urlscan.io logo urlscan.io
SecurityTrails logo

osintnewsletter.com Open in urlscan Pro
172.64.147.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://osintnewsletter.com/p/19
Effective URL: https://osintnewsletter.com/p/19
Submission: On August 21 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 46 HTTP transactions. The main IP is 172.64.147.169, located in United States and belongs to CLOUDFLARENET, US. The main domain is osintnewsletter.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 25th 2023. Valid for: a year.
This is the only time osintnewsletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 172.64.147.169 13335 (CLOUDFLAR...)
12 13.35.93.96 16509 (AMAZON-02)
3 142.250.64.67 15169 (GOOGLE)
2 151.101.2.217 54113 (FASTLY)
6 104.16.57.101 13335 (CLOUDFLAR...)
2 13.225.224.171 16509 (AMAZON-02)
3 104.18.33.245 13335 (CLOUDFLAR...)
4 142.250.80.40 15169 (GOOGLE)
2 142.250.81.226 15169 (GOOGLE)
2 142.250.65.196 15169 (GOOGLE)
2 142.250.65.163 15169 (GOOGLE)
46 12
8    172.64.147.169 (United States)

ASN13335 (CLOUDFLARENET, US)
osintnewsletter.com
12    13.35.93.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-96.jfk50.r.cloudfront.net
substackcdn.com
3    142.250.64.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f3.1e100.net
fonts.gstatic.com
2    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
6    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    13.225.224.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-224-171.jfk51.r.cloudfront.net
www.datadoghq-browser-agent.com
3    104.18.33.245 (None, )

ASN13335 (CLOUDFLARENET, US)
substack.com
4    142.250.80.40 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f8.1e100.net
www.googletagmanager.com
2    142.250.81.226 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.65.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f4.1e100.net
www.google.com
2    142.250.65.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net
www.google.ca
Apex Domain
Subdomains		 Transfer
12 substackcdn.com
substackcdn.com — Cisco Umbrella Rank: 19664
972 KB
8 osintnewsletter.com
osintnewsletter.com
29 KB
6 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1212
cloudflareinsights.com — Cisco Umbrella Rank: 1194
14 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
265 KB
3 substack.com
substack.com — Cisco Umbrella Rank: 17912 Failed
9 KB
3 gstatic.com
fonts.gstatic.com
43 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8647
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 3
563 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
3 KB
2 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2013
92 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6307
3 KB
46 11
Domain Requested by
12 substackcdn.com osintnewsletter.com
substack.com
8 osintnewsletter.com 1 redirects osintnewsletter.com
substackcdn.com
4 cloudflareinsights.com static.cloudflareinsights.com
www.datadoghq-browser-agent.com
4 www.googletagmanager.com substackcdn.com
www.googletagmanager.com
3 substack.com substackcdn.com
substack.com
3 fonts.gstatic.com osintnewsletter.com
2 www.google.ca
2 www.google.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.datadoghq-browser-agent.com osintnewsletter.com
substack.com
2 static.cloudflareinsights.com osintnewsletter.com
substack.com
2 js.sentry-cdn.com osintnewsletter.com
substack.com
46 12

This site contains links to these domains. Also see Links.

Domain
substack.com
www.bellingcat.com
www.defenseone.com
authentic8.com
osintteam.blog
www.youtube.com
x.com
Subject Issuer Validity Valid
osintnewsletter.com
Cloudflare Inc ECC CA-3		 2023-02-25 -
2024-02-24		 a year crt.sh
substackcdn.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://osintnewsletter.com/p/19
Frame ID: 658CE51062CC5E741CA605B383E7394A
Requests: 28 HTTP requests in this frame

Frame: https://substack.com/channel-frame
Frame ID: C7CA381902E0304EFDB6FD83B99D18BF
Requests: 1 HTTP requests in this frame

Frame: https://substack.com/channel-frame
Frame ID: 1BAD4F57809D9C0AD23351D96C901118
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The OSINT Newsletter - Issue #19 - by Jake Creps

Page URL History Show full URLs

  1. http://osintnewsletter.com/p/19 HTTP 301
    https://osintnewsletter.com/p/19 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

46
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

1430 kB
Transfer

5036 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://osintnewsletter.com/p/19 HTTP 301
    https://osintnewsletter.com/p/19 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 19
osintnewsletter.com/p/
Redirect Chain
  • http://osintnewsletter.com/p/19
  • https://osintnewsletter.com/p/19
122 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fee5da3aefe3dec472eebe5073387d533d6988289c884e467e9c1df89f57088d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
7264
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
HIT
cf-ray
7fa41cb01c8e3972-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 21 Aug 2023 16:04:28 GMT
etag
W/"1e848-88yOJEj5iw9BptBl2OgE1sCOnvA"
link
<https://substackcdn.com>; rel=preconnect
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cluster
substack
x-deploy
573bfa8d84
x-frame-options
sameorigin
x-powered-by
Express
x-served-by
Substack
x-sub
osintnewsletter

Redirect headers

CF-RAY
7fa41caf791da1f2-YYZ
Connection
keep-alive
Content-Length
0
Date
Mon, 21 Aug 2023 16:04:28 GMT
Location
https://osintnewsletter.com/p/19
Server
cloudflare
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
main.67cb4ca404c606230515.css
substackcdn.com/bundle/theme/ 		473 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/theme/main.67cb4ca404c606230515.css
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8302c41663f6c73dd49f26fcfa6045ce3da3c9ba3222daa0333ef668d038ce9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 02:25:22 GMT
content-encoding
gzip
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
49148
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Fri, 18 Aug 2023 23:12:33 GMT
server
AmazonS3
etag
W/"67cb4ca404c606230515de206395f62b"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
fDD_GWy9a2XS0LWA--wJ_LWHit2aWr4FnPf-jrFBo4SZXclyqol-lg==
color_links.0fb581553fbc852d4e4b.css
substackcdn.com/bundle/theme/ 		2 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/theme/color_links.0fb581553fbc852d4e4b.css
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72471a51ae7ffc4af3155280bce2974d8cd2d018d757c3ca45745868f3467268

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 00:58:37 GMT
content-encoding
gzip
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
54353
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Fri, 18 Aug 2023 23:12:33 GMT
server
AmazonS3
etag
W/"0fb581553fbc852d4e4bdb63c47c1e75"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
PbjGGOLCFJ-0qjprX0wwKzFUetbQUUmkTXG_ay7tKkOoucvqwTmXuw==
main.89aabadc52f7bc688204.css
substackcdn.com/bundle/ 		288 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/main.89aabadc52f7bc688204.css
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7756815ffe9b94524a51527dc33bc2afd2108ac8c7123dfecce792d731a8ac3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 23:40:20 GMT
content-encoding
gzip
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
59050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Fri, 18 Aug 2023 23:12:33 GMT
server
AmazonS3
etag
W/"b35a8f987fda8c6d10682afcfd4e990c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
fxHQjxTOWAyiFChaxk4uwkc4XPxZVFJjcn5AWDDzio0485PhctNfvw==
rnCr-xNNww_2s0amA9M5knjsS_ul.woff2
fonts.gstatic.com/s/spectral/v13/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5knjsS_ul.woff2
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f3.1e100.net
Software
sffe /
Resource Hash
478eee9ac68ef242aeda59b8b37b388003eb3eac12af90b8c38fa65d3a34f3a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://osintnewsletter.com/
Origin
https://osintnewsletter.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 13:43:09 GMT
x-content-type-options
nosniff
age
181279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13780
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:36:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 13:43:09 GMT
https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff1028220-66b3-4560-a5e9-1fe17a0456a4_1280x1280.png
substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff1028220-66b3-4560-a5e9-1fe17a0456a4_1280x1280.png
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
imgproxy / Express
Resource Hash
2d6d271e520c1ff74bd03fa8cf97b9ad9055804dd88ea2618b7e009e58811980
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 01:42:46 GMT
content-security-policy
script-src 'none'
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
483703
x-powered-by
Express
x-cache
Hit from cloudfront
content-disposition
inline; filename="f1028220-66b3-4560-a5e9-1fe17a0456a4_1280x1280.png"
alt-svc
h3=":443"; ma=86400
content-length
13336
x-request-id
znJPvm7a9CUxYoSkH31s9
server
imgproxy
etag
"BFcyhJUgw6kDr9UPxBpSsKXSMElaOAVla8V55nXtu48/RIjZkZDc2OGRiOTM3OWIwNjE0M2RkZTVjNDIxM2JiYTg5Ig"
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-id
8s6qHkcbQ_cxQRDJBk6IwJ15zE0dS7HriGndOf2hJ90z6o9432rTQw==
https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff4244e0b-e530-465a-9572-34b6c5e4c2cb_400x400.jpeg
substackcdn.com/image/fetch/w_80,c_limit,f_webp,q_auto:good,fl_progressive:steep/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substackcdn.com/image/fetch/w_80,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff4244e0b-e530-465a-9572-34b6c5e4c2cb_400x400.jpeg
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
imgproxy / Express
Resource Hash
16e0da75b04dc361b8ceb978389b6b2a88ecbc3cc345cf664e4530cc16631768
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 14:39:10 GMT
content-security-policy
script-src 'none'
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
2683519
x-powered-by
Express
x-cache
Hit from cloudfront
content-disposition
inline; filename="f4244e0b-e530-465a-9572-34b6c5e4c2cb_400x400.webp"
alt-svc
h3=":443"; ma=86400
content-length
1478
x-request-id
moBkX1Xg1G196N5WsdJXb
server
imgproxy
etag
"TEB7RoQudZlDj6myBa_wZakVWebMDU2S36ulYMNTbuI/RIjAwOGNiMDdmMDNlY2I5NDVlYTNmMjhmZDc2ZjI2ZDE0Ig"
content-type
image/webp
cache-control
public, max-age=31536000
x-amz-cf-id
WOVWNFW9_J4coXavMjrbXRsxgpU6BHgYIgSrP1bYHYNMUYGTx0bDmQ==
https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaa30e3c-765a-4821-994a-1b9cb24183cf_1312x928.png
substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaa30e3c-765a-4821-994a-1b9cb24183cf_1312x928.png
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
imgproxy / Express
Resource Hash
417b724beb27134ee2abe4f774e034832df53e4f464e63b08be038598e2f931c
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:51:44 GMT
content-security-policy
script-src 'none'
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
317565
x-powered-by
Express
x-cache
Hit from cloudfront
content-disposition
inline; filename="faa30e3c-765a-4821-994a-1b9cb24183cf_1312x928.webp"
alt-svc
h3=":443"; ma=86400
content-length
4450
x-request-id
1pyqWxXO5EGmehddLNqZ8
server
imgproxy
etag
"o8xp9JlhFLKfcawCbIgijN1z0glwk_o9jFWH7FG39Us/RImUwZGE1NGU0MzJhZTk3ZWRkZjZkNDI0MTllYmQwMDAzIg"
content-type
image/webp
cache-control
public, max-age=31536000
x-amz-cf-id
5NEjTxlaqsSo1vcPjR8OaV53d6-QSr0fDIj0X12vJVjfeDcEY_jdZQ==
https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdcb1bf16-d737-4073-b581-15718b000f16_1312x928.png
substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdcb1bf16-d737-4073-b581-15718b000f16_1312x928.png
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
imgproxy / Express
Resource Hash
e864b72a445601e381233fbefc91dbe5517c3601de14a00a736f821ffbac179a
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:58:33 GMT
content-security-policy
script-src 'none'
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
504356
x-powered-by
Express
x-cache
Hit from cloudfront
content-disposition
inline; filename="dcb1bf16-d737-4073-b581-15718b000f16_1312x928.webp"
alt-svc
h3=":443"; ma=86400
content-length
4498
x-request-id
Cve53dCsEFVtERx1SZLIx
server
imgproxy
etag
"o8xp9JlhFLKfcawCbIgijN1z0glwk_o9jFWH7FG39Us/RIjUyNTljMGVjNGU3ZjYyNjFiYjgxNDQ4NTc1OTJjYjkzIg"
content-type
image/webp
cache-control
public, max-age=31536000
x-amz-cf-id
BkdLt9--wiMGfkohecgmPTI3piK80-8DVzrgUepz4UZyhyFnNT-3rw==
https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8669f1ff-23ae-4548-a5b4-3f6b995f8891_1312x928.png
substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substackcdn.com/image/fetch/w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8669f1ff-23ae-4548-a5b4-3f6b995f8891_1312x928.png
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
imgproxy / Express
Resource Hash
214adbbd8ec57ab1b32c1b373cab882be824d86c8e144930ebdb29e96071043b
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:10:04 GMT
content-security-policy
script-src 'none'
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
618865
x-powered-by
Express
x-cache
Hit from cloudfront
content-disposition
inline; filename="8669f1ff-23ae-4548-a5b4-3f6b995f8891_1312x928.webp"
alt-svc
h3=":443"; ma=86400
content-length
5894
x-request-id
vv_AHBfsUoSOpeIudPFq7
server
imgproxy
etag
"o8xp9JlhFLKfcawCbIgijN1z0glwk_o9jFWH7FG39Us/RIjY2M2E3YWJiY2ZkODdjYmZmMzVmMWMxZGY0NmEwNzQzIg"
content-type
image/webp
cache-control
public, max-age=31536000
x-amz-cf-id
39n49CgubRoao5taquJKxyNoo1TS_39uoSE5E38DUoX6mZNDf-fVmA==
c41771aeccbb43fbbffbc4755e65c9be.min.js
js.sentry-cdn.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ecacc35cedc1051770f00857304f73b2d0c54f76a51622d33b7e73ed3bdba25
Security Headers
Name Value
Content-Security-Policy connect-src *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'self'; style-src * 'unsafe-inline'; img-src * blob: data:; frame-ancestors 'self' *.sentry.io; font-src * data:; base-uri 'none'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=583ee6c3f00cd7f85b7f6b206b479d0a8543427a
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://osintnewsletter.com/
Origin
https://osintnewsletter.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
connect-src *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'self'; style-src * 'unsafe-inline'; img-src * blob: data:; frame-ancestors 'self' *.sentry.io; font-src * data:; base-uri 'none'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=583ee6c3f00cd7f85b7f6b206b479d0a8543427a
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 16:04:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
15
x-envoy-upstream-service-time
16
content-length
1211
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-7598d7945c-cnr5h, cache-chi-kigq8000047-CHI, cache-yyz4558-YYZ
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
main.02845a9aeb446eaf7053.bundle.js
substackcdn.com/bundle/ 		3 MB
735 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/main.02845a9aeb446eaf7053.bundle.js
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12e3601150ee1699dad3eb510358a8076eae45ff297eb41d731f160311881ef7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 21:46:17 GMT
content-encoding
br
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
65893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Fri, 18 Aug 2023 21:34:07 GMT
server
AmazonS3
etag
W/"ed5065d305a904f183f694aff27cb226"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
NxxCLrqUY8dx0GdV5dpOFArvefm88yIKUQVLwRBnY6LU1H5aEXHTPw==
beacon.min.js
static.cloudflareinsights.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:29 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7fa41cb168d8ab3b-YYZ
rnCs-xNNww_2s0amA9vmtm3BafaPWnII.woff2
fonts.gstatic.com/s/spectral/v13/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCs-xNNww_2s0amA9vmtm3BafaPWnII.woff2
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f3.1e100.net
Software
sffe /
Resource Hash
0d4854488e2b15eb1e0af02953b9cd4ea18d9e5ad337579641dea5478d0bd118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://osintnewsletter.com/
Origin
https://osintnewsletter.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 12:12:49 GMT
x-content-type-options
nosniff
age
273100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14884
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 00:36:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 12:12:49 GMT
rnCt-xNNww_2s0amA9M8onrmTNmnUHo.woff2
fonts.gstatic.com/s/spectral/v13/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCt-xNNww_2s0amA9M8onrmTNmnUHo.woff2
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f3.1e100.net
Software
sffe /
Resource Hash
3f6a7eb68e4ade95060c49a87bd301a8b0a4b134f3c72139444a1b0a6bd68e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://osintnewsletter.com/
Origin
https://osintnewsletter.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 20:16:14 GMT
x-content-type-options
nosniff
age
330495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14672
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:19:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Aug 2024 20:16:14 GMT
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		144 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.224.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-224-171.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:03:47 GMT
content-encoding
br
via
1.1 88c99b4a125fda7fb36df6bd93b5daf0.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
44
x-amz-server-side-encryption
AES256
etag
W/"438ba620187f3819e2dcd4f56fc76dcb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
PWmdC6VFGczWRZXKAHm5cOnh4d7XmvWTrzthYtJgn8BEs4TJB6cn7A==
channel-frame
substack.com/ Frame C7CA 		0
0
channel-frame
substack.com/ Frame 1BAD 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://substack.com/channel-frame
Requested by
Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.02845a9aeb446eaf7053.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.245 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ae1a3311354ed011bccd77df2ddfc7f38efc0e27d3b507194522aefe9804f2c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://osintnewsletter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fa41cc4fa35a223-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 21 Aug 2023 16:04:32 GMT
etag
W/"59d9-WGukUk7I4mvNQipDsB8bGEYSjWA"
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cluster
substack
x-deploy
f4005ad213
x-powered-by
Express
x-served-by
Substack
firehose
osintnewsletter.com/api/v1/ 		35 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osintnewsletter.com/api/v1/firehose?_=1692633871584&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoiM2Q0NGlmbG85MTgiLCJpZnJhbWVWaXNpdElkIjpmYWxzZSwicG9zdF9pZCI6MTA2MDg2NDQ1LCJwb3N0X2F1ZGllbmNlIjoib25seV9wYWlkIiwicG9zdF90eXBlIjoibmV3c2xldHRlciJ9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoiVGhlIE9TSU5UIE5ld3NsZXR0ZXIgLSBJc3N1ZSAjMTkgLSBieSBKYWtlIENyZXBzIiwidXJsIjoiaHR0cHM6Ly9vc2ludG5ld3NsZXR0ZXIuY29tL3AvMTkifSwiY2FtcGFpZ24iOnt9fX0%3D
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/p/19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-powered-by
Express
vary
Accept-Encoding
content-type
image/gif
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc55e773972-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
firehose
osintnewsletter.com/api/v1/ 		35 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osintnewsletter.com/api/v1/firehose?_=1692633872195&d=eyJldmVudCI6IlBvc3QgU2VlbiIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6IjNkNDRpZmxvOTE4IiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsInBvc3RfaWQiOjEwNjA4NjQ0NSwicG9zdF9hdWRpZW5jZSI6Im9ubHlfcGFpZCIsInBvc3RfdHlwZSI6Im5ld3NsZXR0ZXIiLCJoYXNfcGF5d2FsbCI6dHJ1ZSwicG9zdF9hZ2VfbWludXRlcyI6MTgzLCJzdXJmYWNlIjoicHVibGljYXRpb24ifSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IlRoZSBPU0lOVCBOZXdzbGV0dGVyIC0gSXNzdWUgIzE5IC0gYnkgSmFrZSBDcmVwcyIsInVybCI6Imh0dHBzOi8vb3NpbnRuZXdzbGV0dGVyLmNvbS9wLzE5In0sImNhbXBhaWduIjp7fX19
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/p/19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-powered-by
Express
vary
Accept-Encoding
content-type
image/gif
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc58eb43972-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
firehose
osintnewsletter.com/api/v1/ 		35 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osintnewsletter.com/api/v1/firehose?_=1692633872198&d=eyJldmVudCI6IlBvc3QgUGF5d2FsbCBTaG93biIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6IjNkNDRpZmxvOTE4IiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsInBvc3RfaWQiOjEwNjA4NjQ0NSwicG9zdF9hdWRpZW5jZSI6Im9ubHlfcGFpZCIsInBvc3RfdHlwZSI6Im5ld3NsZXR0ZXIifSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IlRoZSBPU0lOVCBOZXdzbGV0dGVyIC0gSXNzdWUgIzE5IC0gYnkgSmFrZSBDcmVwcyIsInVybCI6Imh0dHBzOi8vb3NpbnRuZXdzbGV0dGVyLmNvbS9wLzE5In0sImNhbXBhaWduIjp7fX19
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/p/19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-powered-by
Express
vary
Accept-Encoding
content-type
image/gif
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc59eb73972-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
reactors
osintnewsletter.com/api/v1/post/106086445/ 		646 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://osintnewsletter.com/api/v1/post/106086445/reactors
Requested by
Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.02845a9aeb446eaf7053.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fab27d5041f69a254211a2afe3f1798e974e2e62bb530d858d0d1b6baf64a924
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/p/19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
strict-transport-security
max-age=31536000
x-cluster
substack
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"286-esgYQxlVHhlkT+wk5mqg+Rmeh1c"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc59ebc3972-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
restackers
osintnewsletter.com/api/v1/post/106086445/ 		2 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://osintnewsletter.com/api/v1/post/106086445/restackers
Requested by
Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.02845a9aeb446eaf7053.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/p/19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
strict-transport-security
max-age=31536000
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc59ebd3972-YYZ
alt-svc
h3=":443"; ma=86400
content-length
2
x-served-by
Substack
channelFrame.d41d8cd98f00b204e980.css
substackcdn.com/bundle/theme/ Frame 1BAD 		0
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/theme/channelFrame.d41d8cd98f00b204e980.css
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 18:12:22 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
78731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-expiration
expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Fri, 18 Aug 2023 23:12:32 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
text/css
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
8aJdySA1m0f_lTdjGcdcUPNIQB3y8EdwHI67FjCNIkvXdjipocjkow==
channelFrame.6254d0ebc02cf77e019d.css
substackcdn.com/bundle/ Frame 1BAD 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/channelFrame.6254d0ebc02cf77e019d.css
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05c41a64b1384a638aa3b6d780fbe05b18cc3d9651c5b5d007d8ecd09cdf6d64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 02:59:00 GMT
content-encoding
gzip
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
47133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Fri, 18 Aug 2023 23:12:32 GMT
server
AmazonS3
etag
W/"139e66830650ee4bc097f1265f8d1d38"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
iGoKxfSq9UUYLmCSDZbAwhp84zoUQdWlKUR2oRVV7KgoASiEPzrNCQ==
c41771aeccbb43fbbffbc4755e65c9be.min.js
js.sentry-cdn.com/ Frame 1BAD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ecacc35cedc1051770f00857304f73b2d0c54f76a51622d33b7e73ed3bdba25
Security Headers
Name Value
Content-Security-Policy connect-src *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'self'; style-src * 'unsafe-inline'; img-src * blob: data:; frame-ancestors 'self' *.sentry.io; font-src * data:; base-uri 'none'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=583ee6c3f00cd7f85b7f6b206b479d0a8543427a
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://substack.com/
Origin
https://substack.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
connect-src *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'self'; style-src * 'unsafe-inline'; img-src * blob: data:; frame-ancestors 'self' *.sentry.io; font-src * data:; base-uri 'none'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=583ee6c3f00cd7f85b7f6b206b479d0a8543427a
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 16:04:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
19
x-envoy-upstream-service-time
16
content-length
1211
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-7598d7945c-cnr5h, cache-chi-kigq8000047-CHI, cache-yyz4558-YYZ
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
channelFrame.a3212f4a4191fc32b77f.bundle.js
substackcdn.com/bundle/ Frame 1BAD 		310 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://substackcdn.com/bundle/channelFrame.a3212f4a4191fc32b77f.bundle.js
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.93.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-96.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
144cc6f7643f94aeda80dfb332bc9a117496834476e6b94257de84e5939c0558

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 15:48:59 GMT
content-encoding
br
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
age
934
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Sun, 18 Feb 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified
Mon, 21 Aug 2023 15:35:02 GMT
server
AmazonS3
etag
W/"938f441e9495926e75eebe97e23188aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
xOWgPWcYUJM1O3ul0fa0md7ishbZGlhcoR6xDXO0X5SP1sU-GtL1Ug==
beacon.min.js
static.cloudflareinsights.com/ Frame 1BAD 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7fa41cc6d977ab3b-YYZ
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ Frame 1BAD 		144 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.224.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-224-171.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:03:47 GMT
content-encoding
br
via
1.1 88c99b4a125fda7fb36df6bd93b5daf0.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
47
x-amz-server-side-encryption
AES256
etag
W/"438ba620187f3819e2dcd4f56fc76dcb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
_mzRwpw4p2Nu9vU0H28FmwbsS1zhoWdsb-iT4vmSoAEO50_ccoaekg==
firehose
substack.com/api/v1/ Frame 1BAD 		35 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substack.com/api/v1/firehose?_=1692633872682&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoicmlxZWdvbWUxbmQiLCJpZnJhbWVWaXNpdElkIjp7ImlkIjoiNzUxNTAxODMtMmNkOC00Njg2LWE5ZDEtM2QzMmNiMTE1NzNiIiwidGltZXN0YW1wIjoiMjAyMy0wOC0yMVQxNjowNDozMi42NTRaIn19LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6Imh0dHBzOi8vb3NpbnRuZXdzbGV0dGVyLmNvbS8iLCJ0aXRsZSI6IiIsInVybCI6Imh0dHBzOi8vc3Vic3RhY2suY29tL2NoYW5uZWwtZnJhbWUifSwiY2FtcGFpZ24iOnt9fX0%3D
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.245 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/channel-frame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-powered-by
Express
vary
Accept-Encoding
content-type
image/gif
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc86ee2a223-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
firehose
substack.com/api/v1/ Frame 1BAD 		35 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substack.com/api/v1/firehose?_=1692633872690&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgU2VudCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6InJpcWVnb21lMW5kIiwiaWZyYW1lVmlzaXRJZCI6eyJpZCI6Ijc1MTUwMTgzLTJjZDgtNDY4Ni1hOWQxLTNkMzJjYjExNTczYiIsInRpbWVzdGFtcCI6IjIwMjMtMDgtMjFUMTY6MDQ6MzIuNjU0WiJ9LCJoYXNVc2VyU3RhdGUiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiJodHRwczovL29zaW50bmV3c2xldHRlci5jb20vIiwidGl0bGUiOiIiLCJ1cmwiOiJodHRwczovL3N1YnN0YWNrLmNvbS9jaGFubmVsLWZyYW1lIn0sImNhbXBhaWduIjp7fX19
Requested by
Host: substack.com
URL: https://substack.com/channel-frame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.245 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/channel-frame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-powered-by
Express
vary
Accept-Encoding
content-type
image/gif
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc86ee4a223-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
firehose
osintnewsletter.com/api/v1/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osintnewsletter.com/api/v1/firehose?_=1692633872709&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgSGFuZGxlZCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6IjNkNDRpZmxvOTE4IiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsImxvZ2dlZEluQXRTdWJzdGFjayI6ZmFsc2UsImxvZ2dlZEluQXRDdXN0b21Eb21haW4iOmZhbHNlLCJhdHRlbXB0UmVkaXJlY3QiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IlRoZSBPU0lOVCBOZXdzbGV0dGVyIC0gSXNzdWUgIzE5IC0gYnkgSmFrZSBDcmVwcyIsInVybCI6Imh0dHBzOi8vb3NpbnRuZXdzbGV0dGVyLmNvbS9wLzE5In0sImNhbXBhaWduIjp7fX19
Requested by
Host: osintnewsletter.com
URL: https://osintnewsletter.com/p/19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/p/19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-cluster
substack
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000
x-powered-by
Express
vary
Accept-Encoding
content-type
image/gif
x-deploy
f4005ad213
cache-control
no-cache
cf-ray
7fa41cc88d2b36a6-YYZ
alt-svc
h3=":443"; ma=86400
x-served-by
Substack
js
www.googletagmanager.com/gtag/ Frame 1BAD 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer
Requested by
Host: substackcdn.com
URL: https://substackcdn.com/bundle/channelFrame.a3212f4a4191fc32b77f.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.40 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7b70ffb28255048db8aec06cfc8c02301d7dcf359b3b07b1e0b9afc2da2492c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86349
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 21 Aug 2023 16:04:32 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=undefined&l=localGaDataLayer
Requested by
Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.02845a9aeb446eaf7053.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.40 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6f12bc202f962657e6c840eb9bb30b694b66a5c31b0e772ba27469178cd6469c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42486
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 21 Aug 2023 16:04:32 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame 1BAD 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://substack.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://substack.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7fa41cca1c7e39f9-YYZ
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://substack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://substack.com
access-control-max-age
86400
cf-ray
7fa41cc9fc4939f9-YYZ
content-encoding
gzip
content-type
text/plain
date
Mon, 21 Aug 2023 16:04:32 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://osintnewsletter.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Mon, 21 Aug 2023 16:04:32 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://osintnewsletter.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7fa41cca1c8139f9-YYZ
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://osintnewsletter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://osintnewsletter.com
access-control-max-age
86400
cf-ray
7fa41cc9fc4b39f9-YYZ
content-encoding
gzip
content-type
text/plain
date
Mon, 21 Aug 2023 16:04:32 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=undefined&l=localGaDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.40 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
732e7d0509c3d8772a2dcc1b9b5761d6e2d7b866ba5ada03486666c06567b2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70691
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 21 Aug 2023 16:04:33 GMT
js
www.googletagmanager.com/gtag/ Frame 1BAD 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.40 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
732e7d0509c3d8772a2dcc1b9b5761d6e2d7b866ba5ada03486666c06567b2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:04:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70691
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 21 Aug 2023 16:04:33 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1692633873279&cv=11&fst=1692633873279&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fosintnewsletter.com%2Fp%2F19&hn=www.googleadservices.com&frm=0&tiba=The%20OSINT%20Newsletter%20-%20Issue%20%2319%20-%20by%20Jake%20Creps&auid=1429656207.1692633873&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
e0b349a4cf0044bfcd1e9dc6a309c5ea52abc563ff6b1baafd74450396ff0c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 16:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ Frame 1BAD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1692633873372&cv=11&fst=1692633873372&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fosintnewsletter.com%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
a095ae9d1dabbfc05931ac8c2938066989635ba9539a699b7437336d0a8cdbe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 16:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/316245675/ Frame 1BAD 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/316245675/?random=1692633873372&cv=11&fst=1692633600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fosintnewsletter.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3682126460&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 16:04:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/316245675/ Frame 1BAD 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/316245675/?random=1692633873372&cv=11&fst=1692633600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fosintnewsletter.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3682126460&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://substack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 16:04:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/316245675/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/316245675/?random=1692633873279&cv=11&fst=1692633600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fosintnewsletter.com%2Fp%2F19&frm=0&tiba=The%20OSINT%20Newsletter%20-%20Issue%20%2319%20-%20by%20Jake%20Creps&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1766118934&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 16:04:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/316245675/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/316245675/?random=1692633873279&cv=11&fst=1692633600000&bg=ffffff&guid=ON&async=1&gtm=45be38g0&u_w=1600&u_h=1200&url=https%3A%2F%2Fosintnewsletter.com%2Fp%2F19&frm=0&tiba=The%20OSINT%20Newsletter%20-%20Issue%20%2319%20-%20by%20Jake%20Creps&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1766118934&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://osintnewsletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 16:04:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
substack.com
URL
https://substack.com/channel-frame

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| Sentry object| _preloads object| _analyticsConfig object| DD_RUM object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunksubstack object| I18N function| __captchaOnloadCallback object| localGaDataLayer function| gtag object| __cfBeacon object| google_tag_manager object| google_tag_data object| GooglebQhCsO

12 Cookies

Domain/Path Name / Value
.osintnewsletter.com/ Name: __cf_bm
Value: vNV.VfJo7xMt7ZbVAX1C8uv5yXCCp1Ne_QNog3Mj2YY-1692633868-0-AQcGX9ak/GQqQDmANeViLIl3R83YBTC1zQ/aUv17Yi5u1wzz4p+qtz1qa81Mm54GgsZAo9DldPKiGSdnYgcINhs=
osintnewsletter.com/ Name: ajs_anonymous_id
Value: %22380e014d-6479-4b34-82da-edadde02af9f%22
.substack.com/ Name: __cf_bm
Value: kCODLDqg2RVmuIvw_952nd9LiLcKPWKoFIM8Ssg1_P8-1692633872-0-Ad0gvEg4QHxkFAmlESUBU6JfxZtHS1x1koQPRVjQKDmvHWqFamwJtZ9ZBHIl0FUj6f7Duk9EbFQg4tR4chpDNyw=
.osintnewsletter.com/ Name: ajs_anonymous_id
Value: %22380e014d-6479-4b34-82da-edadde02af9f%22
.osintnewsletter.com/ Name: visit_id
Value: %7B%22id%22%3A%224dd7e446-c012-4a0c-9ceb-901c67a8c9f6%22%2C%22timestamp%22%3A%222023-08-21T16%3A04%3A32.285Z%22%7D
.osintnewsletter.com/ Name: ab_testing_id
Value: %224b923228-d9b6-4e39-b8b8-8d20472e6268%22
substack.com/ Name: AWSALBTGCORS
Value: NNTdHmY+DpfaEdSbFn72gTVPRod0RrzqQzGeD6Pm8PgjTk0qbrwIjD7GRDxOHvOH1gtIoNG/Yq5l8pQ39caAPvm3oAvU3BwkgT4QKXuhcfeHCa0cPlRnl6MdBvYRqcNcQYjNLgC1BhnIGc2tJzisX4ncFjPatRkSr7Y/fiEowcRT
osintnewsletter.com/ Name: AWSALBTG
Value: wuNAHJBHOt0M9DLNHrXCrh7Quwd2daIGo2Jip5IP7MQV3lXgjXT+2LgerLeAOmxQyFa5ddZQt8gn6IWA3yf2ddNZEu+tXJyivi759M6hn2PLCzwboM8mEfUn1MTK+ZXrSDMZOL3Hfdhg5X5pW3Hsvpqb/+g/uTm3rAKexvlK7rGl
osintnewsletter.com/ Name: AWSALBTGCORS
Value: wuNAHJBHOt0M9DLNHrXCrh7Quwd2daIGo2Jip5IP7MQV3lXgjXT+2LgerLeAOmxQyFa5ddZQt8gn6IWA3yf2ddNZEu+tXJyivi759M6hn2PLCzwboM8mEfUn1MTK+ZXrSDMZOL3Hfdhg5X5pW3Hsvpqb/+g/uTm3rAKexvlK7rGl
.osintnewsletter.com/ Name: _gcl_au
Value: 1.1.1429656207.1692633873
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
osintnewsletter.com/ Name: _dd_s
Value: rum=0&expire=1692634772453

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloudflareinsights.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.sentry-cdn.com
osintnewsletter.com
static.cloudflareinsights.com
substack.com
substackcdn.com
www.datadoghq-browser-agent.com
www.google.ca
www.google.com
www.googletagmanager.com
substack.com
104.16.57.101
104.18.33.245
13.225.224.171
13.35.93.96
142.250.64.67
142.250.65.163
142.250.65.196
142.250.80.40
142.250.81.226
151.101.2.217
172.64.147.169
05c41a64b1384a638aa3b6d780fbe05b18cc3d9651c5b5d007d8ecd09cdf6d64
0d4854488e2b15eb1e0af02953b9cd4ea18d9e5ad337579641dea5478d0bd118
12e3601150ee1699dad3eb510358a8076eae45ff297eb41d731f160311881ef7
144cc6f7643f94aeda80dfb332bc9a117496834476e6b94257de84e5939c0558
16e0da75b04dc361b8ceb978389b6b2a88ecbc3cc345cf664e4530cc16631768
214adbbd8ec57ab1b32c1b373cab882be824d86c8e144930ebdb29e96071043b
2d6d271e520c1ff74bd03fa8cf97b9ad9055804dd88ea2618b7e009e58811980
2ecacc35cedc1051770f00857304f73b2d0c54f76a51622d33b7e73ed3bdba25
3f6a7eb68e4ade95060c49a87bd301a8b0a4b134f3c72139444a1b0a6bd68e53
417b724beb27134ee2abe4f774e034832df53e4f464e63b08be038598e2f931c
478eee9ac68ef242aeda59b8b37b388003eb3eac12af90b8c38fa65d3a34f3a9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f12bc202f962657e6c840eb9bb30b694b66a5c31b0e772ba27469178cd6469c
72471a51ae7ffc4af3155280bce2974d8cd2d018d757c3ca45745868f3467268
732e7d0509c3d8772a2dcc1b9b5761d6e2d7b866ba5ada03486666c06567b2ce
7756815ffe9b94524a51527dc33bc2afd2108ac8c7123dfecce792d731a8ac3f
7b70ffb28255048db8aec06cfc8c02301d7dcf359b3b07b1e0b9afc2da2492c3
8302c41663f6c73dd49f26fcfa6045ce3da3c9ba3222daa0333ef668d038ce9f
a095ae9d1dabbfc05931ac8c2938066989635ba9539a699b7437336d0a8cdbe3
a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f
ae1a3311354ed011bccd77df2ddfc7f38efc0e27d3b507194522aefe9804f2c3
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
e0b349a4cf0044bfcd1e9dc6a309c5ea52abc563ff6b1baafd74450396ff0c8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e864b72a445601e381233fbefc91dbe5517c3601de14a00a736f821ffbac179a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fab27d5041f69a254211a2afe3f1798e974e2e62bb530d858d0d1b6baf64a924
fee5da3aefe3dec472eebe5073387d533d6988289c884e467e9c1df89f57088d