urlscan.io logo urlscan.io
SecurityTrails logo

pjnewsletter.com Open in urlscan Pro
2606:4700:10::6816:2bce  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pjnewsletter.com/
Effective URL: https://pjnewsletter.com/
Submission: On October 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 14 domains to perform 59 HTTP transactions. The main IP is 2606:4700:10::6816:2bce, located in United States and belongs to CLOUDFLARENET, US. The main domain is pjnewsletter.com. The Cisco Umbrella rank of the primary domain is 606592.
TLS certificate: Issued by E6 on October 20th 2024. Valid for: 3 months.
This is the only time pjnewsletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

33    2606:4700:10::6816:2bce (United States)

ASN13335 (CLOUDFLARENET, US)
pjnewsletter.com
1    2600:1408:ec00:1f::1735:23c8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
client.px-cloud.net
1    2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3037::ac43:bd16 (United States)

ASN13335 (CLOUDFLARENET, US)
ruamupr.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
fonts.gstatic.com
1    34.107.199.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.199.107.34.bc.googleusercontent.com
stk.px-cloud.net
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxqegyaqlb.px-cloud.net
3    2607:f8b0:400d:c07::8b (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    143.198.147.204 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
souhaija.site
3    2606:4700:20::681a:88b (United States)

ASN13335 (CLOUDFLARENET, US)
js.sparkloop.app
script.sparkloop.app
dash.sparkloop.app
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c0b::9b (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c1f::9b (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
33 pjnewsletter.com
pjnewsletter.com — Cisco Umbrella Rank: 606592
2 MB
4 gstatic.com
fonts.gstatic.com
70 KB
4 px-cloud.net
client.px-cloud.net — Cisco Umbrella Rank: 4419
stk.px-cloud.net — Cisco Umbrella Rank: 21462
collector-pxqegyaqlb.px-cloud.net — Cisco Umbrella Rank: 689841
72 KB
3 sparkloop.app
js.sparkloop.app — Cisco Umbrella Rank: 67861
script.sparkloop.app — Cisco Umbrella Rank: 66856
dash.sparkloop.app — Cisco Umbrella Rank: 61190
53 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
291 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
554 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
2 ruamupr.com
ruamupr.com — Cisco Umbrella Rank: 70242
39 KB
1 google.com
analytics.google.com — Cisco Umbrella Rank: 147
1 souhaija.site
souhaija.site
145 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
59 14
Domain Requested by
33 pjnewsletter.com 1 redirects pjnewsletter.com
static.cloudflareinsights.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
client.px-cloud.net
www.google-analytics.com
3 www.googletagmanager.com pjnewsletter.com
www.googletagmanager.com
2 www.facebook.com
2 connect.facebook.net pjnewsletter.com
connect.facebook.net
2 collector-pxqegyaqlb.px-cloud.net client.px-cloud.net
2 ruamupr.com 1 redirects pjnewsletter.com
1 dash.sparkloop.app js.sparkloop.app
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com client.px-cloud.net
1 script.sparkloop.app
1 js.sparkloop.app 1 redirects
1 souhaija.site www.googletagmanager.com
1 stk.px-cloud.net client.px-cloud.net
1 static.cloudflareinsights.com pjnewsletter.com
1 fonts.googleapis.com pjnewsletter.com
1 client.px-cloud.net pjnewsletter.com
59 19

This site contains links to these domains. Also see Links.

Domain
facebook.com
Subject Issuer Validity Valid
pjnewsletter.com
E6		 2024-10-20 -
2025-01-18		 3 months crt.sh
client.botchk.net
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2024-08-16 -
2025-09-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-09 -
2024-11-07		 3 months crt.sh
souhaija.site
R10		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
sparkloop.app
Cloudflare Inc ECC CA-3		 2024-08-31 -
2024-12-31		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://pjnewsletter.com/
Frame ID: D694448D17508E4A3AB02D883EAF46B7
Requests: 56 HTTP requests in this frame

Frame: https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: E5F10B784889926D8C7173AF0B435A69
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-6EDY1BF25J&gacid=484664549.1730380515&gtm=45je4as0v886867345z8848813796za200zb848813796&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=285978982
Frame ID: 63E0066E30450D8826050CEAE9FF5694
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Patriot Journal | The other side of the story

Page URL History Show full URLs

  1. http://pjnewsletter.com/ HTTP 307
    https://pjnewsletter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

95 %
HTTPS

71 %
IPv6

14
Domains

19
Subdomains

17
IPs

1
Countries

2813 kB
Transfer

4187 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pjnewsletter.com/ HTTP 307
    https://pjnewsletter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://ruamupr.com/13376 HTTP 302
  • https://ruamupr.com/script/US/1/13376
Request Chain 36
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 45
  • https://js.sparkloop.app/team_ee2153f3c6ee.js HTTP 301
  • https://script.sparkloop.app/team_ee2153f3c6ee.js

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pjnewsletter.com/
Redirect Chain
  • http://pjnewsletter.com/
  • https://pjnewsletter.com/
95 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2ae0ffb31035f17fa80f880e1fdbd32764efd61cfacf75418bc42066ff4b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
5004
cache-control
max-age=14400
cf-apo-via
tcache
cf-cache-status
HIT
cf-edge-cache
cache,platform=wordpress
cf-ray
8db3e9a3ef19a518-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 13:15:14 GMT
last-modified
Thu, 31 Oct 2024 11:38:01 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
x-cf-score
99
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-px-score
50
x-xss-protection
1; mode=block

Redirect headers

Location
https://pjnewsletter.com/
Non-Authoritative-Reason
HttpsUpgrades
main.min.js
client.px-cloud.net/PXQEGyaQLb/ 		168 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:1f::1735:23c8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
35bd09f08e814f2b9b1b84da77e4c8b343ade193e2c305a5f592f115452e6feb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
max-age=600
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
content-encoding
gzip
etag
"098b1a8951bffab79c0586e66d5d1643"
active-cdn
Akamai
expires
Thu, 31 Oct 2024 13:18:57 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-stored-content-length
71179
content-length
71179
date
Thu, 31 Oct 2024 13:15:14 GMT
last-modified
Thu, 31 Oct 2024 13:08:10 GMT
content-type
application/javascript; charset=utf-8
server
UploadServer
vary
Accept-Encoding
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc683d8a4671884de766a10c2846c426a025e8a65d67e8eec239ab9a98508af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 13:15:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 31 Oct 2024 13:15:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.min.css
pjnewsletter.com/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e3e1df-1b72b"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/css
last-modified
Fri, 13 Sep 2024 06:55:27 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d830a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
jquery.min.js
pjnewsletter.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e2d329-15601"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript
last-modified
Thu, 12 Sep 2024 11:40:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d834a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
jquery-migrate.min.js
pjnewsletter.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66e2d328-3509"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript
last-modified
Thu, 12 Sep 2024 11:40:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d835a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
style.css
pjnewsletter.com/wp-content/themes/patriotjournal/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/themes/patriotjournal/style.css?v=1.0.57.3
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5da7d479ee8124d1d2794909c0d44f86ead2ff960e0f426c83e2070d793189d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67192b32-b633"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 16:58:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d832a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
style.css
pjnewsletter.com/wp-content/themes/patriotjournal/layouts/fixed-sidebar/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/themes/patriotjournal/layouts/fixed-sidebar/style.css?v=1.0.57.3
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b63f8e3f20d9db0cdeac1360548582cb5657ad9fd33d8625e8aef0e06be45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6721f728-4b0"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/css
last-modified
Wed, 30 Oct 2024 09:06:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d833a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
clever_ads.js
pjnewsletter.com/wp-content/themes/patriotjournal/js/ 		111 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/themes/patriotjournal/js/clever_ads.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4f21177d8ce78c2cdb9ad1cd4b0dccd3aaa7adfdd1d73b86bda6741c949267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"651e8b1f-6f"
age
6336
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript
last-modified
Thu, 05 Oct 2023 10:08:31 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d836a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
logo-1.png
pjnewsletter.com/wp-content/uploads/2024/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/01/logo-1.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bd3e6c095affec71509e1c2b46cf10b0dd96d88a9f5694b48285602fd43464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65a50401-7a6"
age
6821
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=1958
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="logo-1.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 15 Jan 2024 10:08:01 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a4d837a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
13376
ruamupr.com/script/US/1/
Redirect Chain
  • https://ruamupr.com/13376
  • https://ruamupr.com/script/US/1/13376
112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ruamupr.com/script/US/1/13376
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Server
2606:4700:3037::ac43:bd16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4886cf41c4c0f73ec1a7b68b39494e109c97eb61d72b0cc9cf50c314a4f654b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a6ef3d08449d9cbc9ba2e54ffafb34c341776686"
age
10
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5AElQ%2Fyowtee9%2FGyvgrvPhSXTtZnDZOBwYz5ExWMrFfYDB5Z%2FriOXtP7wGDaw1MvTB5RjGdkJuCMVdXqA7Fyn6916YXmaZb3yCUpNJL0XcMMYwEH96kOGnGTkzzy48ZZXEUlhz2r9%2FtjWg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Oct 2024 13:16:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=29576&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4717&recv_bytes=2235&delivery_rate=131363&cwnd=255&unsent_bytes=0&cid=e83d73a5317276b4&ts=254&x=0"
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-tornado
yes
cf-ray
8db3e9a68ed00a2a-MIA
access-control-allow-origin
*
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location
https://ruamupr.com/script/US/1/13376
cf-cache-status
BYPASS
pragma
no-cache
x-tornado
yes
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=web%2FgWlIVlOOMgIr0H%2FaQAo3mDbbbepIqSR27TDi4bgtmIeJ6Y3h0bRLOi0snr37h7er7RsQljwr81tYm6o3oDWfuMz5NDu0czsiJF9aYmwGYY5R3Dt9Lvq4Mek5WQ%2FhDiwLIszKj4zBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8db3e9a54d750a2a-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=29581&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3978&recv_bytes=2168&delivery_rate=131363&cwnd=253&unsent_bytes=0&cid=e83d73a5317276b4&ts=201&x=0"
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
frontend.min.js
pjnewsletter.com/wp-content/plugins/q2w3-fixed-widget/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"648b28b8-5b89"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript
last-modified
Thu, 15 Jun 2023 15:05:28 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a5289aa518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
subscribe.js
pjnewsletter.com/wp-content/plugins/inboxfirst-by-klicked-master/assets/ 		933 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/plugins/inboxfirst-by-klicked-master/assets/subscribe.js?ver=1.1.2
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225ac4b774f17cbcd24aeb0ea479625645b81132d6208cded6c5bd5ee98d457f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5e4cec4e-3a5"
age
6822
x-cf-score
-1
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript
last-modified
Wed, 19 Feb 2020 08:05:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a578f5a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://pjnewsletter.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8db3e9a69f207481-MIA
access-control-allow-origin
*
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		243 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a472224a88fb393c3613c30ff5b477d6c40074756ae4562ed25e34dc0d2fe7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 31 Oct 2024 13:15:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87170
x-xss-protection
0
server
Google Tag Manager
trump-speech-1024x538.png
pjnewsletter.com/wp-content/uploads/2024/10/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/trump-speech-1024x538.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e701d4a9d69c68244f71040588a78150965b7cfcdc0b9dbaf81bdf513ea6da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"67127ad3-3f84e"
age
6209
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=260174
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="trump-speech-1024x538.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 18 Oct 2024 15:12:19 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a629c7a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
bidenharris-1024x538.png
pjnewsletter.com/wp-content/uploads/2023/03/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/03/bidenharris-1024x538.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8480670189122f2ad2f0337efc9d565a6b1fcdff51a65f88a7a6504cd9381eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"641df0c0-43837"
age
6209
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=276535
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="bidenharris-1024x538.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 24 Mar 2023 18:49:36 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a629caa518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
trump-butler-1024x538.png
pjnewsletter.com/wp-content/uploads/2024/07/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/07/trump-butler-1024x538.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd630474de5247254016e1cb53f71cb68b8ed84152dba34fbeb44039388082a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"6695543b-47a32"
age
6209
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=293426
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="trump-butler-1024x538.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 15 Jul 2024 16:54:19 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a629cda518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
2024election-768x403.png
pjnewsletter.com/wp-content/uploads/2024/01/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/01/2024election-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb6d239604b4ba9e8d1c48b532515b4adfcc439619848f69e4662e99a91335d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65a03d95-2aec2"
age
4087
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=175810
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="2024election-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Thu, 11 Jan 2024 19:12:21 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639cfa518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
kamalaharrismadangry-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/07/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/07/kamalaharrismadangry-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4fb38bbaebe7706ca8a9b00705d18c1cbf494db6fb49bd25d28d0d686817d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66aad570-71fe"
age
5355
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=29182
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/jpeg
last-modified
Thu, 01 Aug 2024 00:23:12 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639d1a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
harris-speaking-768x403.png
pjnewsletter.com/wp-content/uploads/2024/10/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/harris-speaking-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2681a52722ad0d37654206142b0d61fd2170c2fe116063f1fb68be92b56d48d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"671bbbc2-23839"
age
5355
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=145465
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="harris-speaking-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 25 Oct 2024 15:39:46 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639d4a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
donaldtrump-msg-768x403.png
pjnewsletter.com/wp-content/uploads/2024/10/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/donaldtrump-msg-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b48c2d3a8c37c6828e1f07b4d9a1736f8c24e29794455469cdb8ef1616ca74a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"671fb5e3-2b52f"
age
6422
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=177455
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="donaldtrump-msg-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 28 Oct 2024 16:03:47 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639d7a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
trump-speech-768x403.png
pjnewsletter.com/wp-content/uploads/2024/08/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/08/trump-speech-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6115928551743cb808a0fa8ca00db37bf5020d9b1959b4b08ae1be4d604444f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66c8c617-1e8db"
age
6422
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=125147
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="trump-speech-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 23 Aug 2024 17:25:43 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639d9a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Kamala--768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/Kamala--768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548e44dec0da405ee454c17065648e49f5a15bdfe3d39ae3f7dbf7962a5b3368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"6722a120-7880"
age
5861
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=30848
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/jpeg
last-modified
Wed, 30 Oct 2024 21:12:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639daa518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
texaskamala-768x403.jpg
pjnewsletter.com/wp-content/uploads/2021/11/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2021/11/texaskamala-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976f9d9efff64b022632bdb5b8e3633f0e643560ad4f56716fb10584e80cfae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"6196c629-6ead"
age
5767
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=28333
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/jpeg
last-modified
Thu, 18 Nov 2021 21:31:21 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639dba518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
ballots-768x403.png
pjnewsletter.com/wp-content/uploads/2023/12/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/12/ballots-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76f2e2ad61d804f57b51fc0984ada2af1c7ab0e66db7a9a2c397de273e27af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65809acd-241d6"
age
5759
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=147926
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="ballots-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 18 Dec 2023 19:17:33 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639dda518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
joebiden-youngkin-768x403.png
pjnewsletter.com/wp-content/uploads/2023/09/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2023/09/joebiden-youngkin-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd97820aa3fe4c34d8ec4f5374abc8f4e234c265c998ead7d99438e7286bc9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65146627-23355"
age
5849
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=144213
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="joebiden-youngkin-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Wed, 27 Sep 2023 17:28:07 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639dea518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
trump-harris-debate-768x403.png
pjnewsletter.com/wp-content/uploads/2024/07/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/07/trump-harris-debate-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711de32bdcf166ab833ee7cf8df31b903aaffacbb8ff9e409ac4551eb569f6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66a27bb1-27308"
age
3686
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=160520
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="trump-harris-debate-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Thu, 25 Jul 2024 16:22:09 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639e0a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
joebiden-1-768x403.png
pjnewsletter.com/wp-content/uploads/2024/09/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/09/joebiden-1-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55c57b9f29c428b51ddb857a437b2a78e7cf38644ea164293902439f50eb1c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"66f5848a-22c8e"
age
5758
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=142478
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="joebiden-1-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Thu, 26 Sep 2024 15:58:02 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639e1a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Trump-CNN-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/Trump-CNN-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed21bcc4074e8470da87bd05ea6c5fb7ba663f3e0661101eb5607db3c2efd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"672283d3-577d"
age
5773
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=22397
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/jpeg
last-modified
Wed, 30 Oct 2024 19:06:59 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639e2a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
Doug-Emhoff-Trump-768x403.jpg
pjnewsletter.com/wp-content/uploads/2024/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/Doug-Emhoff-Trump-768x403.jpg
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc5818e2635c80c852ae5149ba84136eacf582a11525bcfd67a43b44553edb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"67213258-62d7"
age
5758
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origSize=25303
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/jpeg
last-modified
Tue, 29 Oct 2024 19:07:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639e5a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
trump-quet-768x403.png
pjnewsletter.com/wp-content/uploads/2024/10/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/10/trump-quet-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ab09a62cb803a2a657ff3ff6d944121c4dbc0c2d4128a2b68bd57dc27dee10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"6722544b-2b110"
age
286
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=176400
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="trump-quet-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Wed, 30 Oct 2024 15:44:11 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a639e7a518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
mikejohnson-768x403.png
pjnewsletter.com/wp-content/uploads/2024/02/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/02/mikejohnson-768x403.png
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902ce096d82c3b144a3a5beeff134cdc5e1829d824570915c4fdc06e68816bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65ce6615-26a0a"
age
5922
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=158218
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="mikejohnson-768x403.webp"
vary
Accept, Accept-Encoding
last-modified
Thu, 15 Feb 2024 19:29:25 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a65a0fa518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
586074
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 18:27:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 18:27:20 GMT
last-modified
Thu, 01 Jun 2023 23:15:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21528
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
588204
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 17:51:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 17:51:50 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
587317
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 18:06:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 18:06:37 GMT
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14824
x-xss-protection
0
server
sffe
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,700,900|Source+Serif+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pjnewsletter.com
Referer
https://fonts.googleapis.com/

Response headers

age
587417
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 18:04:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 18:04:57 GMT
last-modified
Thu, 01 Jun 2023 23:17:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20528
x-xss-protection
0
server
sffe
main.js
pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame E5F1
Redirect Chain
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H2
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bdcc615a15aa81d526930d6c6b28eb23a510eadc7f3f7d4633c3c1be23ddc42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8db3e9a7cbdaa518-MIA
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8db3e9a75b30a518-MIA
access-control-allow-origin
*
content-length
0
date
Thu, 31 Oct 2024 13:15:14 GMT
vary
Accept-Encoding
server
cloudflare
ns
stk.px-cloud.net/ 		350 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stk.px-cloud.net/ns?c=2a683c50-978a-11ef-b9d8-cd19075cd506
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.199.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.199.107.34.bc.googleusercontent.com
Software
/
Resource Hash
66f78c97d6b4a76105d11978c8af0be84f33fa1e41114d21a5b2c1f8019ca9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
350
Date
Thu, 31 Oct 2024 13:15:14 GMT
Content-Type
text/html
collector
collector-pxqegyaqlb.px-cloud.net/api/v2/ 		540 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxqegyaqlb.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
be7c9fd58d1a545cea84f54da9753e5602d4af0f43686917f83f9712d8943be9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://pjnewsletter.com/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
via
1.1 google
access-control-allow-origin
https://pjnewsletter.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
date
Thu, 31 Oct 2024 13:15:13 GMT
content-type
application/json; charset=utf-8
8db3e9a3ef19a518
pjnewsletter.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E5F1 		0
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/cdn-cgi/challenge-platform/h/b/jsd/r/8db3e9a3ef19a518
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8db3e9a8ed3ea518-MIA
content-length
0
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
js
www.googletagmanager.com/gtag/ 		312 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6EDY1BF25J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1834e6b979ec100d7bc8e8cae87b11b3e7041595c6931a3a9446f4949aa7b9b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 31 Oct 2024 13:15:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106814
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		295 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6L5Q55KN3H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c99bad07a0396aed1b06ddc57147d3101ef45ea51e17a755b30c419c69c8e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 31 Oct 2024 13:15:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103184
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
age
6826
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 13:21:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 11:21:28 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pjnewsletter.com
URL: https://pjnewsletter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-HZWiROax' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-HZWiROax' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4437, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
GELEocbY8oBLNszfvyy7xHCvuXdxNZuIZR0L/t3t1K//HKmbVBqA60kJeiL1yExPhi0K3P3pa+tV8mqU0HtD+Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
13285
souhaija.site/easylist/ 		0
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://souhaija.site/easylist/13285
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6FSMK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.147.204 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
application/javascript
x-powered-by
Express
server
nginx
team_ee2153f3c6ee.js
script.sparkloop.app/
Redirect Chain
  • https://js.sparkloop.app/team_ee2153f3c6ee.js
  • https://script.sparkloop.app/team_ee2153f3c6ee.js
95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.sparkloop.app/team_ee2153f3c6ee.js
Protocol
H2
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf65f72ba4f86b0bcdac19fb3e3fd44861f976beb831fb71a4dbc9958325051f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFKyvXy9Ijr6KoZa34bp9ktq%2FQRfuxEU1ox%2FyqWE2UQC2D2Y81VeE83Uu8ea%2BOyBYX1G9hUkm1d90sBgFfgraoMQ%2B4gvcJp0S6HUNZc5FmTTabeMjC8ut6ZfQMcl2dvHpyxhfcE%2BtB2MMcc1HDZz7XPM"}],"group":"cf-nel","max_age":604800}
cf-ray
8db3e9aa6fa75f1f-MIA
server-timing
cfL4;desc="?proto=TCP&rtt=33474&sent=11&recv=14&lost=0&retrans=0&sent_bytes=4497&recv_bytes=2254&delivery_rate=130159&cwnd=256&unsent_bytes=0&cid=60f04afcba6569b8&ts=190&x=0"
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://script.sparkloop.app/team_ee2153f3c6ee.js
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEGD7dwublyFJIo4oboc3mAwU%2BFudipp7IcyVg0BWij%2FECdqNepjHt9pwEUePraDBekyheOn9kQZjLn%2B7ApJdwUMHYMexP68e%2FiTnH%2FohjhbdMdq1QML6rj5mWF4ryAd%2FiZhbReNvho0djnRIpI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8db3e9aa0f275f1f-MIA
expires
Thu, 31 Oct 2024 14:15:14 GMT
content-length
167
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
rum
pjnewsletter.com/cdn-cgi/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://pjnewsletter.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8db3e9a92d82a518-MIA
access-control-allow-origin
https://pjnewsletter.com
date
Thu, 31 Oct 2024 13:15:14 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon-3-1.png
pjnewsletter.com/wp-content/uploads/2024/01/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pjnewsletter.com/wp-content/uploads/2024/01/favicon-3-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41488ca678af1c975634a2be97fd019f799558fd0cc1f54d0a77e742d8fde3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cf-cache-status
HIT
etag
W/"65a50400-4b4"
age
3893
cf-bgj
imgq:100,h2pri
x-cf-score
-1
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=1204
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-3-1.webp"
vary
Accept, Accept-Encoding
last-modified
Mon, 15 Jan 2024 10:08:00 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
8db3e9a93d9aa518-MIA
x-xss-protection
1; mode=block
server
cloudflare
x-px-score
null
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6EDY1BF25J&gtm=45je4as0v886867345z8848813796za200zb848813796&_p=1730380514052&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=484664549.1730380515&ecid=504484886&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1730380514&sct=1&seg=0&dl=https%3A%2F%2Fpjnewsletter.com%2F&dt=Patriot%20Journal%20%7C%20The%20other%20side%20of%20the%20story&en=page_view&_fv=1&_nsi=1&_ss=1&ep.post_id=null&ep.publish_date=null&ep.bot_detected=0&ep.cf_bot_detected=0&ep.cf2_bot_detected=0&ep.cf_raw_bot_detected=99&tfd=1105
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6EDY1BF25J&cid=484664549.1730380515&gtm=45je4as0v886867345z8848813796za200zb848813796&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6EDY1BF25J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 63E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-6EDY1BF25J&gacid=484664549.1730380515&gtm=45je4as0v886867345z8848813796za200zb848813796&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=285978982
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6EDY1BF25J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pjnewsletter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 13:15:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6L5Q55KN3H&gtm=45je4as0v871791196z8848813796za200zb848813796&_p=1730380514052&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=484664549.1730380515&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730380514&sct=1&seg=0&dl=https%3A%2F%2Fpjnewsletter.com%2F&dt=Patriot%20Journal%20%7C%20The%20other%20side%20of%20the%20story&en=page_view&_fv=1&_ss=1&tfd=1183
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
text/plain
server
Golfe2
154908708357560
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/154908708357560?v=2.9.174&r=stable&domain=pjnewsletter.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
570a17d0ae5247b6c63b755a4b0af0029f3186db52bb617478bdfc07b20688f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-avW0bIPd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-avW0bIPd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=67, mss=1232, tbw=67829, tp=63, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
fKYlXgvmRUUOZHDIGRT1sIaqUoIg036oqTIXsvFTgovwEfk9TCMUhJhGu0XD4SoC4lhDSPQKs5ZHNbUIlzGBwA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13303
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/j/ 		3 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1383009110&t=pageview&_s=1&dl=https%3A%2F%2Fpjnewsletter.com%2F&ul=en-us&de=UTF-8&dt=Patriot%20Journal%20%7C%20The%20other%20side%20of%20the%20story&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1233983516&gjid=1418862750&cid=484664549.1730380515&tid=UA-71705037-13&_gid=456461308.1730380515&_r=1&_slc=1&gtm=45He4as0n81TX6FSMKv848813796za200&cd1=null&cd2=null&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101899378~101925629&z=1875707350
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://pjnewsletter.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 13:15:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://pjnewsletter.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=154908708357560&ev=PageView&dl=https%3A%2F%2Fpjnewsletter.com%2F&rl=&if=false&ts=1730380515098&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1730380515097.180140483807046353&ler=empty&cdl=API_unavailable&it=1730380515025&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2929, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=154908708357560&ev=PageView&dl=https%3A%2F%2Fpjnewsletter.com%2F&rl=&if=false&ts=1730380515098&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1730380515097.180140483807046353&ler=empty&cdl=API_unavailable&it=1730380515025&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431927722036650489"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 13:15:15 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
eDNmRdpdzIeV0uMHpc0Zwr8pVZAccPZgY+tMhr9AOGigFHKkVAil+61XytK9LAmjFfQ5O8Dl7GRRZwsdJs2BBA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431927722036650489", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=3242, tp=-1, tpl=-1, uplat=99, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collector
collector-pxqegyaqlb.px-cloud.net/api/v2/ 		600 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxqegyaqlb.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXQEGyaQLb/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
55ffdde70db33930ee66c0c82ece87948ac91039c92e910272249b367249bde9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://pjnewsletter.com/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
via
1.1 google
access-control-allow-origin
https://pjnewsletter.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
date
Thu, 31 Oct 2024 13:15:14 GMT
content-type
application/json; charset=utf-8
default.css
dash.sparkloop.app/styles/ 		37 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dash.sparkloop.app/styles/default.css
Requested by
Host: js.sparkloop.app
URL: https://js.sparkloop.app/team_ee2153f3c6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1849272c7e7b5a280ff338e0a0754f62744f76838e8ad5ae645eb4be865f73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pjnewsletter.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730374231&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=e9iUBwD8%2BaZ51ZHxOExqedVt6WQKpCEWkid3s%2F4ayfM%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
cf-cache-status
HIT
age
4999
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730374231&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=e9iUBwD8%2BaZ51ZHxOExqedVt6WQKpCEWkid3s%2F4ayfM%3D"}]}
via
1.1 vegur
cf-ray
8db3e9b12fd65f1f-MIA
server-timing
cfL4;desc="?proto=TCP&rtt=32759&sent=52&recv=28&lost=0&retrans=0&sent_bytes=38376&recv_bytes=2364&delivery_rate=1469262&cwnd=256&unsent_bytes=0&cid=60f04afcba6569b8&ts=1270&x=0"
date
Thu, 31 Oct 2024 13:15:16 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 09:31:24 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| detectAdBlock object| dataLayer function| jQuery object| e function| tji function| __yget_ad_list function| __enc function| __enc2 function| __rs function| __yregister_page_load function| __yregister_page_view function| __yregister_widget_load function| __yregister_view_once1 function| __yregister_widget_view_trigger function| __place function| __reg_events function| __loadnow function| __load function| __sh object| 1900525206647819467 object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded object| ifsub function| domReady object| __cfBeacon string| _pxAppId object| PXQEGyaQLb object| PX string| __style string| __html object| __style_div object| settings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| SLConfig object| SL

14 Cookies

Domain/Path Name / Value
pjnewsletter.com/ Name: kentCfIdRaw
Value: 99
pjnewsletter.com/ Name: _pxhd
Value: 2a155029b8cee13b4883085e0f932ec85fba8390b5ddcb4a9982347e4057c10f:2a1af0ce-978a-11ef-90f9-4c5dd9c03cc3
.pjnewsletter.com/ Name: pxcts
Value: 2a856a25-978a-11ef-8e29-faa94c20398f
.pjnewsletter.com/ Name: _pxvid
Value: 2a1af0ce-978a-11ef-90f9-4c5dd9c03cc3
.pjnewsletter.com/ Name: cf_clearance
Value: UAOnoS8OLknOiIhPfsRJJP72vxzXtOjwKzT0WafSxU8-1730380514-1.2.1.1-IWcNu.YiT6oL775yd2ROQGuXUKb8JkCv2EdUQDJT7OTaLbvjs0kMzpLsff4RXCXJaLyqdcCRRQyxq0zk4cldbtUleQMTDg1l.eY8qU61ueFGfsQ3OFJVC3VDcmvvAoH4XyiAfzdRtE4vw3sR0sa5gkU8wLxhv3H5SOJ2jRDo4f7cWbXf16TBFGTu.LXFiZ4IH82pUOtLlXDX67T0cSBQqmBwNXj.ohlf3XsGd9nK.RZRYTi2MSwBrijdo6y.uxHPHbum22EBC8Ek5Zx7DdDhO6joZNE7i6i3oQpbdBCYjG9MpTpYQvXshFrt5VzBQ3TckbS9eCeTC.uidDir10LHAEbNdcQ2Prpiic3M0vYAiWzNy93G4l9qdFoceljC9Kq1
.pjnewsletter.com/ Name: _ga_6EDY1BF25J
Value: GS1.1.1730380514.1.0.1730380514.60.0.504484886
.pjnewsletter.com/ Name: _ga_6L5Q55KN3H
Value: GS1.1.1730380514.1.0.1730380514.0.0.0
.pjnewsletter.com/ Name: _ga
Value: GA1.2.484664549.1730380515
.pjnewsletter.com/ Name: _gid
Value: GA1.2.456461308.1730380515
.pjnewsletter.com/ Name: _gat_UA-71705037-13
Value: 1
.pjnewsletter.com/ Name: _fbp
Value: fb.1.1730380515097.180140483807046353
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pjnewsletter.com/ Name: _px3
Value: 5becd965f4a00f5379ac06772029dbe52fd8672d8a88193b592e2b45965ccc1a:eWdgzJhlDEZqKXKXi6AkCfC6Wh9mcHFzgfJEZe9cjDWvqJYzf0ikNO0tN4BaFPhjFxkUzTR3tdAdnG/iRPbdbg==:1000:fk7ohUeG0+zo68J9Z8jpLC4nchLBixiZsQJpIB+pYLq6u8CksPEHS/muJPv1CyX2Y6n8e5m294XxQ+wGbk9073TTfGDjsoc2V+g4VrxGy9aW/x+2QwgA3VoX63juO25hGeU00qvZg+IeN3lRO92ILkS3gYTrm5aUGPgPlB1KIi1uUD4R3U1WDOaj/v6RFv0xyMEsksD+4pALX1cGa4m1aykXGqN0PG9RB3jLecr2/NI=
.pjnewsletter.com/ Name: __sl-fingerprint
Value: d83849b0aac5eb545cb4c304493b8740

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
client.px-cloud.net
collector-pxqegyaqlb.px-cloud.net
connect.facebook.net
dash.sparkloop.app
fonts.googleapis.com
fonts.gstatic.com
js.sparkloop.app
pjnewsletter.com
ruamupr.com
script.sparkloop.app
souhaija.site
static.cloudflareinsights.com
stats.g.doubleclick.net
stk.px-cloud.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
143.198.147.204
172.253.115.94
2001:4860:4802:34::181
2600:1408:ec00:1f::1735:23c8
2606:4700:10::6816:2bce
2606:4700:20::681a:88b
2606:4700:3037::ac43:bd16
2606:4700::6810:5049
2607:f8b0:4004:c1f::5f
2607:f8b0:4004:c1f::9b
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::8b
2607:f8b0:400d:c0b::9b
2a03:2880:f103:181:face:b00c:0:25de
31.13.66.19
34.107.199.61
35.190.10.96
08e701d4a9d69c68244f71040588a78150965b7cfcdc0b9dbaf81bdf513ea6da
0a472224a88fb393c3613c30ff5b477d6c40074756ae4562ed25e34dc0d2fe7c
0b48c2d3a8c37c6828e1f07b4d9a1736f8c24e29794455469cdb8ef1616ca74a
0c99bad07a0396aed1b06ddc57147d3101ef45ea51e17a755b30c419c69c8e03
10bd3e6c095affec71509e1c2b46cf10b0dd96d88a9f5694b48285602fd43464
1834e6b979ec100d7bc8e8cae87b11b3e7041595c6931a3a9446f4949aa7b9b1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21b63f8e3f20d9db0cdeac1360548582cb5657ad9fd33d8625e8aef0e06be45c
225ac4b774f17cbcd24aeb0ea479625645b81132d6208cded6c5bd5ee98d457f
28ab09a62cb803a2a657ff3ff6d944121c4dbc0c2d4128a2b68bd57dc27dee10
35bd09f08e814f2b9b1b84da77e4c8b343ade193e2c305a5f592f115452e6feb
3bdcc615a15aa81d526930d6c6b28eb23a510eadc7f3f7d4633c3c1be23ddc42
41488ca678af1c975634a2be97fd019f799558fd0cc1f54d0a77e742d8fde3ff
4886cf41c4c0f73ec1a7b68b39494e109c97eb61d72b0cc9cf50c314a4f654b1
4c1849272c7e7b5a280ff338e0a0754f62744f76838e8ad5ae645eb4be865f73
4dc5818e2635c80c852ae5149ba84136eacf582a11525bcfd67a43b44553edb2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548e44dec0da405ee454c17065648e49f5a15bdfe3d39ae3f7dbf7962a5b3368
55ffdde70db33930ee66c0c82ece87948ac91039c92e910272249b367249bde9
570a17d0ae5247b6c63b755a4b0af0029f3186db52bb617478bdfc07b20688f9
6115928551743cb808a0fa8ca00db37bf5020d9b1959b4b08ae1be4d604444f3
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
66f78c97d6b4a76105d11978c8af0be84f33fa1e41114d21a5b2c1f8019ca9f2
6cd97820aa3fe4c34d8ec4f5374abc8f4e234c265c998ead7d99438e7286bc9c
711de32bdcf166ab833ee7cf8df31b903aaffacbb8ff9e409ac4551eb569f6bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
8480670189122f2ad2f0337efc9d565a6b1fcdff51a65f88a7a6504cd9381eb4
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8eb6d239604b4ba9e8d1c48b532515b4adfcc439619848f69e4662e99a91335d
902ce096d82c3b144a3a5beeff134cdc5e1829d824570915c4fdc06e68816bec
976f9d9efff64b022632bdb5b8e3633f0e643560ad4f56716fb10584e80cfae1
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2681a52722ad0d37654206142b0d61fd2170c2fe116063f1fb68be92b56d48d
b5da7d479ee8124d1d2794909c0d44f86ead2ff960e0f426c83e2070d793189d
ba4f21177d8ce78c2cdb9ad1cd4b0dccd3aaa7adfdd1d73b86bda6741c949267
be7c9fd58d1a545cea84f54da9753e5602d4af0f43686917f83f9712d8943be9
c76f2e2ad61d804f57b51fc0984ada2af1c7ab0e66db7a9a2c397de273e27af8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
cc683d8a4671884de766a10c2846c426a025e8a65d67e8eec239ab9a98508af1
cd2ae0ffb31035f17fa80f880e1fdbd32764efd61cfacf75418bc42066ff4b31
cf65f72ba4f86b0bcdac19fb3e3fd44861f976beb831fb71a4dbc9958325051f
d55c57b9f29c428b51ddb857a437b2a78e7cf38644ea164293902439f50eb1c3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fb38bbaebe7706ca8a9b00705d18c1cbf494db6fb49bd25d28d0d686817d47
ebd630474de5247254016e1cb53f71cb68b8ed84152dba34fbeb44039388082a
eed21bcc4074e8470da87bd05ea6c5fb7ba663f3e0661101eb5607db3c2efd83
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5