3ad5f10cc6.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/6060-e46990896fc3b7b8.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/8770.a68d60e9d7a6fda6.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/6120.7b605468a82b57ab.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/5483.350520da8867abe4.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/2639.f24110d762fdb7ec.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/8597.823c470e1af9bf06.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/5867.07b8da14a80aab0a.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/webpack-f62c5e64847c320a.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/react-bbdfd0b7a97654d6.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-aacc2dbb-57f696eea8162564.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-bc050c32-1ae33bc5fdb93df4.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-f945abb9-5c5bc6e0caa1e0bb.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-f67df17f-a224fd0d5991ffb9.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-d91c2bd6-fcf28b002023ca67.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-2898f16f-ea0d090fa592afb2.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/vendors-8cbd2506-0d9a78b43d2aab1b.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/main-c1cc4af6b4dc9b52.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/_app-f3956634-3f760304d803eab9.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/_app-c33ba578-ea8cdbbef01c3e38.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/3985-e58857a966206583.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/index-5ddee24753e358ec.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/vhApz-i9SShWyk1NBXckO/_buildManifest.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/vhApz-i9SShWyk1NBXckO/_ssgManifest.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/3079.dddb7b1ea3a0f6ea.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/3011-41ae4b6630ecef88.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/9489.93332d066e698441.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/9419-af00a9bb16cf0875.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/8772.b3ae3b88e22e9988.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/2678.112b627ae6174f58.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/facebook-pixel.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/url-params-cookie.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/fueled-bootstrap.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/deferred-tracking-loader.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/window-name-unpacker.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/utm-params.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/611.f8131cc891138f91.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/footercode2v1-update.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/2461-a193f4bf406a0705.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/success-stories-categories/%5Bslug%5D-a4ca9349dbe5521e.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/3858-040692f893ba4722.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/post/%5Bslug%5D-44fe110c9f9536f8.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/%5B...slug%5D-7bc2e9fcb967f91e.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/1583-337a63ba4ad719b9.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/connect-d89e8d9725024f2b.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/6431-60e940b1fe050116.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/reconnect-e1948c2ced8a7ac2.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/8135-f31f4e04ab4d5b21.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/revive-dd6d71ba105f43d1.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/7663-320b7a05087a6bb6.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/2584-4ccaef90ffa92af0.js
Auto-extracted from scan
EXFIL
www.opensend.com/_next/static/chunks/pages/personas-d01aeb18a2e3e7cb.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/how-it-works-3b92ee7551933c9b.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/faq-9e1a16b881eed790.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/blog-1efeccbb27cfd625.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/9729-5f9ad3d8d5234ac4.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/915-c4c98de24d86800e.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/opensend-vs-wunderkind-30301a9fd4698953.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/opensend-vs-retention-d87d15cb67791da9.js
Auto-extracted from scan
TRACK
t.opensend.com/v1/lst/universal-script
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/success-stories-6f49e865efa99b4e.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/pricing-22be174c861edcfb.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/partner-f3d3b741faea454c.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/book-a-demo-94a7e794fd348e51.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/3792-5230f863388bd1ff.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/case-studies/%5Bslug%5D-36c2e9ac38d41248.js
Auto-extracted from scan
TRACK
www.opensend.com/_next/static/chunks/pages/success-story/%5Bslug%5D-1bd50ec305b61425.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/footercdnv1.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/footercode1.js
Auto-extracted from scan
TRACK
www.opensend.com/js/tracking/footercode3.min.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

OpenSend operates through a layered infrastructure centered on its aggle.net identity resolution platform. The OIR SDK (v260211) loads from cdn-t.aggle.net via CloudFront and communicates with oirt-dev.aggle.net (AWS EC2 Oregon, gunicorn/Python) for encrypted identity resolution against a 200M-profile identity graph built by wholesaling consent from publishing partners. The first-party tracking subdomain t.opensend.com is CNAME-cloaked to 191412.edge.hyros.com, an AI-powered ad attribution platform not disclosed anywhere by OpenSend. Supporting infrastructure includes HubSpot (portal 24030046, marketing + live chat), ActiveCampaign (account 801465941, email automation), Microsoft Clarity (tag eqnd2gytr9, full session recording), Facebook (pixel 1190199214961732, Advanced Matching), Google (GA4 + Ads via dual GTM containers), LinkedIn (Insight tag, partner IDs 6946377 + 4340548), Fueled.io (e-commerce analytics), Metricool (social analytics), and eulerapp.com/Bubble.io (affiliate tracking). The site is hosted on AWS S3 + CloudFront with zero security headers.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

343 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details