urlscan.io logo urlscan.io
SecurityTrails logo

gansub.com Open in urlscan Pro
91.123.204.190  Public Scan

Go To Rescan Add Verdict Report
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Submission: On February 25 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 91.123.204.190, located in Karlskrona, Sweden and belongs to CNHAB, SE. The main domain is gansub.com.
TLS certificate: Issued by R3 on December 20th 2021. Valid for: 3 months.
This is the only time gansub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    91.123.204.190 (Karlskrona, Sweden)

ASN42695 (CNHAB, SE)
gansub.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:16d8:2:401:46a8:42ff:fe42:3e2b (Karlskrona, Sweden)

ASN42695 (CNHAB, SE)
media.getanewsletter.com
gantrack5.com
2    2600:9000:20eb:2400:14:f753:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.getanewsletter.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 getanewsletter.com
media.getanewsletter.com
cdn.getanewsletter.com
507 KB
4 gstatic.com
fonts.gstatic.com
85 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
86 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
3 KB
1 gantrack5.com
gantrack5.com
136 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 gansub.com
gansub.com
7 KB
17 7
Domain Requested by
5 media.getanewsletter.com gansub.com
4 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net gansub.com
connect.facebook.net
2 cdn.getanewsletter.com gansub.com
1 cdnjs.cloudflare.com gansub.com
1 gantrack5.com gansub.com
1 fonts.googleapis.com gansub.com
1 gansub.com
17 8

This site contains links to these domains. Also see Links.

Domain
gantrack5.com
twitter.com
Subject Issuer Validity Valid
gansub.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
getanewsletter.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.getanewsletter.com
Amazon		 2021-12-04 -
2022-12-31		 a year crt.sh
gantrack5.com
R3		 2021-12-24 -
2022-03-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-04 -
2022-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Frame ID: FEA1C29A80446FAFA528E60A89CD838B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

690 kB
Transfer

959 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gansub.com/t/v/1_MzA2MzIxNDgwNjM=/ 		45 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
91.123.204.190 Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
56f90f51f7a9cbad6db19294cd523b54f007d790b7bb316fe12438056282002b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 25 Feb 2022 13:23:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie, Origin
content-language
en
content-encoding
gzip
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,700|Roboto:400,700|Ubuntu:400,700|Merriweather:400,700
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
930a3ac3c1c6dcb5cb38b8b87f33954496249fa04fec9bc62e8cceb5a6c545d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 13:23:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 13:23:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 13:23:40 GMT
0b6ac661-fbc5-4cfd-8602-7285ea19b0e5.png
media.getanewsletter.com/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getanewsletter.com/0b6ac661-fbc5-4cfd-8602-7285ea19b0e5.png
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:16d8:2:401:46a8:42ff:fe42:3e2b Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
3d27d27dcba08edf7dd654647d5ce99178408a803298dd773a9041a4e5fe1594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
last-modified
Thu, 03 Feb 2022 17:19:08 GMT
server
nginx
etag
"61fc0e8c-3288a"
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
content-length
206986
expires
Wed, 02 Mar 2022 13:23:40 GMT
93d1cb86-a355-43aa-92ee-b15ac97bf789.jpg
media.getanewsletter.com/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getanewsletter.com/93d1cb86-a355-43aa-92ee-b15ac97bf789.jpg
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:16d8:2:401:46a8:42ff:fe42:3e2b Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
542d3bd06b81d2ff448a36b87cb4122d256a45298bbb9330643962da5c96ee2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
last-modified
Fri, 18 Feb 2022 14:33:08 GMT
server
nginx
etag
"620fae24-a3a3"
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
content-length
41891
expires
Wed, 02 Mar 2022 13:23:40 GMT
dd61161e-6e42-4b15-b403-95d4096b4914.jpg
media.getanewsletter.com/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getanewsletter.com/dd61161e-6e42-4b15-b403-95d4096b4914.jpg
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:16d8:2:401:46a8:42ff:fe42:3e2b Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
009f9bad40a80d2f6514df79a4bb8c6178a8cabcf157549eb475cb82abbda054

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
last-modified
Fri, 18 Feb 2022 15:57:12 GMT
server
nginx
etag
"620fc1d8-b62e"
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
content-length
46638
expires
Wed, 02 Mar 2022 13:23:40 GMT
ce726467-1f7c-4412-88df-536748bedcec.jpg
media.getanewsletter.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getanewsletter.com/ce726467-1f7c-4412-88df-536748bedcec.jpg
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:16d8:2:401:46a8:42ff:fe42:3e2b Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
08079e0e51ad8abbdfd93a830671294bdbd0e6d181b15ac6cd227708ac0f5834

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
last-modified
Sun, 20 Feb 2022 18:46:28 GMT
server
nginx
etag
"62128c84-508f"
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
content-length
20623
expires
Wed, 02 Mar 2022 13:23:40 GMT
7afebb33-07a8-4559-a2a6-11e8f78826e9.jpg
media.getanewsletter.com/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.getanewsletter.com/7afebb33-07a8-4559-a2a6-11e8f78826e9.jpg
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a00:16d8:2:401:46a8:42ff:fe42:3e2b Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
fe5cd5b39dae3428880477b511f6ca23be997e867332ede863eee3fde712f6e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
last-modified
Thu, 03 Feb 2022 17:23:18 GMT
server
nginx
etag
"61fc0f86-2fcbf"
content-type
image/jpeg
cache-control
max-age=432000
accept-ranges
bytes
content-length
195775
expires
Wed, 02 Mar 2022 13:23:40 GMT
facebook-medium.png
cdn.getanewsletter.com/blockeditor/social-icons/white/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getanewsletter.com/blockeditor/social-icons/white/facebook-medium.png
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2400:14:f753:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d32752bf144c0ab4670c634572c45e39642b7b8280bd165fb6f5c33f30d858e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 20:31:45 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified
Mon, 16 Nov 2020 08:09:40 GMT
server
AmazonS3
age
60716
etag
"7671ff51619b4c037ffd522bddf26c43"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2050
x-amz-cf-id
hylm1RcUGXVdVccIJryJ7uZcSlCEVrsT_eGehKCsq14XrBKzmyzfEQ==
instagram-medium.png
cdn.getanewsletter.com/blockeditor/social-icons/white/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getanewsletter.com/blockeditor/social-icons/white/instagram-medium.png
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2400:14:f753:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25ba86ab7f687cc69df88599a0e1ae32daaad711264cc0be85fee69eb91a44f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 12:40:00 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified
Mon, 16 Nov 2020 08:09:40 GMT
server
AmazonS3
age
29519
etag
"17fed56c53bbf7b745423d7167493f68"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
3509
x-amz-cf-id
F2v6RD7et2rR35goQcQ2HRdaiL8F9YBU_kDcLHKfDbYipfg_G4gHpA==
/
gantrack5.com/t/b/1_MzA2MzIxNDgwNjM=/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gantrack5.com/t/b/1_MzA2MzIxNDgwNjM=/
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:16d8:2:401:46a8:42ff:fe42:3e2b Karlskrona, Sweden, ASN42695 (CNHAB, SE),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
server
nginx
content-type
image/gif
vary
Accept-Language
content-language
sv
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.8/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.8/clipboard.min.js
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 13:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1349917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2676
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2355"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ebxrp03MUBGPWhMUxknMDibC01hIIe57j3gFfCsdWkOBfPnk5z3LUNrM1RJ2WJKuT5hz7vXhUWw%2B6POS371l64y7p2oi3knCm2JhceWMwO%2FY2oeUxQKIirVlZ%2B7XBfY1hDXCqdZXZVQGe04Y7CfIJLpm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e313fe01d900f76-MXP
expires
Wed, 15 Feb 2023 13:23:40 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: gansub.com
URL: https://gansub.com/t/v/1_MzA2MzIxNDgwNjM=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61380d22c412432bc2ebba302cc8fc9263af5ea9d783ed39756c1fecb0f0fcc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gansub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7Ggs+Ses5eERyQc76wK5sg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 25 Feb 2022 13:31:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
Sjpoojwuy2iaQaUETzVVghoxMKd/v6EWURhZKJ9TzPe6Ds0DAhuaDgfX97tV6kKASO9o0c4pbefhAK2CFX+ZOg==
x-fb-trip-id
917726464
x-fb-content-md5
f52e944f78beef7843b9a83d7444313a
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 25 Feb 2022 13:23:40 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a7e3f09eca45f2557bc82b62092ca14b"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,700|Roboto:400,700|Ubuntu:400,700|Merriweather:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gansub.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:30:31 GMT
x-content-type-options
nosniff
age
150789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:30:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,700|Roboto:400,700|Ubuntu:400,700|Merriweather:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gansub.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:30:30 GMT
x-content-type-options
nosniff
age
150790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:30:30 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,700|Roboto:400,700|Ubuntu:400,700|Merriweather:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gansub.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 21:34:13 GMT
x-content-type-options
nosniff
age
143367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 02:22:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 21:34:13 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Open+Sans:400,700|Roboto:400,700|Ubuntu:400,700|Merriweather:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gansub.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 21:33:16 GMT
x-content-type-options
nosniff
age
143424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 02:22:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 21:33:16 GMT
sdk.js
connect.facebook.net/en_US/ 		295 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bc2378ce3e7c1265af723a9d816b2b24
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c1df751b76c31bc22fc097b910801d4a584ef8cb689220056bfab1ce9e322df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gansub.com/
Origin
https://gansub.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
b+3fhizU+DvVhqbMD/IWsQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 25 Feb 2023 11:44:08 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
85138
x-fb-rlafr
0
x-fb-debug
+v3FcZJNB81gPcIRF7ziQ8EMCNsd3uRWuhjcEd/pn2/9ylhnGDLojX3ZhC1IXSypAlPJ4HF2iEw2aXDnvxNwGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
30b936f9ed697507461176e5d3803f6d
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 13:23:40 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7fb50390c9f2d4521dddbcc3b7236945"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| toggleClass undefined| fbAppInit function| load_widgets object| FB object| clipboard

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.getanewsletter.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gansub.com
gantrack5.com
media.getanewsletter.com
2600:9000:20eb:2400:14:f753:e600:93a1
2606:4700::6810:135e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a00:16d8:2:401:46a8:42ff:fe42:3e2b
2a03:2880:f02d:12:face:b00c:0:3
91.123.204.190
009f9bad40a80d2f6514df79a4bb8c6178a8cabcf157549eb475cb82abbda054
08079e0e51ad8abbdfd93a830671294bdbd0e6d181b15ac6cd227708ac0f5834
25ba86ab7f687cc69df88599a0e1ae32daaad711264cc0be85fee69eb91a44f8
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
3d27d27dcba08edf7dd654647d5ce99178408a803298dd773a9041a4e5fe1594
4c1df751b76c31bc22fc097b910801d4a584ef8cb689220056bfab1ce9e322df
542d3bd06b81d2ff448a36b87cb4122d256a45298bbb9330643962da5c96ee2d
56f90f51f7a9cbad6db19294cd523b54f007d790b7bb316fe12438056282002b
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
61380d22c412432bc2ebba302cc8fc9263af5ea9d783ed39756c1fecb0f0fcc7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
930a3ac3c1c6dcb5cb38b8b87f33954496249fa04fec9bc62e8cceb5a6c545d8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf
d32752bf144c0ab4670c634572c45e39642b7b8280bd165fb6f5c33f30d858e8
fe5cd5b39dae3428880477b511f6ca23be997e867332ede863eee3fde712f6e0