api.getanewsletter.com Open in urlscan Pro
194.71.224.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Submission: On May 01 via manual (May 1st 2024, 12:04:32 am UTC) from IN — Scanned from SE

Summary HTTP 8 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 194.71.224.15, located in Sweden and belongs to MAINLOOP-AS Mainloop AB, SE. The main domain is api.getanewsletter.com.
TLS certificate: Issued by R3 on April 4th 2024. Valid for: 3 months.

This is the only time api.getanewsletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	194.71.224.15 194.71.224.15	43893 (MAINLOOP-...) (MAINLOOP-AS Mainloop AB)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	2.16.202.57 2.16.202.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	44.196.254.224 44.196.254.224	14618 (AMAZON-AES) (AMAZON-AES)
2	18.172.113.101 18.172.113.101	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.72 52.222.214.72	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
8	6

2 194.71.224.15 (Sweden)

ASN43893 (MAINLOOP-AS Mainloop AB, SE)

api.getanewsletter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.202.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-57.deploy.static.akamaitechnologies.com

docucdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.196.254.224 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-254-224.compute-1.amazonaws.com

api.contentsnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.113.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-113-101.fra60.r.cloudfront.net

contentsnare-production.s3-accelerate.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-72.fra56.r.cloudfront.net

cdn.getanewsletter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	getanewsletter.com api.getanewsletter.com cdn.getanewsletter.com	17 KB
2	amazonaws.com contentsnare-production.s3-accelerate.amazonaws.com	537 KB
2	contentsnare.com 2 redirects api.contentsnare.com — Cisco Umbrella Rank: 817800	2 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	akamaihd.net docucdn-a.akamaihd.net — Cisco Umbrella Rank: 7849	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
8	6

	Domain	Requested by
2	contentsnare-production.s3-accelerate.amazonaws.com	api.getanewsletter.com
2	api.contentsnare.com	2 redirects
2	api.getanewsletter.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.getanewsletter.com	api.getanewsletter.com
1	docucdn-a.akamaihd.net	api.getanewsletter.com
1	fonts.googleapis.com	api.getanewsletter.com
8	7

This site contains links to these domains. Also see Links.

Domain
gansub.com
rickhome.com
www.getanewsletter.com

Subject Issuer	Validity	Valid
ganprod.com R3	`2024-04-04` - `2024-07-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.getanewsletter.com Amazon RSA 2048 M03	`2023-10-02` - `2024-10-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Frame ID: AE183299368919650565915A92DA1939
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Docusign

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

573 kB
Transfer

575 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://gansub.com/t/pm/6067984871531/
Title: View it in the browser

Search URL Search Domain Scan URL

URL: https://rickhome.com/7ffb9804b50f/

Search URL Search Domain Scan URL

URL: https://gansub.com/c/update_contact/
Title: Edit subscription

Search URL Search Domain Scan URL

URL: https://gansub.com/c/unsubscribe/
Title: Cancel subscription

Search URL Search Domain Scan URL

URL: https://www.getanewsletter.com/?a_aid=a26434&utm_source=freeaccount&utm_medium=email

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://api.contentsnare.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBL0VKTmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--4935ec635f71a08fcb71b10131870d042f1f7242/page.docx.jpg HTTP 302
https://contentsnare-production.s3-accelerate.amazonaws.com/cftlskhw5ofdbs79gw1o4u8d20hz?response-content-disposition=inline%3B%20filename%3D%22page.docx.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.docx.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEO7TYJAYQI5QCQQ%2F20240501%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240501T000427Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=3caa22f7f465c4fc73740e8df350bfbd1a97c6177ef4ef76160a66876ca8e96c

Request Chain 3

https://api.contentsnare.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMDBnTmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--6b42a419e115798d48577e0041b6e2156920e6de/page.jpg HTTP 302
https://contentsnare-production.s3-accelerate.amazonaws.com/j28ikdek57t9n41wte5wlot964bw?response-content-disposition=inline%3B%20filename%3D%22page.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEO7TYJAYQI5QCQQ%2F20240501%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240501T000427Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=79a0530410da8ee805a2c36d2e56a0cfb6c6fb487a54458fec759ce2006de54e

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
api.getanewsletter.com/v3/preview_mail/3161741/ 14 KB
14 KB 210ms
105ms Document
text/html 194.71.224.15
MAINLOOP-AS Mainl...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.71.224.15 , Sweden, ASN43893 (MAINLOOP-AS Mainloop AB, SE),
Reverse DNS
Software: nginx /
Resource Hash: eefe43f824b71af25db4db032b64bb43c9a1128fd232dd1bc7e463cfe2a5e6be

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

allow: GET, HEAD, OPTIONS
cache-control: no-cache private no-store must-revalidate
content-language: en
content-length: 13992
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 00:04:27 GMT
expires: Wed, 01 May 2024 00:04:26 GMT
pragma: no-cache
server: nginx
vary: Accept, Accept-Language, Cookie, Origin

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 193ms
63ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: api.getanewsletter.com
URL: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://api.getanewsletter.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 00:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 22:54:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 00:04:27 GMT

GET
H2 200 ds-logo-default.svg
docucdn-a.akamaihd.net/olive/images/2.63.0/global-assets/ 4 KB
2 KB 199ms
50ms Image
image/svg+xml 2.16.202.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docucdn-a.akamaihd.net/olive/images/2.63.0/global-assets/ds-logo-default.svg

Requested by

Host: api.getanewsletter.com
URL: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.202.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-202-57.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

8f77cfc832517c619bc1b8d82a6a478ee18d97442b4c78b006b0286cec91e1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://api.getanewsletter.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 00:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2024 18:22:07 GMT
server: AkamaiNetStorage
etag: "ec396047518a7fef11d53d1b4f6be65b:1712168527.269716"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=29851684
accept-ranges: bytes
content-length: 1716

GET
H/1.1

200
OK

cftlskhw5ofdbs79gw1o4u8d20hz
contentsnare-production.s3-accelerate.amazonaws.com/
Redirect Chain

https://api.contentsnare.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBL0VKTmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--4935ec635f71a08fcb71b10131870d042f1f7242/p...
https://contentsnare-production.s3-accelerate.amazonaws.com/cftlskhw5ofdbs79gw1o4u8d20hz?response-content-disposition=inline%3B%20filename%3D%22page.docx.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.d...

207 KB
207 KB

663ms
527ms

Image
image/jpeg

18.172.113.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contentsnare-production.s3-accelerate.amazonaws.com/cftlskhw5ofdbs79gw1o4u8d20hz?response-content-disposition=inline%3B%20filename%3D%22page.docx.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.docx.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEO7TYJAYQI5QCQQ%2F20240501%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240501T000427Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=3caa22f7f465c4fc73740e8df350bfbd1a97c6177ef4ef76160a66876ca8e96c
Requested by: Host: api.getanewsletter.com
URL: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Protocol: HTTP/1.1
Server: 18.172.113.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-113-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce3fafd06844c80d54fe141faf794e6eac3857dbdefb16019d81a648aa5bd2ac

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer: https://api.getanewsletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 01 May 2024 00:04:29 GMT
Via: 1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront)
x-amz-request-id: 1TH5BGCX6RX7J5R6
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: aws:kms
X-Cache: Miss from cloudfront
Content-Disposition: inline; filename="page.docx.jpg"; filename*=UTF-8''page.docx.jpg
Connection: keep-alive
Content-Length: 211541
x-amz-id-2: lgX6VKQ0/VSJPCPvrRLXj1AyGoQQNG1A+vKnu5viCbAwklUpIr8jjmbarlazVnnXbvNJcJToblU=
Last-Modified: Tue, 30 Apr 2024 09:30:23 GMT
Server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:359876452365:key/9cd98b6e-a093-42c0-abd9-7a1db4f84494
ETag: "0e176872feee71ebe03cf571ce60f16a"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: mJ13tb2VhLFLvxApp_46Ns7UHSQ7pXNmJIKHykdJsC2_JwBZ8GLdlw==
x-amz-server-side-encryption-bucket-key-enabled: true

Redirect headers

x-runtime: 0.027266
date: Wed, 01 May 2024 00:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15768000
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
location: https://contentsnare-production.s3-accelerate.amazonaws.com/cftlskhw5ofdbs79gw1o4u8d20hz?response-content-disposition=inline%3B%20filename%3D%22page.docx.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.docx.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEO7TYJAYQI5QCQQ%2F20240501%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240501T000427Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=3caa22f7f465c4fc73740e8df350bfbd1a97c6177ef4ef76160a66876ca8e96c
cache-control: max-age=300, private
x-xss-protection: 1; mode=block
x-request-id: 4d98458a-e5cf-428f-bf5e-62c55d4ba506

GET
H/1.1

200
OK

j28ikdek57t9n41wte5wlot964bw
contentsnare-production.s3-accelerate.amazonaws.com/
Redirect Chain

https://api.contentsnare.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMDBnTmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--6b42a419e115798d48577e0041b6e2156920e6de/p...
https://contentsnare-production.s3-accelerate.amazonaws.com/j28ikdek57t9n41wte5wlot964bw?response-content-disposition=inline%3B%20filename%3D%22page.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.jpg&re...

329 KB
330 KB

601ms
461ms

Image
image/jpeg

18.172.113.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contentsnare-production.s3-accelerate.amazonaws.com/j28ikdek57t9n41wte5wlot964bw?response-content-disposition=inline%3B%20filename%3D%22page.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEO7TYJAYQI5QCQQ%2F20240501%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240501T000427Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=79a0530410da8ee805a2c36d2e56a0cfb6c6fb487a54458fec759ce2006de54e
Requested by: Host: api.getanewsletter.com
URL: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Protocol: HTTP/1.1
Server: 18.172.113.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-113-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8317a5e62f1f587a3a0711bd46fc578f0777856e7eb3538e8c1fea4fdf36af67

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer: https://api.getanewsletter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Wed, 01 May 2024 00:04:28 GMT
Via: 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-amz-request-id: 1THCFQ7F56DCYSBX
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: aws:kms
X-Cache: Miss from cloudfront
Content-Disposition: inline; filename="page.jpg"; filename*=UTF-8''page.jpg
Connection: keep-alive
Content-Length: 336576
x-amz-id-2: 0WSLkLlgyORvqbh7A++GyU5C32NhlCf3eVjTbvE8rSn49agqAcXaW8GWq/wCC/qca9e7Xu5EtpI=
Last-Modified: Tue, 30 Apr 2024 21:38:42 GMT
Server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:359876452365:key/9cd98b6e-a093-42c0-abd9-7a1db4f84494
ETag: "d9dabb832a5c0786b48426bc8565e9f8"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: vMBioCiF1V44MLctyILPpSerGAjdNSNkepObaFJLUmc-Mrx5rlZUWw==
x-amz-server-side-encryption-bucket-key-enabled: true

Redirect headers

x-runtime: 0.023211
date: Wed, 01 May 2024 00:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15768000
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
location: https://contentsnare-production.s3-accelerate.amazonaws.com/j28ikdek57t9n41wte5wlot964bw?response-content-disposition=inline%3B%20filename%3D%22page.jpg%22%3B%20filename%2A%3DUTF-8%27%27page.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEO7TYJAYQI5QCQQ%2F20240501%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240501T000427Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=79a0530410da8ee805a2c36d2e56a0cfb6c6fb487a54458fec759ce2006de54e
cache-control: max-age=300, private
x-xss-protection: 1; mode=block
x-request-id: 4773fd53-9b37-4b23-8744-15bae10021ec

GET
H2 200 gan-logo.png
cdn.getanewsletter.com/blockeditor/ 3 KB
3 KB 389ms
57ms Image
image/png 52.222.214.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.getanewsletter.com/blockeditor/gan-logo.png
Requested by: Host: api.getanewsletter.com
URL: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2b2a9f50608b750bd403ab8f288cff7855be5a340ba55a3f73b63764232b92b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://api.getanewsletter.com/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:22:50 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified: Thu, 19 Nov 2020 08:45:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 63698
etag: "1668508f1ffec3aa198d102c0b0b0c58"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2656
x-amz-cf-id: l8qk1Rsox4dApCQZaFka9xftQo0aMVSOns51QKSjE2LbMLUw9LAkoQ==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 189ms
55ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://api.getanewsletter.com
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 38204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 13:27:43 GMT

GET
H2 404 favicon.ico
api.getanewsletter.com/ 179 B
299 B 38ms
37ms Other
text/html 194.71.224.15
MAINLOOP-AS Mainl...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getanewsletter.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.71.224.15 , Sweden, ASN43893 (MAINLOOP-AS Mainloop AB, SE),
Reverse DNS
Software: nginx /
Resource Hash: 5547992afdadb59737c5c0feb1a35dff294cd27145bf290c031737ecf8a2577d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://api.getanewsletter.com/v3/preview_mail/3161741/?public_key=bda61da758451cd2dcf01af39608285b
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 00:04:28 GMT
server: nginx
content-length: 179
vary: Accept-Language, Cookie, Origin
content-language: en

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.getanewsletter.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.contentsnare.com
api.getanewsletter.com
cdn.getanewsletter.com
contentsnare-production.s3-accelerate.amazonaws.com
docucdn-a.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
142.250.185.195
142.250.186.42
18.172.113.101
194.71.224.15
2.16.202.57
44.196.254.224
52.222.214.72
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
5547992afdadb59737c5c0feb1a35dff294cd27145bf290c031737ecf8a2577d
8317a5e62f1f587a3a0711bd46fc578f0777856e7eb3538e8c1fea4fdf36af67
8f77cfc832517c619bc1b8d82a6a478ee18d97442b4c78b006b0286cec91e1a8
ce3fafd06844c80d54fe141faf794e6eac3857dbdefb16019d81a648aa5bd2ac
eefe43f824b71af25db4db032b64bb43c9a1128fd232dd1bc7e463cfe2a5e6be
f2b2a9f50608b750bd403ab8f288cff7855be5a340ba55a3f73b63764232b92b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

api.getanewsletter.com Open in urlscan Pro 194.71.224.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

573 kBTransfer

575 kBSize

0 Cookies

5 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

api.getanewsletter.com Open in urlscan Pro
194.71.224.15 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

573 kB
Transfer

575 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions