urlscan.io logo urlscan.io
SecurityTrails logo

pjnewsletter.com Open in urlscan Pro
2606:4700:10::6816:2ace  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u8203715.ct.sendgrid.net/ls/click?upn=u001.FxywnDaqjehVRjQ7FCPyozvfJpyruipIWDeVRkB7GeLjV44nRWSDHuZUTFkPHIMBLA-2F-2BzC0Fq0...
Effective URL: https://pjnewsletter.com/
Submission: On November 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 60 HTTP transactions. The main IP is 2606:4700:10::6816:2ace, located in United States and belongs to CLOUDFLARENET, US. The main domain is pjnewsletter.com. The Cisco Umbrella rank of the primary domain is 606592.
TLS certificate: Issued by E6 on October 20th 2024. Valid for: 3 months.
This is the only time pjnewsletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.118.126 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x126.outbound-mail.sendgrid.net
u8203715.ct.sendgrid.net
33    2606:4700:10::6816:2ace (United States)

ASN13335 (CLOUDFLARENET, US)
pjnewsletter.com
2    2a02:26f0:480:33::212:40c5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
client.px-cloud.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3037::ac43:bd16 (United States)

ASN13335 (CLOUDFLARENET, US)
ruamupr.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.107.199.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.199.107.34.bc.googleusercontent.com
stk.px-cloud.net
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxqegyaqlb.px-cloud.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    134.122.109.150 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
souhaija.site
3    2606:4700:20::681a:88b (United States)

ASN13335 (CLOUDFLARENET, US)
js.sparkloop.app
script.sparkloop.app
dash.sparkloop.app
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
33 pjnewsletter.com
pjnewsletter.com — Cisco Umbrella Rank: 606592
2 MB
5 px-cloud.net
client.px-cloud.net — Cisco Umbrella Rank: 4419
stk.px-cloud.net — Cisco Umbrella Rank: 21462
collector-pxqegyaqlb.px-cloud.net — Cisco Umbrella Rank: 689841
73 KB
4 gstatic.com
fonts.gstatic.com
70 KB
3 sparkloop.app
js.sparkloop.app — Cisco Umbrella Rank: 67861
script.sparkloop.app — Cisco Umbrella Rank: 66856
dash.sparkloop.app — Cisco Umbrella Rank: 61190
53 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
291 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 souhaija.site
souhaija.site
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
74 KB
2 ruamupr.com
ruamupr.com — Cisco Umbrella Rank: 70242
38 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
545 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 sendgrid.net
u8203715.ct.sendgrid.net
248 B
60 16
Domain Requested by
33 pjnewsletter.com 2 redirects pjnewsletter.com
static.cloudflareinsights.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com pjnewsletter.com
www.googletagmanager.com
2 www.facebook.com pjnewsletter.com
2 souhaija.site www.googletagmanager.com
souhaija.site
2 connect.facebook.net pjnewsletter.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 collector-pxqegyaqlb.px-cloud.net client.px-cloud.net
2 ruamupr.com 1 redirects pjnewsletter.com
2 client.px-cloud.net pjnewsletter.com
client.px-cloud.net
1 dash.sparkloop.app js.sparkloop.app
1 region1.google-analytics.com client.px-cloud.net
1 www.google.de pjnewsletter.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com client.px-cloud.net
1 script.sparkloop.app pjnewsletter.com
1 js.sparkloop.app 1 redirects
1 stk.px-cloud.net client.px-cloud.net
1 static.cloudflareinsights.com pjnewsletter.com
1 fonts.googleapis.com pjnewsletter.com
1 u8203715.ct.sendgrid.net 1 redirects
60 21

This site contains links to these domains. Also see Links.

Domain
facebook.com
Subject Issuer Validity Valid
pjnewsletter.com
E6		 2024-10-20 -
2025-01-18		 3 months crt.sh
client.botchk.net
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2024-08-16 -
2025-09-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-13 -
2024-11-11		 3 months crt.sh
souhaija.site
R10		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
sparkloop.app
Cloudflare Inc ECC CA-3		 2024-08-31 -
2024-12-31		 4 months crt.sh

This page contains 2 frames:

Primary Page: https://pjnewsletter.com/
Frame ID: F290217C226414F1E59DEEC5921AC848
Requests: 58 HTTP requests in this frame

Frame: https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: D500CDBD01F7D241F41ABCF1A2C686B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Patriot Journal | The other side of the story

Page URL History Show full URLs

  1. https://u8203715.ct.sendgrid.net/ls/click?upn=u001.FxywnDaqjehVRjQ7FCPyozvfJpyruipIWDeVRkB7GeLjV44nRWSDHuZUTF... HTTP 302
    https://pjnewsletter.com/author/adamcasalino/ HTTP 301
    https://pjnewsletter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

60
Requests

95 %
HTTPS

78 %
IPv6

16
Domains

21
Subdomains

17
IPs

4
Countries

2607 kB
Transfer

3984 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u8203715.ct.sendgrid.net/ls/click?upn=u001.FxywnDaqjehVRjQ7FCPyozvfJpyruipIWDeVRkB7GeLjV44nRWSDHuZUTFkPHIMBLA-2F-2BzC0Fq0wduAH1d5umdg-3D-3Dz8c4_tSD0oRiVTihaIVjpZvTjL2MctS7tJKqtQXoIVOYTjqUIk3z-2FOvuQwt6-2FtAFXQnSGn-2FO-2FLpuwUT2HfBMxj01F3DtT3aBBQSaNdyTDWi3TwLgKzttX00w95x1V-2BQccyTXKszLL5WKFprK9sxtPKL8DUKDNv1OJtndjvI155xLbUNoz2DqKuA-2B7GmcRLPVQPg3M5dyEQiitX4yT18NU2KGPiw-3D-3D HTTP 302
    https://pjnewsletter.com/author/adamcasalino/ HTTP 301
    https://pjnewsletter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://ruamupr.com/13376 HTTP 302
  • https://ruamupr.com/script/DE/1/13376
Request Chain 37
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 43
  • https://js.sparkloop.app/team_ee2153f3c6ee.js HTTP 301
  • https://script.sparkloop.app/team_ee2153f3c6ee.js

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pjnewsletter.com/
Redirect Chain
  • https://u8203715.ct.sendgrid.net/ls/click?upn=u001.FxywnDaqjehVRjQ7FCPyozvfJpyruipIWDeVRkB7GeLjV44nRWSDHuZUTFkPHIMBLA-2F-2BzC0Fq0wduAH1d5umdg-3D-3Dz8c4_tSD0oRiVTihaIVjpZvTjL2MctS7tJKqtQXoIVOYTjqUIk...
  • https://pjnewsletter.com/author/adamcasalino/
  • https://pjnewsletter.com/
94 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8852079ce12b84eda6a888b56ccc22b13fc470b00bcd0f587eca298d4d4090b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
3973
cache-control
max-age=14400
cf-apo-via
tcache
cf-cache-status
HIT
cf-edge-cache
cache,platform=wordpress
cf-ray
8dd62d78ff851913-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Nov 2024 17:03:28 GMT
last-modified
Mon, 04 Nov 2024 15:51:56 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
x-cf-score
99
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-px-score
50
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=14400
cf-apo-via
tcache
cf-cache-status
HIT
cf-edge-cache
cache,platform=wordpress
cf-ray
8dd62d757b8d1913-FRA
content-type
text/html; charset=UTF-8
date
Mon, 04 Nov 2024 17:03:28 GMT
location
https://pjnewsletter.com
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
x-cf-score
99
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-px-score
50
x-redirect-by
Yoast SEO
x-xss-protection
1; mode=block
main.min.js
client.px-cloud.net/PXQEGyaQLb/ 		168 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40c5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e799c5136c7dc4990578c02680c4fc007ca9fc4fb4b88594da5824c208088797

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
max-age=600
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
content-encoding
gzip
etag
"1f298e97980764348890f8a9e211b2be"
active-cdn
Akamai
expires
Mon, 04 Nov 2024 17:11:08 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-stored-content-length
71492
content-length
71492
date
Mon, 04 Nov 2024 17:03:28 GMT
last-modified
Mon, 04 Nov 2024 16:54:58 GMT
content-type
application/javascript; charset=utf-8
server
UploadServer
vary
Accept-Encoding
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc683d8a4671884de766a10c2846c426a025e8a65d67e8eec239ab9a98508af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 17:03:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 04 Nov 2024 17:03:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.min.css
pjnewsletter.com/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e3e1df-1b72b"
age
3973
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/css
last-modified
Fri, 13 Sep 2024 06:55:27 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a69391913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
jquery.min.js
pjnewsletter.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e2d329-15601"
age
3973
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript
last-modified
Thu, 12 Sep 2024 11:40:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a793f1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
jquery-migrate.min.js
pjnewsletter.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e2d328-3509"
age
3973
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript
last-modified
Thu, 12 Sep 2024 11:40:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a79411913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
style.css
pjnewsletter.com/wp-content/themes/patriotjournal/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/themes/patriotjournal/style.css?v=1.0.57.5
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5da7d479ee8124d1d2794909c0d44f86ead2ff960e0f426c83e2070d793189d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67192b32-b633"
age
3973
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 16:58:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a793c1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
style.css
pjnewsletter.com/wp-content/themes/patriotjournal/layouts/fixed-sidebar/ 		1 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/themes/patriotjournal/layouts/fixed-sidebar/style.css?v=1.0.57.5
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f75fb6e8e5c2c114624083d37a6d264cab14f6c04d570ee46560efc7db29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6728e96c-51c"
age
3879
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/css
last-modified
Mon, 04 Nov 2024 15:34:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a793d1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
clever_ads.js
pjnewsletter.com/wp-content/themes/patriotjournal/js/ 		111 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/themes/patriotjournal/js/clever_ads.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4f21177d8ce78c2cdb9ad1cd4b0dccd3aaa7adfdd1d73b86bda6741c949267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"651e8b1f-6f"
age
3973
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript
last-modified
Thu, 05 Oct 2023 10:08:31 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a79421913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
logo-1.png
pjnewsletter.com/wp-content/uploads/2024/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/01/logo-1.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bd3e6c095affec71509e1c2b46cf10b0dd96d88a9f5694b48285602fd43464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65a50401-7a6"
age
3879
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=1958
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="logo-1.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 15 Jan 2024 10:08:01 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7a79431913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
13376
ruamupr.com/script/DE/1/
Redirect Chain
  • https://ruamupr.com/13376
  • https://ruamupr.com/script/DE/1/13376
108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ruamupr.com/script/DE/1/13376
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Server
2606:4700:3037::ac43:bd16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd91ea4afcbe611732b5fd8c4ba8fe9364308671beb984faacbe6bc5fa0b5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"187056fcf0438a519eb3f282ec0e6c3c4747c42f"
age
60
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUzTgD3Lx3d8p21YtmSuk2tgWtER16NSjpEwUk5%2FYxCiz2qD6K0HXzCJeRwLvt4yY6GNWnuPbCT97S5NJIRoR2SJTE9DGAF4wmZOVSzBw%2FFzwQI9EfzMKRLpqwL7IvGEVfavSZsPFZSgXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 04 Nov 2024 17:03:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6360&sent=13&recv=15&lost=0&retrans=2&sent_bytes=5464&recv_bytes=2331&delivery_rate=660258&cwnd=254&unsent_bytes=0&cid=a7d67fb42c177782&ts=249&x=0"
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-tornado
yes
cf-ray
8dd62d7c1caedc70-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location
https://ruamupr.com/script/DE/1/13376
cf-cache-status
BYPASS
pragma
no-cache
x-tornado
yes
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OT7TzgEEQq9X9fglyuXaW1LUIqONirUb%2B%2BDGlqLvOG5FAE3sNKfsEAiySyU7BH%2FH4Fq6qYfLssbZTN5jYCDl0HozwFKpPZXgR9NJNf5YTr546ya691y574pBrYZcqmjaHJGEad8L5fUWUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd62d7ad93fdc70-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6125&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3980&recv_bytes=2264&delivery_rate=660258&cwnd=253&unsent_bytes=0&cid=a7d67fb42c177782&ts=135&x=0"
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
frontend.min.js
pjnewsletter.com/wp-content/plugins/q2w3-fixed-widget/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"648b28b8-5b89"
age
3972
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript
last-modified
Thu, 15 Jun 2023 15:05:28 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7ab9871913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
subscribe.js
pjnewsletter.com/wp-content/plugins/inboxfirst-by-klicked-master/assets/ 		933 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/plugins/inboxfirst-by-klicked-master/assets/subscribe.js?ver=1.1.2
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225ac4b774f17cbcd24aeb0ea479625645b81132d6208cded6c5bd5ee98d457f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5e4cec4e-3a5"
age
3878
x-cf-score
-1
x-content-type-options
nosniff
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript
last-modified
Wed, 19 Feb 2020 08:05:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b09e01913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://pjnewsletter.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8dd62d7bd9199f51-FRA
access-control-allow-origin
*
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		243 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
508cba4dec90af22928a174ec73025c14b41ac08d6448720180df686e46a5fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 04 Nov 2024 17:03:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 04 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87217
x-xss-protection
0
server
Google Tag Manager
trump-speech-1024x538.png
pjnewsletter.com/wp-content/uploads/2024/10/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/trump-speech-1024x538.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e701d4a9d69c68244f71040588a78150965b7cfcdc0b9dbaf81bdf513ea6da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"67127ad3-3f84e"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=260174
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="trump-speech-1024x538.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 18 Oct 2024 15:12:19 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a091913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
bidenharris-1024x538.png
pjnewsletter.com/wp-content/uploads/2023/03/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/03/bidenharris-1024x538.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8480670189122f2ad2f0337efc9d565a6b1fcdff51a65f88a7a6504cd9381eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"641df0c0-43837"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=276535
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="bidenharris-1024x538.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 24 Mar 2023 18:49:36 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a0c1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
trump-butler-1024x538.png
pjnewsletter.com/wp-content/uploads/2024/07/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/07/trump-butler-1024x538.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd630474de5247254016e1cb53f71cb68b8ed84152dba34fbeb44039388082a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"6695543b-47a32"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=293426
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="trump-butler-1024x538.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 15 Jul 2024 16:54:19 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a0d1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
rogan-trump-768x403.png
pjnewsletter.com/wp-content/uploads/2023/06/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/06/rogan-trump-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeedf509adf4ce9cd98a84ad6456e4c069438ac6b57a4691c9f5bb475a12238b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"6488ac25-25a30"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=154160
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="rogan-trump-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Tue, 13 Jun 2023 17:49:25 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a111913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Kamala-Harris-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/11/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/11/Kamala-Harris-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e073b29a11f40255d352a8a0ab493928b2794e60f18e10de2b23e66de75d00e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"67253a39-5c50"
x-cf-score
-1
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
cf-polished
origSize=23632
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 20:29:45 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a121913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
joebiden-youngkin-768x403.png
pjnewsletter.com/wp-content/uploads/2023/09/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/09/joebiden-youngkin-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd97820aa3fe4c34d8ec4f5374abc8f4e234c265c998ead7d99438e7286bc9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65146627-23355"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=144213
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="joebiden-youngkin-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Wed, 27 Sep 2023 17:28:07 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a141913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
kamalaharris-768x403.png
pjnewsletter.com/wp-content/uploads/2024/08/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/08/kamalaharris-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315be61baab9850cb89bf9c887747c20b13e49b674fe71c2ccd5880a241be564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66b1034e-7b5fc"
x-cf-score
-1
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=505340
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
image/webp
content-disposition
inline; filename="kamalaharris-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 05 Aug 2024 16:52:30 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a171913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Trump-CNN-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/Trump-CNN-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed21bcc4074e8470da87bd05ea6c5fb7ba663f3e0661101eb5607db3c2efd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"672283d3-577d"
x-cf-score
-1
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
cf-polished
origSize=22397
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Wed, 30 Oct 2024 19:06:59 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a1b1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
bidenkamalasmile-768x403.jpg
pjnewsletter.com/wp-content/uploads/2020/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2020/12/bidenkamalasmile-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7790bd043126caf449812685debca12d6108198f3c21bc77e5fa2fe41dd5e626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"5fecd5db-7c0b"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
status=not_needed
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Wed, 30 Dec 2020 19:32:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a1c1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
ballots-768x403.png
pjnewsletter.com/wp-content/uploads/2024/09/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/09/ballots-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7e7b76d7ba24ec1c8c1964e4e6cc64e8e0e3c6f317ee57c06ec1bf74f4b695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66d9c939-2033c"
age
3879
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=131900
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="ballots-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Thu, 05 Sep 2024 15:07:37 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a1d1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
kamala-oops-sad-768x402.png
pjnewsletter.com/wp-content/uploads/2022/06/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2022/06/kamala-oops-sad-768x402.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fadb81922ec2221894f36419efeec468dfcb6c70fa4ebc363f33107de9df3419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"62b36102-221f6"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=139766
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="kamala-oops-sad-768x402.webp"
vary
Accept, Accept-Encoding
last-modified
Wed, 22 Jun 2022 18:35:46 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a1e1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
squad-768x403.jpg
pjnewsletter.com/wp-content/uploads/2023/11/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/11/squad-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
003e386e5e5def8868d2e74a5f7562c2124de0f4fe20ba1798fb77c881fb429e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"654aba47-7e4b"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=32331
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Tue, 07 Nov 2023 22:29:27 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a1f1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
trumpkamala-1-768x403.jpg
pjnewsletter.com/wp-content/uploads/2020/10/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2020/10/trumpkamala-1-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1655575bac7b0e3156a32e00c8dbf1241a049a211bd21ddfc03bf06a9d0c29f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"5f7e20e9-7be7"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
status=not_needed
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Wed, 07 Oct 2020 20:11:21 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b1a211913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Kamala-Harris-3-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/08/Kamala-Harris-3-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52765d5bbaf18d6264658a046ce2fed1d4333fa79b1a251e73bf6e805aacd95e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66ce29c6-4d9d"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=19869
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Tue, 27 Aug 2024 19:32:22 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b2a231913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Trump-Harris-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/11/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/11/Trump-Harris-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d882bdb04cff61c71de4e8191153f3ef17482b780847638087ee9b29fda34a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"672542df-4bb9"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=19385
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 21:06:39 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b2a251913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
bosa-jersey-768x403.png
pjnewsletter.com/wp-content/uploads/2024/11/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/11/bosa-jersey-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d9369676cd140e7419cd4b7f44b55574ea6bbde1838405b46a0554b01ead86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"672505f9-1e8a1"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=125089
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="bosa-jersey-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 01 Nov 2024 16:46:49 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b2a261913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
votingmachine-768x403.png
pjnewsletter.com/wp-content/uploads/2024/08/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/08/votingmachine-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc06838fb63363e72187b66d28098841ea5addafc01a350e34227d3211f965b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66b6433a-1fd18"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=130328
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
image/webp
content-disposition
inline; filename="votingmachine-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 09 Aug 2024 16:26:34 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d7b2a271913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
438051
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:22:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:22:37 GMT
last-modified
Thu, 01 Jun 2023 23:15:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21528
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
438079
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:22:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:22:09 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
438236
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:19:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:19:32 GMT
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14824
x-xss-protection
0
server
sffe
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
223225
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 03:03:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 03:03:03 GMT
last-modified
Thu, 01 Jun 2023 23:17:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20528
x-xss-protection
0
server
sffe
ns
stk.px-cloud.net/ 		350 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stk.px-cloud.net/ns?c=b660c370-9ace-11ef-ad89-07d71aeb2b5e
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.199.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.199.107.34.bc.googleusercontent.com
Software
/
Resource Hash
4c0958086ec92c1078ea71617638e9d61b6d06d3702ba45fc4e62477ce941e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
350
Date
Mon, 04 Nov 2024 17:03:28 GMT
Content-Type
text/html
collector
collector-pxqegyaqlb.px-cloud.net/api/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxqegyaqlb.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0d90154e4471d97b0f042f620ee32e4e884380d1a989fd4151eac5b271eb7a75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://pjnewsletter.com/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
via
1.1 google
access-control-allow-origin
https://pjnewsletter.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1124
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
application/json; charset=utf-8
main.js
pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame D500
Redirect Chain
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ce6b62b59d50c2c096d7fb13a7409d261ba6df708eeda27f636b3a8142c3b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8dd62d7d3c721913-FRA
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8dd62d7d1c541913-FRA
access-control-allow-origin
*
content-length
0
date
Mon, 04 Nov 2024 17:03:28 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		312 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6EDY1BF25J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f38fc8edab34156ee0ab1ff70e9b02f4a2822ff74a6bb9696c4cd762d5b5578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 04 Nov 2024 17:03:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106658
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		295 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6L5Q55KN3H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3a80f2a08372d72898f873c72e43ca952d405462a42361e9f1ed1dc9bddaa36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 04 Nov 2024 17:03:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103220
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
age
5834
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 17:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 15:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-M6B5bEdR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 04 Nov 2024 17:03:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-M6B5bEdR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4604, tp=12, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
b6uaCszT1a1x7+742HpqiXeI4HdyISbj6fQXQ78KVFlVTdZKAbKtmeiYzZjTBl1vJWnyx8M1id+UgWEAwukFQw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
13285
souhaija.site/easylist/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://souhaija.site/easylist/13285
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.122.109.150 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
84e610fb0874167a0e943d22073ed69a809f184c120036d333ead14db1a8cd19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-store, no-cache
etag
W/"108c-DDICjRgbK0IpBIN734MGVsi8msI"
access-control-allow-origin
*
content-length
4236
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
application/javascript; charset=utf-8
x-powered-by
Express
server
nginx
team_ee2153f3c6ee.js
script.sparkloop.app/
Redirect Chain
  • https://js.sparkloop.app/team_ee2153f3c6ee.js
  • https://script.sparkloop.app/team_ee2153f3c6ee.js
92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.sparkloop.app/team_ee2153f3c6ee.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd81654fa51075588307db3ffbd6ab2b654f62db26a59daa4a362a5b0faf714e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XO5e1QdXUC%2BqfVq%2FweOzjNTxU%2BKx8lFXqLcHi4IAD98vNrF%2BgAvAxheEQ8WuzLou493n6cr%2BDiQJwxVJXKKZQHIZgJ6kaxmx1J5XRvXJGpZ0QvpJTk3BiPTs%2BVW1BJAAXmiqEMQmhXrfjHFZorhUcqZU"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd62d7ead304d73-FRA
server-timing
cfL4;desc="?proto=TCP&rtt=6806&sent=11&recv=17&lost=0&retrans=0&sent_bytes=4523&recv_bytes=2318&delivery_rate=643826&cwnd=257&unsent_bytes=0&cid=a86dbfd8d842bed6&ts=233&x=0"
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://script.sparkloop.app/team_ee2153f3c6ee.js
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2ZGjhgmOAgVHxamJle1A%2FH5fzEWO5BFW%2FUXnYWWB1cUYOPKcvY%2Fzl2%2FI9h16QFOo34r1%2B7Hv6koC%2BGXkYI0W7hNCN2wd7JnsnH2sf2kBtjw0K%2Bx9NzXx6e%2FP3IS%2B4y%2BQtDkvssfrfEr81YmKCk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dd62d7e4ccc4d73-FRA
expires
Mon, 04 Nov 2024 18:03:29 GMT
content-length
167
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
8dd62d78ff851913
pjnewsletter.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D500 		0
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/jsd/r/8dd62d78ff851913
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8dd62d7e8e0b1913-FRA
content-length
0
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
main.min.js
client.px-cloud.net/PXQEGyaQLb/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40c5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
max-age=600
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
content-encoding
gzip
etag
"1f298e97980764348890f8a9e211b2be"
active-cdn
Akamai
expires
Mon, 04 Nov 2024 17:11:08 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-stored-content-length
71492
content-length
71492
date
Mon, 04 Nov 2024 17:03:28 GMT
last-modified
Mon, 04 Nov 2024 16:54:58 GMT
content-type
application/javascript; charset=utf-8
server
UploadServer
vary
Accept-Encoding
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6EDY1BF25J&gtm=45je4au0v886867345z8848813796za200zb848813796&_p=1730739808427&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1343180277.1730739809&ecid=1233226453&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1730739809&sct=1&seg=0&dl=https%3A%2F%2Fpjnewsletter.com%2F&dt=Patriot%20Journal%20%7C%20The%20other%20side%20of%20the%20story&en=page_view&_fv=1&_nsi=1&_ss=1&ep.post_id=null&ep.publish_date=null&ep.bot_detected=0&ep.cf_bot_detected=0&ep.cf2_bot_detected=0&ep.cf_raw_bot_detected=99&tfd=2465
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6EDY1BF25J&cid=1343180277.1730739809&gtm=45je4au0v886867345z8848813796za200zb848813796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6EDY1BF25J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6EDY1BF25J&cid=1343180277.1730739809&gtm=45je4au0v886867345z8848813796za200zb848813796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=21839153
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 04 Nov 2024 17:03:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6L5Q55KN3H&gtm=45je4au0v871791196z8848813796za200zb848813796&_p=1730739808427&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1343180277.1730739809&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730739809&sct=1&seg=0&dl=https%3A%2F%2Fpjnewsletter.com%2F&dt=Patriot%20Journal%20%7C%20The%20other%20side%20of%20the%20story&en=page_view&_fv=1&_ss=1&tfd=2503
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=957755202&t=pageview&_s=1&dl=https%3A%2F%2Fpjnewsletter.com%2F&ul=de-de&de=UTF-8&dt=Patriot%20Journal%20%7C%20The%20other%20side%20of%20the%20story&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=149109625&gjid=1597884893&cid=1343180277.1730739809&tid=UA-71705037-13&_gid=55860258.1730739809&_r=1&_slc=1&gtm=45He4au0n81TX6FSMKv848813796za200&cd1=null&cd2=null&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&npa=1&z=343159823
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://pjnewsletter.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 17:03:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
154908708357560
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/154908708357560?v=2.9.176&r=stable&domain=pjnewsletter.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef277a3a803af7cc43096fd4480696b151528d57ebfff5f4fed8e7aa4ffb94c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Fzqswu7B' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Fzqswu7B' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=71, mss=1232, tbw=70428, tp=68, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
OyXhaNmcN3+AA4P9xnqvpEDSC3k+P/sto+kNtWpsFLRnsy2JRl1R/s/oPDJoRNFKNqk3I/97hoGFRwK4T+Wb4Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13376
x-xss-protection
0
origin-agent-cluster
?1
gstats
souhaija.site/f/ 		2 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://souhaija.site/f/gstats
Requested by
Host: souhaija.site
URL: https://souhaija.site/easylist/13285
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.122.109.150 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-store, no-cache
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
access-control-allow-origin
*
content-length
2
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
nginx
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=154908708357560&ev=PageView&dl=https%3A%2F%2Fpjnewsletter.com%2F&rl=&if=false&ts=1730739809425&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730739809424.287549350484975415&ler=empty&cdl=API_unavailable&it=1730739809187&coo=false&rqm=GET
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1328, tbw=2902, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=154908708357560&ev=PageView&dl=https%3A%2F%2Fpjnewsletter.com%2F&rl=&if=false&ts=1730739809425&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730739809424.287549350484975415&ler=empty&cdl=API_unavailable&it=1730739809187&coo=false&rqm=FGET
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433470878551790020"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
jL1Bseu0QMtW8suSYd0PBX00R2tEe72INwlJOV6d0foyjZjHw9BtImsR2Guh5iZbu642T/t9XuiJ4QKl1K46RQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433470878551790020", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=3219, tp=-1, tpl=-1, uplat=132, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
rum
pjnewsletter.com/cdn-cgi/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://pjnewsletter.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8dd62d820a381913-FRA
access-control-allow-origin
https://pjnewsletter.com
date
Mon, 04 Nov 2024 17:03:29 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon-3-1.png
pjnewsletter.com/wp-content/uploads/2024/01/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/01/favicon-3-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41488ca678af1c975634a2be97fd019f799558fd0cc1f54d0a77e742d8fde3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65a50400-4b4"
age
3972
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=1204
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-3-1.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 15 Jan 2024 10:08:00 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8dd62d820a3a1913-FRA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
collector
collector-pxqegyaqlb.px-cloud.net/api/v2/ 		600 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxqegyaqlb.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
412df8550231b98d3091a6bfe9c8f505a733d2f7ef9fc00d487421654c8a1fb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://pjnewsletter.com/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
via
1.1 google
access-control-allow-origin
https://pjnewsletter.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
date
Mon, 04 Nov 2024 17:03:29 GMT
content-type
application/json; charset=utf-8
default.css
dash.sparkloop.app/styles/ 		37 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dash.sparkloop.app/styles/default.css
Requested by
Host: js.sparkloop.app
URL: https://js.sparkloop.app/team_ee2153f3c6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1849272c7e7b5a280ff338e0a0754f62744f76838e8ad5ae645eb4be865f73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730734296&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=QvprWOpvRcDjlWI0efoetTSu26fV20Jv7dhFTwSyXcs%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
cf-cache-status
HIT
age
4875
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730734296&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=QvprWOpvRcDjlWI0efoetTSu26fV20Jv7dhFTwSyXcs%3D"}]}
via
1.1 vegur
cf-ray
8dd62d864d3e4d73-FRA
server-timing
cfL4;desc="?proto=TCP&rtt=8665&sent=53&recv=37&lost=0&retrans=0&sent_bytes=38029&recv_bytes=2428&delivery_rate=4675272&cwnd=257&unsent_bytes=0&cid=a86dbfd8d842bed6&ts=1468&x=0"
date
Mon, 04 Nov 2024 17:03:30 GMT
content-type
text/css
last-modified
Mon, 04 Nov 2024 15:26:09 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| detectAdBlock object| dataLayer function| jQuery object| e function| yja string| _pxAppId object| PXQEGyaQLb object| PX function| __yget_ad_list function| __enc function| __enc2 function| __rs function| __yregister_page_load function| __yregister_page_view function| __yregister_widget_load function| __yregister_view_once1 function| __yregister_widget_view_trigger function| __place function| __reg_events function| __loadnow function| __load function| __sh object| 19000699186764627655 object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded object| ifsub function| domReady object| google_tag_manager object| google_tag_data object| __cfBeacon string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| __style string| __html object| __style_div object| settings object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| SLConfig object| SL

13 Cookies

Domain/Path Name / Value
pjnewsletter.com/ Name: kentCfIdRaw
Value: 99
pjnewsletter.com/ Name: _pxhd
Value: 0287dd140641fd96f3b6d888720e322ad78a2483ace20ebf81dd79f7e803fd67:b5de38c5-9ace-11ef-a2e4-b529250fb0fa
.pjnewsletter.com/ Name: pxcts
Value: b6802d13-9ace-11ef-b29b-bf6553b7f87c
.pjnewsletter.com/ Name: _pxvid
Value: b5de38c5-9ace-11ef-a2e4-b529250fb0fa
.pjnewsletter.com/ Name: cf_clearance
Value: 2b_W_xtjkEUGAKeSDbWXKv2gCmKytXi5XVAEv0lLkAc-1730739809-1.2.1.1-tEE7jMf6ad.d1aAn8x6dBGQ_P4VO6OuXYKTHQnwBBMDmdxnEnwvlYmKFMd8W00RWzUMd88BO8AcgsnS9gbElhRspXBpBj4kVkEQHBwhpMn4_yrYv0LR9rqq4Az2f_fAntNj3yDMZzhQ97EjKuMIL5OVm4jcA.cu1DdL6kFVjJ16BDus0tIsS5EfJE1fJbkePHlAj0Hqi9BFUWi.Di1wMGYHMA2vcfz3NUgo5C6e2NXXoJsR9F6t8va_NSQRhwtlQGxvigI4j7L.6q0rbRZfUEOOxl7PJv67mdkuR.npVTogMeF4Wp9DoCTuzQ8QpOHCa0y8w1FH4Ugwx7xqYIzGExi9XluNQngRi63.nP2Q5ZAqTLofMp5gyo0QAWljijZks
.pjnewsletter.com/ Name: _ga_6EDY1BF25J
Value: GS1.1.1730739809.1.0.1730739809.60.0.1233226453
.pjnewsletter.com/ Name: _ga_6L5Q55KN3H
Value: GS1.1.1730739809.1.0.1730739809.0.0.0
.pjnewsletter.com/ Name: _ga
Value: GA1.2.1343180277.1730739809
.pjnewsletter.com/ Name: _gid
Value: GA1.2.55860258.1730739809
.pjnewsletter.com/ Name: _gat_UA-71705037-13
Value: 1
.pjnewsletter.com/ Name: _fbp
Value: fb.1.1730739809424.287549350484975415
.pjnewsletter.com/ Name: _px3
Value: 7b1d3fe53ac91ac36ddc06e4aefca87ab6ede25e7e05230447d7afa0fde6284d:4jtiDhHkbMfxYxlK7huTqFBj/83o7PBL14BGHBlAme8qMR6JnFpw6J38tLAu0597TEZ971ERIWg8lK3Gjp3l2A==:1000:tIX1Rzwc/pwyX2O8PSBQ0sM8t4j3d2/UoiRqp7Zv2ZO2futzg4N4mRehewWzwqTAEOyANU8o2+7TyCEaVWHSpz5PemG42vzZMre4dQdscG7dkexYl8kOW1+6lrPZ2qmL/Yly7NTZBZ4COdpOHXFJeAPcvkbFWagiDxdfjJw/LNCIyNnsMD/Ez1/q2Zkfw8bZXnqvZBEU5MZI6Z1TlaRIqpaChzgkbGyQqqsxgWD+Nzc=
.pjnewsletter.com/ Name: __sl-fingerprint
Value: d83849b0aac5eb545cb4c304493b8740

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.px-cloud.net
collector-pxqegyaqlb.px-cloud.net
connect.facebook.net
dash.sparkloop.app
fonts.googleapis.com
fonts.gstatic.com
js.sparkloop.app
pjnewsletter.com
region1.analytics.google.com
region1.google-analytics.com
ruamupr.com
script.sparkloop.app
souhaija.site
static.cloudflareinsights.com
stats.g.doubleclick.net
stk.px-cloud.net
u8203715.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
134.122.109.150
167.89.118.126
2001:4860:4802:34::36
2606:4700:10::6816:2ace
2606:4700:20::681a:88b
2606:4700:3037::ac43:bd16
2606:4700::6810:5049
2a00:1450:4001:800::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9d
2a02:26f0:480:33::212:40c5
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.107.199.61
35.190.10.96
003e386e5e5def8868d2e74a5f7562c2124de0f4fe20ba1798fb77c881fb429e
08e701d4a9d69c68244f71040588a78150965b7cfcdc0b9dbaf81bdf513ea6da
0d90154e4471d97b0f042f620ee32e4e884380d1a989fd4151eac5b271eb7a75
10bd3e6c095affec71509e1c2b46cf10b0dd96d88a9f5694b48285602fd43464
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20d882bdb04cff61c71de4e8191153f3ef17482b780847638087ee9b29fda34a
225ac4b774f17cbcd24aeb0ea479625645b81132d6208cded6c5bd5ee98d457f
315be61baab9850cb89bf9c887747c20b13e49b674fe71c2ccd5880a241be564
412df8550231b98d3091a6bfe9c8f505a733d2f7ef9fc00d487421654c8a1fb3
41488ca678af1c975634a2be97fd019f799558fd0cc1f54d0a77e742d8fde3ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c0958086ec92c1078ea71617638e9d61b6d06d3702ba45fc4e62477ce941e73
4c1849272c7e7b5a280ff338e0a0754f62744f76838e8ad5ae645eb4be865f73
4f38fc8edab34156ee0ab1ff70e9b02f4a2822ff74a6bb9696c4cd762d5b5578
508cba4dec90af22928a174ec73025c14b41ac08d6448720180df686e46a5fef
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52765d5bbaf18d6264658a046ce2fed1d4333fa79b1a251e73bf6e805aacd95e
5d7e7b76d7ba24ec1c8c1964e4e6cc64e8e0e3c6f317ee57c06ec1bf74f4b695
6cd97820aa3fe4c34d8ec4f5374abc8f4e234c265c998ead7d99438e7286bc9c
7790bd043126caf449812685debca12d6108198f3c21bc77e5fa2fe41dd5e626
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
8480670189122f2ad2f0337efc9d565a6b1fcdff51a65f88a7a6504cd9381eb4
84e610fb0874167a0e943d22073ed69a809f184c120036d333ead14db1a8cd19
8852079ce12b84eda6a888b56ccc22b13fc470b00bcd0f587eca298d4d4090b1
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bd91ea4afcbe611732b5fd8c4ba8fe9364308671beb984faacbe6bc5fa0b5ae
90ce6b62b59d50c2c096d7fb13a7409d261ba6df708eeda27f636b3a8142c3b8
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1d9369676cd140e7419cd4b7f44b55574ea6bbde1838405b46a0554b01ead86
b5da7d479ee8124d1d2794909c0d44f86ead2ff960e0f426c83e2070d793189d
ba4f21177d8ce78c2cdb9ad1cd4b0dccd3aaa7adfdd1d73b86bda6741c949267
bc06838fb63363e72187b66d28098841ea5addafc01a350e34227d3211f965b2
c3a80f2a08372d72898f873c72e43ca952d405462a42361e9f1ed1dc9bddaa36
c950f75fb6e8e5c2c114624083d37a6d264cab14f6c04d570ee46560efc7db29
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
cc683d8a4671884de766a10c2846c426a025e8a65d67e8eec239ab9a98508af1
cd81654fa51075588307db3ffbd6ab2b654f62db26a59daa4a362a5b0faf714e
d1655575bac7b0e3156a32e00c8dbf1241a049a211bd21ddfc03bf06a9d0c29f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e073b29a11f40255d352a8a0ab493928b2794e60f18e10de2b23e66de75d00e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e799c5136c7dc4990578c02680c4fc007ca9fc4fb4b88594da5824c208088797
ebd630474de5247254016e1cb53f71cb68b8ed84152dba34fbeb44039388082a
eed21bcc4074e8470da87bd05ea6c5fb7ba663f3e0661101eb5607db3c2efd83
eeedf509adf4ce9cd98a84ad6456e4c069438ac6b57a4691c9f5bb475a12238b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef277a3a803af7cc43096fd4480696b151528d57ebfff5f4fed8e7aa4ffb94c1
fadb81922ec2221894f36419efeec468dfcb6c70fa4ebc363f33107de9df3419
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5