conservativestar.com Open in urlscan Pro
2606:4700:20::681a:37e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsreadynow.com/
Effective URL:
https://conservativestar.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On November 10 via api (November 10th 2023, 4:42:43 am UTC) from DE — Scanned from NL

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 89 HTTP transactions. The main IP is 2606:4700:20::681a:37e, located in United States and belongs to CLOUDFLARENET, US. The main domain is conservativestar.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 2nd 2023. Valid for: a year.

This is the only time conservativestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:20:... 2606:4700:20::681a:37e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
7	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
1	3.131.102.46 3.131.102.46	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
89	20

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newsreadynow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:20::681a:37e (United States)

ASN13335 (CLOUDFLARENET, US)

conservativestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

stats.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.102.46 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-102-46.us-east-2.compute.amazonaws.com

stats1.wpmudev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	conservativestar.com conservativestar.com	9 MB
18	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 157 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	65 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	342 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	64 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	65 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136 pm-widget.taboola.com — Cisco Umbrella Rank: 3595	258 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	223 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	63 KB
1	wpmudev.com stats1.wpmudev.com — Cisco Umbrella Rank: 24679	156 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 454	288 B
1	google.com.ua www.google.com.ua — Cisco Umbrella Rank: 25899	408 B
1	wpmucdn.com stats.wpmucdn.com — Cisco Umbrella Rank: 29415	25 KB
1	newsreadynow.com 1 redirects newsreadynow.com	753 B
89	15

	Domain	Requested by
25	conservativestar.com	conservativestar.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com conservativestar.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	conservativestar.com pagead2.googlesyndication.com tpc.googlesyndication.com www.google.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	conservativestar.com www.googletagmanager.com
3	fonts.googleapis.com	conservativestar.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	analytics.google.com	www.googletagmanager.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	cdn.taboola.com	conservativestar.com cdn.taboola.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	stats1.wpmudev.com	conservativestar.com
1	gum.criteo.com	cdn.taboola.com
1	www.google.com.ua	conservativestar.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.wpmucdn.com	conservativestar.com
1	newsreadynow.com	1 redirects
89	21

This site contains no links.

Subject Issuer	Validity	Valid
conservativestar.com Cloudflare Inc ECC CA-3	`2023-09-02` - `2024-09-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
stats.wpmucdn.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com.ua GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
stats1.wpmudev.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://conservativestar.com/
Frame ID: 0C2F9EA71502A5137F81C3744A9931D2
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: F3FB3D9F43C4160A10FB33F0CEC1AE89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3559627262152735&output=html&adk=1812271804&adf=3025194257&lmt=1699576487&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fconservativestar.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699591340382&bpp=4&bdt=518&idt=309&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2021116390088&frm=20&pv=2&ga_vid=785171209.1699591340&ga_sid=1699591341&ga_hid=1260776576&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079437%2C44795921%2C44801485%2C44807464%2C31078297%2C31079473%2C44808149&oid=2&pvsid=2996925823886324&tmod=1761378046&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=326
Frame ID: 018F9842A745AF440F637CE3E286E610
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1448CF87C8099D91D3699A1227125043
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 901D9237B3566CA43B72C20EBFE85C51
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 24BFAF9AE47CC92DB456AB140544D3FB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: C7802B147CB081C273838C26BCD35DE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A87275B47EBB61A67B3FC18C6D0E263D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F283916202645AC9177AC2BE15151987
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Conservative Star

Page URL History Show full URLs

http://newsreadynow.com/ HTTP 302
https://conservativestar.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

89
Requests

99 %
HTTPS

75 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

10135 kB
Transfer

14340 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsreadynow.com/ HTTP 302
https://conservativestar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
conservativestar.com/
Redirect Chain

http://newsreadynow.com/
https://conservativestar.com/

85 KB
15 KB

216ms
151ms

Document
text/html

2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fee84411ea75ca922b144b7b09481d048e7eee21b3d3e5231480590b0b8d77b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 439
cache-control: max-age=0, s-maxage=2592000
cache-provider: CLOUDWAYS-CACHE-DE
cf-cache-status: DYNAMIC
cf-ray: 823ba0d13a2239e0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 04:42:19 GMT
expires: Fri, 10 Nov 2023 04:35:00 GMT
last-modified: Fri, 10 Nov 2023 00:34:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFXJ6pRa6feoibpnFFHVou5yy%2F06I5gaYF%2FOYsNxUaTy6zLz2%2BaxqF32zbMcw3GqlRFGU4stcCGfQkLsnGsRSBEYGQ955kGfFHuqJ2ja%2FwmuC4EmBW5qvA2JHPh%2Fk4C0xJL25vwM0ToZ1wFUPDbN2QvS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

Redirect headers

CF-RAY: 823ba0d0ac9c90fe-FRA
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Fri, 10 Nov 2023 04:42:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://conservativestar.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S88kZYfY3XSjKmXHmJHekkXNtL3bj%2FVYRM2WDnhzYtIkE9%2FZZfQe6AbCcldM9OBWZmZvR5zWrjJGiuhj2ck%2FVrVXmBF4qgLSWEP%2B%2B5TaPJt%2BIEo3jp9ktlM%2F4c3X2QYlnzJY2WC8hkEImDPJh3cv"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
conservativestar.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:55:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103526
etag: W/"6539ab0c-19824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMIrUEJHkJ1u2MxP3Wr56zieGHfzooLdRTfs0pThQjt88nwC79rnDCbHHpXC1ARWrZ7wFUUi5ggnBXBJlkjOwjrU85UsYLmHHLJfGm2iHGK5CoAe2wLjv8ytY92yKroLnKSP2Xc9K2PwgQ1gWRFKcnho"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 823ba0d23ada39e0-FRA

GET
H2 200 widget-areas.min.css
conservativestar.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
1009 B 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.1
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:56:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 373570
etag: W/"6539ab13-d1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56IE9iQ8%2B1CGGMamszQBy2sFw7uchjpqiuA1kvxzW5X1VQL%2BaAwUgLpkn%2F85S%2BmSOG9hjS6hM0lCPdC2Y2rO7iBsDSzw66OO1aPKbdOLGAyOW1XaJ%2FiTV%2BLLtntG4ZKBPgHAcqEa3SqQvLUIjkEn5WHl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 823ba0d23adb39e0-FRA

GET
H2 200 main.min.css
conservativestar.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 29ms
27ms Stylesheet
text/css 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:56:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103526
etag: W/"6539ab13-4c6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3w4fT3eEE5shEkVUNYTTGJ6kRiAYbgIHWZFKg2ZuWVVdKvt5In4w%2FD3cERaoCJ%2Bo5%2BoZBbFoQ3mbo0d6I4KnuHVKBPYbYqo8gSMZh6aGeXyUY0sRxUpLwtLhWWdjB8HxqZZo65oXLNdiw1MWPq%2Bzg3c"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 823ba0d23ade39e0-FRA

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 76ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2Cregular%2Citalic%2C600%2C700&display=swap&ver=3.3.1

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b549e3c2eee89b5a499732b03ac14059a6d771f634a650e10afd1617bc038c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 04:22:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 04:42:19 GMT

GET
H2 200 style-5552.css
conservativestar.com/wp-content/uploads/generateblocks/ 7 KB
2 KB 183ms
182ms Stylesheet
text/css 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/uploads/generateblocks/style-5552.css?ver=1698988395
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0ad9f9b65578330ea72a33d18ff093c33fd38d403b80edaeaa75afa7159cfe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 05:13:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6544816b-1a73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmscygSVQq9NLlxDj3kff3rA233y1N%2FbR6wJn7iOa8UlqAOxJz7XXkVqVd%2BNNru0NUEtg6hf%2B1JZ%2FSxFx4Uixs3R9LyS3wsAIWCeBXRjKzfVTl6laNt8p0HR6zqwgwJVnfmPR9Bq5NdNi%2BRcDslgtGwY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 823ba0d23adf39e0-FRA

GET
H2 200 navigation-branding-flex.min.css
conservativestar.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
932 B 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.3.2
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:55:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103526
etag: W/"6539ab0e-a06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9klG7yV6yN98J9vaVX9%2Bx%2F5jeGY7rBTWEbN%2F8w%2BEd2Em6W%2BIjdvI04jNfuidhfzWfkMriS6pyaDzACMnR6n4yKGqN0mi%2BdAjHlCUIMrdCoUVQEs7%2BxkovZT1x6FYcnB7l3lIpKEze4EFs9q2alvESDUB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 823ba0d23ae039e0-FRA

GET
H2 200 breeze-prefetch-links.min.js Show response
conservativestar.com/wp-content/plugins/breeze/assets/js/js-front-end/ 864 B
807 B 32ms
31ms Script
application/javascript 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.0.31
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f8d9203a084855ec3252ed54409199f6610b7352b507d00d5a01b0b94c0c1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 19:05:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 373570
etag: W/"653d5b7b-360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8aaJsXf7i5S9c4A6cyeK1QfIbl%2FleKfs8VTEJANEeOiZcMLzZZNg9G%2Fsla%2FWvn3KG7e%2BDUJ0q5Oku0ZDzI8a27rWzyZFUfjtWgouu78orVdhhNuI%2Fkd6ut5lZaP4nZwZWsLREzb3nOg4ZP%2BldIGNl5a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 823ba0d23ae239e0-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 82ms
35ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-223124116-14

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73f09c1d3ff3b327ed96ce0395d704a8a2fe061852bc81109817bf6287ebae74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70931
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 04:42:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 89ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3559627262152735&host=ca-host-pub-2644536267352236

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32d128f1e72e5dd55b87e95091c22202bd1086684114c6cf7fee7c00a2889578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
Origin: https://conservativestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53183
x-xss-protection: 0
server: cafe
etag: 5876832532935079882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 04:42:20 GMT

GET
H2 200 menu.min.js Show response
conservativestar.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 32ms
32ms Script
application/javascript 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:56:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 575016
etag: W/"6539ab14-1b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AylbQeB7Ol9RQg40ANrN4ktZf%2BPlZiTFZe9RKF4%2F%2B3N30f9%2FXBhodkBxShTIPvmamd1lwKpwebewAW6kjj%2F6TSlJHWTEgXFLVcXdFBHL%2FXF1gvzUxE%2B5DgZDXXR4Z%2B0%2Fv7AHP2RoXdREpNfWRdXAm6%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 823ba0d23ae339e0-FRA

GET
H2 200 navigation-search.min.js Show response
conservativestar.com/wp-content/themes/generatepress/assets/js/ 2 KB
1 KB 124ms
124ms Script
application/javascript 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.3.1
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:56:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6539ab14-858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSc%2BQZBgWop1QDzuBk6dImZSACJtm66%2FxX9dWX%2FacRm0mr79rzUQS8YbfL2ZdN3Q6lySm2EWO2bZuQEhj3OaSV67L%2BtT%2FI1PGG9NzxWXJmXtzFJWoY4ZQ0BX6I4xOkqg%2FKtbV%2BsyTLIJUiWNTS9HLs4P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 823ba0d23ae439e0-FRA

GET
H2 200 smush-lazy-load.min.js Show response
conservativestar.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 34ms
34ms Script
application/javascript 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.14.2
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:55:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 373570
etag: W/"6539ab0e-1ef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5dSHrS5LWoUTRs0WOXq5u6IYihUQXw5%2F5zY5sLWzQBVz9ufv%2B2nMNF6aA6hkSNbh1sYb1MoG25lAZ5S3RzOHMOD78eA4NM5Y33zkMj4agzTX60hdtkdC4DUlJRnwS9RkXfYRsF5JYLKbEfyPgB7I8iG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 823ba0d24ae539e0-FRA

GET
BLOB 200
OK 3cbcc217-7c71-464c-b7ed-e25b53f9ae0f
https://conservativestar.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://conservativestar.com/3cbcc217-7c71-464c-b7ed-e25b53f9ae0f
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/adaptigo-network/ 761 KB
59 KB 253ms
207ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/adaptigo-network/loader.js
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 674b7a0e283b78e231c3078ba56618d29620f6a893f55f5dd70ffd8d62e9efeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: ekr1xn_rnjDbNwgRQVF7AaErgik__9tR
content-encoding: gzip
via: 1.1 varnish
date: Fri, 10 Nov 2023 04:42:20 GMT
x-amz-request-id: AMF46EYD792VK77K
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 59401
x-amz-id-2: zhuQvsTKFcxErBiFf0CFriyKmAqjT/b9ZNCjau794qxwMgloZjlat2qsVWLJvG1EzUFcO764vmQ=
x-served-by: cache-ams21082-AMS
last-modified: Thu, 09 Nov 2023 12:56:02 GMT
server: AmazonS3
x-timer: S1699591340.124024,VS0,VE177
etag: "790b9cca4580c653ea9d72b2cd7567dd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 analytics.js Show response
stats.wpmucdn.com/ 69 KB
25 KB 1576ms
1508ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wpmucdn.com/analytics.js
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 10/11/2023 14:18:07
cdn-pullzone: 1121147
last-modified: Thu, 10 Feb 2022 17:56:53 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"620551e5-1131c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=86400
cdn-requestid: c7801f9dcd64cf07ff87133b194d6cd5
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 353ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2Cregular%2Citalic%2C600%2C700&display=swap&ver=3.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://conservativestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 37561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:16:19 GMT

GET
H2 200 Conservative-Star-Logo.png
conservativestar.com/wp-content/uploads/2021/10/ 5 KB
6 KB 30ms
27ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2021/10/Conservative-Star-Logo.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520c9e3b6d76999c7bae39f879b577397a4c33365b6b368e329cf90bb31fc3fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:54:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 373570
etag: "6539aab5-15f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZYKZL1Q%2F4jFpegpSWXjWD7IfxMNJlr42PrXNsbDueWS0wYs9VQAohZWhrvqLqUX1to%2BGgv1o3h0Ym9kWDMG18eZSEbVhwA0ClSaNrpMKuh5Z0JPzhh%2FWGl5%2BMkWcHTPp3rqYpFnV1IVPu%2BAMwXRVt3h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0239e0-FRA
content-length: 5621

GET
H2 200 2-juveniles-stabbed-in-Roxbury-0-8-screenshot.png
conservativestar.com/wp-content/uploads/2023/11/ 1 MB
1 MB 1021ms
1018ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/2-juveniles-stabbed-in-Roxbury-0-8-screenshot.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb1ff13c3347e8cb3a9a95de8c9ca8b5f393292fd485f540534b88f20e1d4b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 00:32:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654d7a2c-12b92f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RmfkducHE%2FxPiwm%2FDBE%2BQQEZKJk73WGa0ae78MvRhB4r6auLKsRzpxiBifAfi8pj%2BupNBcmjrxZoR0GRVAHg0kic0z5W2%2BPhHMh3jyiXts59OvfRIJbOW2b7msH1wAq%2ByA3x9aVQVIntsRdldKLxrh%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0139e0-FRA
content-length: 1227055

GET
H2 200 Woman-dies-week-after-being-attacked-by-violent-pack-of-dogs-0-12-screenshot-e1699571485706-300x173.png
conservativestar.com/wp-content/uploads/2023/11/ 112 KB
112 KB 1020ms
1017ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Woman-dies-week-after-being-attacked-by-violent-pack-of-dogs-0-12-screenshot-e1699571485706-300x173.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e24e760d549a8100eadd804691e52fee21fb90b747bee00e618972a8667ba1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 23:11:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654d671e-1bf84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLBQGoJiMDd3LG%2FUZuJX7D4DBSn6xMALbGIcK0Ql%2B71gMCeMLF6l0MIjKQuSbCp1TpZIatJq52EQPGfA4HeGBcZW0qnl9h8AmHcsRYs%2BvkVHgdXMwRGznvo4UrYcpP7HjoB%2F%2B7ss1tEJ4ditLZk%2FBdKs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0439e0-FRA
content-length: 114564

GET
H2 200 College-freshman-from-New-Jersey-critically-injured-in-Nashville-shooting-0-8-screenshot-e1699570018688-300x197.png
conservativestar.com/wp-content/uploads/2023/11/ 81 KB
81 KB 1019ms
1017ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/College-freshman-from-New-Jersey-critically-injured-in-Nashville-shooting-0-8-screenshot-e1699570018688-300x197.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a994f3641189753980fbdf24e1b42982e297286a7fbf91c948baa81fd2b2cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 22:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654d6163-14218"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=242iuGTYxnD9Z2rs%2BATeESNqRCuxquSn8Ydp9hpq05VNHcrLM8yKw17aUy26FezKATpPPXXnC%2FSTST2xrcPIxUM%2FQ66dmJNYJrcvAjYKF17qR8OIG1z2l2zd%2BAdCEIP%2FxCq4tN2JamawfWLPWK%2B7RxJu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0639e0-FRA
content-length: 82456

GET
H2 200 4-shot-near-GSU-including-2-students-_-FOX-5-News-0-47-screenshot-300x179.png
conservativestar.com/wp-content/uploads/2023/11/ 31 KB
31 KB 1018ms
1016ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/4-shot-near-GSU-including-2-students-_-FOX-5-News-0-47-screenshot-300x179.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7522cb16aee820fa21664077c7ab5c3a49ea002f2023751e7abcc62f726e5ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 21:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654d4f91-7a6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mZyb4I%2BD8mqDKWFntBBJ70iMYcw%2BXZ6Hh6Ff7gsJFrtZZPatKC9pRWyBjYVwBCG7pT4%2B5HHmuCwTHyk0Yu%2Fkr99ABoWyBpXv1ES8a8yUV%2FLkCwwnqUVJW%2FbEgGsAraiXLQhePFn3JwhYr7krqKlbphw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0739e0-FRA
content-length: 31342

GET
H2 200 Womans-dismembered-torso-found-in-Encino-dumpster-1-29-screenshot-1.png
conservativestar.com/wp-content/uploads/2023/11/ 782 KB
783 KB 1019ms
1017ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Womans-dismembered-torso-found-in-Encino-dumpster-1-29-screenshot-1.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bab0e8cefd2e3928a4b1672ac9a40a625e44482e2facf7ea2d005b7c045db68b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 18:09:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654d204d-c36cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE%2BmBC4N2ruc06wukF7lBrj6Ovw%2Fu0ObmXF4zLctD7DSsZIyRY9L32217onuEIc3NTObvN8ZsgmDNbh2256vj0ZPLmofVNkUIOa9BGdpNOg%2ByO4Timxi17MCxWgGF9r%2Bzod8XcXDjg4mAZ6dm%2B%2B8OTnv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0839e0-FRA
content-length: 800463

GET
H2 200 Police_-Bullitt-Co.-mother-charged-with-murder-after-her-young-children-were-fatally-shot-0-4-screenshot-1.png
conservativestar.com/wp-content/uploads/2023/11/ 1 MB
1 MB 1017ms
1016ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Police_-Bullitt-Co.-mother-charged-with-murder-after-her-young-children-were-fatally-shot-0-4-screenshot-1.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a8c1f4577bc21dbf8114224493e9b8de6cb5623c86b64e4f29529062f34553

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 15:47:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654cff0e-16f978"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0TkHKl%2BEEFmiS%2BJelDcOsNIlvhOhKeya4bo%2FlfHhGKsUH5%2FhOBjlwMBnLHMJW8k7fZ9YEFuhlm5R3eLXkbwXOMm%2B1vYK6plbe6x%2FQlXW3SoBo8lmexrDhmGKBitfLr7997T9vo2rmQGFfo2oXCoEjiZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0939e0-FRA
content-length: 1505656

GET
H2 200 Single-mom-of-2-shot-dead-using-ATM-in-Chicago-suburb-suspects-linked-to-string-of-armed-robberies-0-22-screenshot.png
conservativestar.com/wp-content/uploads/2023/11/ 1 MB
1 MB 32ms
31ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Single-mom-of-2-shot-dead-using-ATM-in-Chicago-suburb-suspects-linked-to-string-of-armed-robberies-0-22-screenshot.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb17e7721c8cc50eaf7e4e96ae4c234645cb378f0e6a1a6c79de8bbcf5aa77ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 21:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107036
etag: "654bf865-12339e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0UUBs6p3NHGXDFsgNsyklpPH3xOyISV%2FJEzXb64j%2BED5vMFKx7d93xBe9EcxBwAqfeXXNxIkoBJofPkt%2BEDtLF%2FBb9fYsfPt8j2yZvoJwHZ1gLUamvXwTfv2i50k1anH3NV0QMBrIv%2FOI8Kdzl%2FaR38"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0d38c0a39e0-FRA
content-length: 1192862

GET
H2 200 wp-emoji-release.min.js Show response
conservativestar.com/wp-includes/js/ 18 KB
5 KB 1015ms
1014ms Script
application/javascript 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conservativestar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 23:55:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6539ab0e-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovlDJSt%2BY1STypuhYSCngHQuysqkxqVhXE4gwEGdm0BwaUf7wf6QCtQLbmbvIgKkZfdkgSAgMX6IR%2Fiaq8cZaN3INyEwkXcRclQuUqjFVIXluC3NNi3PylCL4Fav%2FdWD805jYL8jA7gxwt3Qd0cexCAC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 823ba0d38c0b39e0-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G0DEH0WRT9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223124116-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51657e62e70217322d0d74dacd4cfd7f34890fed96df6328979880e3f8b947ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:42:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 205ms
101ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223124116-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 03:51:31 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3049
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 10 Nov 2023 05:51:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
74 KB 154ms
154ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2EFLB20LFH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223124116-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

925c5ee21752cc70377c8d2754f86b1229cd3237e2300ddfb10c55c8de3a4f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:42:20 GMT

GET
H2 200 load.js Show response
pm-widget.taboola.com/adaptigo-network/ 3 KB
1 KB 372ms
354ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/adaptigo-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/adaptigo-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 141b346ba9de0f16f5583f75df31c4a58fbdc90e371b290847cf869685191dfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: DrwCXuXWNsYGywdlMf9BnAs30_4ppzCi
content-encoding: gzip
via: 1.1 varnish
date: Fri, 10 Nov 2023 04:42:20 GMT
x-amz-request-id: 0YTVVBY5JNZQSBE7
age: 0
x-cache: MISS
content-length: 1232
x-amz-id-2: xoQpwvt5pdIJw+Xz50JRLXUjhWQ5GLLbkQ/AQZHN2dmhtae3hjQbIiSw1OiLczN9t3VdtDio98M=
x-served-by: cache-ams21082-AMS
last-modified: Wed, 27 Sep 2023 05:41:50 GMT
server: AmazonS3
x-timer: S1699591340.380050,VS0,VE338
etag: "57333abe1cd4dc51ac848f31236faed3"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20231109-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 817 KB
170 KB 13ms
13ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/adaptigo-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c3d81f36dc03519cce27e07bfcbded028976029fd657bf53c6e094dd6e00d43b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: _rn2XQhY9Vhk.CDXBlLiWVY6KSRQNU2k
content-encoding: br
via: 1.1 varnish
date: Fri, 10 Nov 2023 04:42:20 GMT
x-amz-request-id: 807YD79F30PNG8R8
age: 8023
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173215
x-amz-id-2: LTWy/+yGJVvJJFmAd2/9CAfpXLHrhGwO1VZU+im78IGusPlb5CiwskTyN4NU+GQWhA5p2VQWKqc=
x-served-by: cache-ams21082-AMS
last-modified: Thu, 09 Nov 2023 10:20:37 GMT
server: AmazonS3-br
x-timer: S1699591340.361772,VS0,VE0
etag: "9b0d1da371b386f982de4dc25b6e1a2b"
vary: Accept-Encoding
content-type: application/javascript
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1110

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 152ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3559627262152735&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ba73e0c52e4d73461898e6ba7f16c0f755697f0fa94714962b872e80c175752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138451
x-xss-protection: 0
server: cafe
etag: 4559206594523020381
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 04:42:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame F3FB 9 KB
4 KB 401ms
270ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3559627262152735&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 35477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 18:51:03 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 18:51:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 427ms
45ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G0DEH0WRT9&gtm=45je3b81v9112591888&_p=1699591340052&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=785171209.1699591340&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1699591340&sct=1&seg=0&dl=https%3A%2F%2Fconservativestar.com%2F&dt=Conservative%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=850
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0DEH0WRT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://conservativestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 67ms
21ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G0DEH0WRT9&cid=785171209.1699591340&gtm=45je3b81v9112591888&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0DEH0WRT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://conservativestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.ua/ads/ 42 B
408 B 339ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.ua/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G0DEH0WRT9&cid=785171209.1699591340&gtm=45je3b81v9112591888&aip=1&dma=0&gcd=11l1l1l1l1&z=577345227

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
174 B 48ms
47ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2EFLB20LFH&gtm=45je3b81v899093851&_p=1699591340052&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=785171209.1699591340&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699591340&sct=1&seg=0&dl=https%3A%2F%2Fconservativestar.com%2F&dt=Conservative%20Star&en=page_view&_fv=1&_ss=1&_ee=1&tfd=878
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EFLB20LFH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://conservativestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 118ms
33ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 233267
expires: 60

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 26ms
26ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1260776576&t=pageview&_s=1&dl=https%3A%2F%2Fconservativestar.com%2F&ul=en-us&de=UTF-8&dt=Conservative%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=384020202&gjid=1724500853&cid=785171209.1699591340&tid=UA-223124116-14&_gid=715689992.1699591341&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=170006557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:42:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://conservativestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 018F 217 KB
55 KB 277ms
277ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3559627262152735&output=html&adk=1812271804&adf=3025194257&lmt=1699576487&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fconservativestar.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699591340382&bpp=4&bdt=518&idt=309&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2021116390088&frm=20&pv=2&ga_vid=785171209.1699591340&ga_sid=1699591341&ga_hid=1260776576&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079437%2C44795921%2C44801485%2C44807464%2C31078297%2C31079473%2C44808149&oid=2&pvsid=2996925823886324&tmod=1761378046&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdbe8e2a616606e7852540e847fabeda682538746b8bd20f77cf5041b398bf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:42:20 GMT
expires: Fri, 10 Nov 2023 04:42:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/adaptigo-network/ 102 KB
29 KB 42ms
14ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/adaptigo-network/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/adaptigo-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 404eb501b521781a004136536468926c775d5f57aa83324aad0f2aa885804212

Request headers

Referer: https://conservativestar.com/
Origin: https://conservativestar.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: PUybPyIjhi_owg0hNB3knXow4kV46QZQ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 10 Nov 2023 04:42:20 GMT
x-amz-request-id: 02MZ5YFV0A4PNX11
age: 1152648
x-cache: HIT
content-length: 28797
x-amz-id-2: XT+rvYGjTl4Iwtf5HGbM7lVxpKpzKelck7R+OAHpCvB3mNpiNVlQCots8UQmpRSXoPFv+gPQLxI=
x-served-by: cache-ams21054-AMS
last-modified: Wed, 27 Sep 2023 05:41:49 GMT
server: AmazonS3
x-timer: S1699591341.764549,VS0,VE1
etag: "5d5bc91961d40c1b3cace81bec483946"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js?bust=31079473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

945095fd8784ae9d49ad5d67f543cffee77494e53c0a29dd7d3dd7038957348c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55828
x-xss-protection: 0
server: cafe
etag: 3773373257076674172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 04:42:21 GMT

GET
H2 200 ca-pub-3559627262152735 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 193ms
54ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3559627262152735?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b83d1fb7e0d64977753e14cb18c6afd23973f19f4c82c569ca5d45281539ad6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--2_T_lUjYY2O8C5coFlIlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--2_T_lUjYY2O8C5coFlIlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 1448 9 KB
4 KB 267ms
266ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 4629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 03:25:12 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 03:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV5ywLzgMhc_8-GLHH9uy1WnL7LDI_TNLHPtisoYc_QcgdRalLqkZDeWA3XeIv4AxjTl37TNybHjRCmL-v2NhGbYZCHIA3fnK8OuM_wKaNCwzkb3lQPk7hgzS0HzAsJ291xMXMv Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV5ywLzgMhc_8-GLHH9uy1WnL7LDI_TNLHPtisoYc_QcgdRalLqkZDeWA3XeIv4AxjTl37TNybHjRCmL-v2NhGbYZCHIA3fnK8OuM_wKaNCwzkb3lQPk7hgzS0HzAsJ291xMXMv?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NTkxMzQxLDQwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jb25zZXJ2YXRpdmVzdGFyLmNvbS8iLG51bGwsW1s4LCJRbWZ0b21rSHVqZyJdLFs5LCJubCJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.QmftomkHujg.es5.O/am=CAM/d=1/rs=AJlcJMyzPDuL2-SAwlqgfl2QTMxMRq0f_A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ef37fe559a87592fbf19e2084e10cd60f1d2aadc49386295f022260a775862f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-k77pFEhdgwyTxSX9Sulx1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-k77pFEhdgwyTxSX9Sulx1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX0xWyna1UL2z_DRJ5r91tYkhbMidyjmwGMNu_w7YVLm81EdCl3VbFod2ggjpMerFDNUdOE4iihxrVCdUPEz-pBOTK-khxxPl-Q2Bnm1HPF7aSJcP8LonZpNUAg4RK7LmcUTirf Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX0xWyna1UL2z_DRJ5r91tYkhbMidyjmwGMNu_w7YVLm81EdCl3VbFod2ggjpMerFDNUdOE4iihxrVCdUPEz-pBOTK-khxxPl-Q2Bnm1HPF7aSJcP8LonZpNUAg4RK7LmcUTirf?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NTkxMzQxLDQ2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vY29uc2VydmF0aXZlc3Rhci5jb20vIixudWxsLFtbOCwiUW1mdG9ta0h1amciXSxbOSwibmwiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aef3b2453348d39c204347cc3760290569bd236d7bb818ff5ab672e2994fcf42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gEqi-f9ZY1M567ARuUOBkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-gEqi-f9ZY1M567ARuUOBkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1448 4 KB
767 B 55ms
52ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 04:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 03:36:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 04:42:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1448 205 B
517 B 727ms
365ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:40:56 GMT
x-content-type-options: nosniff
age: 86
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Nov 2024 04:40:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1448 604 B
696 B 728ms
366ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 54704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 13:30:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 1448 15 KB
7 KB 462ms
19ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6703
x-xss-protection: 0
server: cafe
etag: 18125926408851158271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 21:51:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 1448 21 KB
9 KB 463ms
20ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 21:51:08 GMT

GET
H2 200 /
stats1.wpmudev.com/track/ 43 B
156 B 486ms
200ms Image
image/gif 3.131.102.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats1.wpmudev.com/track/?action_name=Conservative%20Star&idsite=166972&rec=1&r=400073&h=5&m=42&s=21&url=https%3A%2F%2Fconservativestar.com%2F&_id=9850d97d11ee99ba&_idts=1699591342&_idvc=1&_idn=1&_refts=0&_viewts=1699591342&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=153&pv_id=DGUWwD
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.102.46 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-102-46.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
cache-control: no-store
content-encoding: none
server: nginx
content-length: 43
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 901D 14 KB
1 KB 236ms
236ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 04:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 03:27:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 04:42:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 901D 2 KB
875 B 392ms
40ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:02:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 901D 23 KB
9 KB 388ms
37ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:02:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 24BF 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 901D 3 KB
1 KB 384ms
34ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 901D 20 KB
8 KB 373ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 901D 198 KB
63 KB 385ms
33ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63768
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 04:42:22 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 901D 37 KB
16 KB 311ms
43ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 22:36:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 24BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
29ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:42:23 GMT
expires: Fri, 10 Nov 2023 04:42:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:42:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Shocking-moment-motorist-shoots-dead-two-environmental-protesters-blocking-a-road-0-25-screenshot-1.png
conservativestar.com/wp-content/uploads/2023/11/ 1 MB
1 MB 124ms
123ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Shocking-moment-motorist-shoots-dead-two-environmental-protesters-blocking-a-road-0-25-screenshot-1.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2b0b0518a56293a7bda3e7fdb6ed91846ed3d5233f07abadab1683a7562df5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 20:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103528
etag: "654bf256-135fe3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BZXiSsht42ISJRF3dxeCdr569XYxEU0oYoUXldPJwsMIUshVAjqRSM2xX%2FlbAs5DUfK9wJaBs8BbdGZ6c5hfo5Z9BDLZ8GV6S7lFrx7NpzTGvobRRWi6XyVGsuTySfGSV0lhIJ5sdzpxq%2FXRfVX%2BEQO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0e25eea39e0-FRA
content-length: 1269731

GET
H2 200 TX-mother-stabbed-to-death-in-front-of-child-cop-response-questioned-1-20-screenshot.png
conservativestar.com/wp-content/uploads/2023/11/ 165 KB
165 KB 125ms
124ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/TX-mother-stabbed-to-death-in-front-of-child-cop-response-questioned-1-20-screenshot.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641a065f1145a46e10a4509bd40d0302bbee949a239460741acdb5b013a5b665

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 18:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103528
etag: "654bd754-29298"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4aiHwU49HJ850W8pyO4Dyr5Fu4YgM5sZ6%2B36rN0MGTCUAqEYGfN692f3302g6yvFyIr8n%2F5N%2F4%2BeMjbUfBsIFN2t5UGV2RDDnQ2e6ZXTJdxXp1j20%2F4jsn7x9ZfO3oAVk3strsI1fT%2FFJqtUmTXT1q0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0e25eeb39e0-FRA
content-length: 168600

GET
H2 200 Newlywed-dies-in-Caribbean-honeymoon-mishap-days-after-tying-knot-2-8-screenshot-e1699459430558.png
conservativestar.com/wp-content/uploads/2023/11/ 2 MB
2 MB 124ms
124ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Newlywed-dies-in-Caribbean-honeymoon-mishap-days-after-tying-knot-2-8-screenshot-e1699459430558.png
Requested by: Host: conservativestar.com
URL: https://conservativestar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048b0b687ec3e83f2e34cde43acf0b21f5cbfcf44cce55fbb77f2924edadcd09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 16:03:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107624
etag: "654bb167-18e568"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqpK8y9KDRVIyQRUKEiSGXhlqhjcPYWclAykkVBcIEES7hkvFtAE9%2B1cE%2F79hENCzEJNpygHB4liTv6Othdu7ftHLM3An%2BXmj2adRXAfMtOtdm7hQzOHL8STGRoZV5%2B%2FS8oR0%2BjAApbZ2XzYTFHbLWaj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba0e25eec39e0-FRA
content-length: 1631592

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 36ms
36ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.9579759274825763

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-8pfCB8xK8ywWJf-yxsKnuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-8pfCB8xK8ywWJf-yxsKnuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.496794910242132

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-CdGPDpjgly58s4_YXfy2CQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-CdGPDpjgly58s4_YXfy2CQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq Show response
fundingchoicesmessages.google.com/el/ 0
28 B 73ms
32ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_4yH4m8uSl1cxSP52jqUSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_4yH4m8uSl1cxSP52jqUSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://conservativestar.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dblclickad. Show response
fundingchoicesmessages.google.com/f/AGSKWxXaw7mZx9iH31KF-WniznOv1QNP0SeLQfRdBkuIAR2fLxPIHgJRLFNgxTEbXKSFBLzNJcwvQjiLo_aNHaVCGiMauBnuW3m4VZEE4yi2m25IMzHG2vwSa127rni9woe8Gaxh-gVvGHnsKaNaB1X0AGaQwr6Jy... 54 B
109 B 34ms
34ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXaw7mZx9iH31KF-WniznOv1QNP0SeLQfRdBkuIAR2fLxPIHgJRLFNgxTEbXKSFBLzNJcwvQjiLo_aNHaVCGiMauBnuW3m4VZEE4yi2m25IMzHG2vwSa127rni9woe8Gaxh-gVvGHnsKaNaB1X0AGaQwr6JygkcMC8pZHI2u8baOF8hD6A1mRdci3g=/_/live_ad./cmg_ad./contribute_ad./adsfile./dblclickad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.QmftomkHujg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyH1gmavfTZeYOtTjrh1PT2IKQr0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a15c00b44697ec90954602e724fca95a43f1e66136443b763ef87c8dbece085

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kZciXCiPoAP8mfCgxrN1eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kZciXCiPoAP8mfCgxrN1eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7056ee35245d2a45248788af5dfa633c9bd2245f8d94a2208742bafba791ba23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11374
x-xss-protection: 0
server: cafe
etag: 6911560897263355264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:02:45 GMT

POST
H3 204 AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FNvuHqQ5mhebI7J4HqMNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-FNvuHqQ5mhebI7J4HqMNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://conservativestar.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq Show response
fundingchoicesmessages.google.com/el/ 0
28 B 32ms
32ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ez4RZM1bw1vq9c1VEXtaqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ez4RZM1bw1vq9c1VEXtaqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://conservativestar.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq Show response
fundingchoicesmessages.google.com/el/ 0
28 B 61ms
60ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xFFcF8kHeq5hzb48x7DVMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-xFFcF8kHeq5hzb48x7DVMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://conservativestar.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq Show response
fundingchoicesmessages.google.com/el/ 0
28 B 67ms
66ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gA_YMADUzetInyLzLuBJ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-gA_YMADUzetInyLzLuBJ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://conservativestar.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUufRkqp7r7OOagLhhMmk9s1Hzr_m83ZWqvz8WHrk7kDipU-8sYt22uYt9n_N5NNTokOzBf0_lT8pVReszRTgW8Bj8Xy3ycuA1kqIz0_TqN_XuSc1fTg3xFVkeugkxyJ0Uu3EO7 Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUufRkqp7r7OOagLhhMmk9s1Hzr_m83ZWqvz8WHrk7kDipU-8sYt22uYt9n_N5NNTokOzBf0_lT8pVReszRTgW8Bj8Xy3ycuA1kqIz0_TqN_XuSc1fTg3xFVkeugkxyJ0Uu3EO7?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NTkxMzQzLDcwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9jb25zZXJ2YXRpdmVzdGFyLmNvbS8iLG51bGwsW1s4LCJRbWZ0b21rSHVqZyJdLFs5LCJubCJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

072bec5d1c3ce22e62e9d44c8f5c67e35b2bc1f4a89e415ab415687e0a228a2c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EKM6KlDsUY9E6DUYQ1hUYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EKM6KlDsUY9E6DUYQ1hUYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame C780 38 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: conservativestar.com
URL: https://conservativestar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 21:28:26 GMT

POST
H3 204 AGSKWxVCx3_4T2tCkmyAUCzmgR9vkiln_5F7mgJ_BtGAyU4eCVIB7ANkQ_FZiUzQ8u5RlnijFHDZv_ECwh4IoB5OGGw77kGxxlq1rd2CEx8eeBLtGXVCrpJNrfWFnR41Gh1URHpPTIfr Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVCx3_4T2tCkmyAUCzmgR9vkiln_5F7mgJ_BtGAyU4eCVIB7ANkQ_FZiUzQ8u5RlnijFHDZv_ECwh4IoB5OGGw77kGxxlq1rd2CEx8eeBLtGXVCrpJNrfWFnR41Gh1URHpPTIfr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bJBZ8XoN7Zu0fF0mQIwgPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-bJBZ8XoN7Zu0fF0mQIwgPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://conservativestar.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
69ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWicLuh2vUQqq3zLXK4hWZREDRBLI2Zv_fOWiY3ucRGyahP_MCFuBAzbeZPvDY0Y_c24U_yAMMwIkDS2iXOJW-zWvIgCVFf1MZxQTUNvYtKM47dXTCSJH1a5cDhcg-VIf8eswwq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9c15iNouccNQhJ9VNBA9hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 04:42:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9c15iNouccNQhJ9VNBA9hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://conservativestar.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G0DEH0WRT9&gtm=45je3b81v9112591888&_p=1699591340052&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=785171209.1699591340&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&_s=2&sid=1699591340&sct=1&seg=0&dl=https%3A%2F%2Fconservativestar.com%2F&dt=Conservative%20Star&en=ad_impression&ep.query_id=CPfwgpHPuIIDFYwC4Aod1rMC7A&_et=1736&tfd=7587
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0DEH0WRT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:42:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://conservativestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 37ms
36ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67484e8e973be8ae40007c916ca19a673f3cf5409ed04e07fd32bafc297b367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12131
x-xss-protection: 0

GET
H2 200 Police-1-2-screenshot-1.png
conservativestar.com/wp-content/uploads/2023/11/ 664 KB
665 KB 30ms
29ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Police-1-2-screenshot-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8109a764490d5d2d2751b875e0be8796ae99e37fb4c698cd051248294754cf59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:39 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 09:38:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103544
etag: "654b571f-a5f4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3vy8%2BxnA3tcxhOwT%2BXOw4HT4w%2B9qcfE62DYH8SdEKNly2oMM7jYdlIXA7bQtGagCJmv5ihIuIG3OuCSKytBJvXoK1KYhZO7YOxo0HTIHCYpg1tQ%2B%2BoXFFWOABpl7ldvPzl5zOddzGyF9NWw4y%2F5851Y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba14c9fd839e0-FRA
content-length: 679755

GET
H2 200 Gwinnett-County-teacher-arrested-for-death-of-toddler-0-12-screenshot.png
conservativestar.com/wp-content/uploads/2023/11/ 1 MB
0 288ms
287ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/Gwinnett-County-teacher-arrested-for-death-of-toddler-0-12-screenshot.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:39 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:54:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654ab221-13c250"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaHQEejq3ma3Zca7z10QeJz9uPNuv5WQPE%2B0c72hOU2IxXRO1YjS46l%2Fl1n7FxqEciJleu%2F6aK1hdZCc90Cp3WFGT8g2is%2BpPswYVPlTeX7VDQiKBf6Ff7%2BizM8P16X9iYrLDe5PgUvy3lnvzKdU%2FN4i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba14c9fda39e0-FRA
content-length: 1294928

GET
H2 200 5-year-old-boy-stabbed-in-Newark-mother-taken-into-custody-0-37-screenshot.png
conservativestar.com/wp-content/uploads/2023/11/ 435 KB
436 KB 288ms
287ms Image
image/png 2606:4700:20::681a:37e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conservativestar.com/wp-content/uploads/2023/11/5-year-old-boy-stabbed-in-Newark-mother-taken-into-custody-0-37-screenshot.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:37e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b045e90907a78289e38b0e175205002151442be3c5ddc8eeda5168ea4100fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:39 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 18:40:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654a8490-6cb9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdQWhmcedSqajepfKmBt31kZqvcx8fiw8RZFmQud2%2BW9rY0LgwBXjVNTht%2Bz3h0tq3L23TaO82XwCkNHf0R4kP9Uc7Dtbu8aQ8QTWCwg4hd3P%2FpATJH%2BDEaKObpoehUxoHADmpJxvnJQF0Qsbn5LyLiO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823ba14c9fdb39e0-FRA
content-length: 445341

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
33ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 04:42:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A872 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://conservativestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:39:10 GMT
expires: Sat, 09 Nov 2024 04:39:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F283 829 B
994 B 273ms
273ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4535c49a645129b908fc3231621e329ebe2c86f2d6fd5b2c4b60e77104c17080

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_P-B4ltozeIV-odFt32iaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://conservativestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_P-B4ltozeIV-odFt32iaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:42:39 GMT
expires: Fri, 10 Nov 2023 04:42:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame A872 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 22:46:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F283 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=2996925823886324&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A872 0
10 B 67ms
66ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tzn27w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:42:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=2996925823886324&bg=!OzilOHfNAAZxrfrxUa07ADQBe5WfOApVyJpKdPv4uJLAj5tE1R1Z-UNDS3yDruw9efIGjXDHtVBQsKy-3IHXAnm0eoSKAgAAAFJSAAAAC2gBB5kCvSkukvXPap_KU9V7jeFJOtYcSBw2FzfrVaSirfkeieana5DZOU_lMP-vKjla3EtlXqcNNB43DuxiZQ3YNbJTJT6VzDpo3VC-__KUx6N7F65fTEFKPJjPEHKtbwgESkpRhlEQcnBFgxIvbIW5PER08zGFF6YRngXmenm1kTOQdTwWwVaStFP6Q3yoEc1UvffhC9q2BRTID9Yio7MP0nZosjYtzCIQGjsELazY1C-Sx5k6cWfYRSqGNIhbThUPQmoi7Q83JHh0J49AESTGI4cKU7Duj562MYZ22uEXzAUBj-OpreESnMGKXGDtq7Wwfh4cmRGBYCRtZfSLcC8jojQuqYBnfARkkRhMNd2gCytHSMudr3bA0nGyRq4kdLKsGLY6-uwi3ZvLzyjtMHYhJfHx35br7LnxcyaZsk86HTI7CxHv3Pscf3qNBvkix0uLRr5IPYzu8k73c570PkPAFC3upIxy13to-BkXWSyI4iQCcux9AcC9G3GlGQi6WK_EXa9EXb7j4OkUEsuI6hTm8TtKryo3ZVQjfPqx3JEANkaGLjBuDMXz4y8lQmOLiMUyHopSUSHfqBvhwmKYonhaMCCDZ_Bp0TxUkiskKgIePkILa0lQGhnQFrPiZQ6O2RQ1CYMO_REHSj7Xi_r27ClMag4LW6HkmALweVMiW7LfwuGi_9NzYGXYE7ds1y83YfTEHPyDsD0LH5FxLxZ6ymNj3c2WpoYQbBLqPCpd-W4YcG-WW754VH_fjTTtbXSxsJ0zT5bpjSNBiHUBYcXSg6cYI1QWqpXWdmy6CLIWmnR1wjIvsd--MA9eIi9ZbHbeRXWJcwZITs6iageAIfejFS5PQpG5vG4Dgf6bOdBtPLmiDGkt9pSxdw1YhxBj24x5gWz7BeSCOBUqLN0jpauCEcvAdhb5IBjAfvaD6dCNQhhFmZ9Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://conservativestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.conservativestar.com/	1970-01-21 01:42:31	Name: _ga_2EFLB20LFH Value: GS1.1.1699591340.1.0.1699591340.0.0.0
.conservativestar.com/	1970-01-21 01:42:31	Name: _ga Value: GA1.2.785171209.1699591340
.conservativestar.com/	1970-01-20 16:07:57	Name: _gid Value: GA1.2.715689992.1699591341
.conservativestar.com/	1970-01-20 16:06:31	Name: _gat_gtag_UA_223124116_14 Value: 1
.doubleclick.net/	1970-01-20 16:06:32	Name: test_cookie Value: CheckForPermission
conservativestar.com/	1970-01-21 01:32:26	Name: _pk_id.166972.5457 Value: 9850d97d11ee99ba.1699591342.1.1699591342.1699591342.
conservativestar.com/	1970-01-20 16:06:33	Name: _pk_ses.166972.5457 Value: 1
.conservativestar.com/	1970-01-21 01:28:07	Name: __gads Value: ID=863bf6fd0c13555d:T=1699591340:RT=1699591340:S=ALNI_MbX05W1RopYV6VIMGK2RFxXSZ0VPQ
.conservativestar.com/	1970-01-21 01:28:07	Name: __gpi Value: UID=00000cbf5d7394a0:T=1699591340:RT=1699591340:S=ALNI_MYhNJKrz0QJ_eD_kakS9j18sPGusQ
.conservativestar.com/	1970-01-21 01:42:31	Name: _ga_G0DEH0WRT9 Value: GS1.1.1699591340.1.0.1699591342.58.0.0
.doubleclick.net/	1970-01-20 16:06:34	Name: DSID Value: NO_DATA
.conservativestar.com/	1970-01-21 00:52:07	Name: FCNEC Value: %5B%5B%22AKsRol9hnoy36hASHE7S4ssbMDTYy-2VMJ3yiDPA64YFjULcWl3oGdyT6r2OVHa9vf-CDGcaEt8dsHKmlk4XF0JiUzA0We15xwRusnYjCweXqm5UBg3RotkxbYI2_3kSvqDShCUhTszocWwiIRP5XjRdNJDz5TywLA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.taboola.com
conservativestar.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
newsreadynow.com
pagead2.googlesyndication.com
pm-widget.taboola.com
stats.g.doubleclick.net
stats.wpmucdn.com
stats1.wpmudev.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.com.ua
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.185.193
151.101.1.44
151.101.65.44
2400:52e0:1e00::1082:1
2606:4700:20::681a:37e
2a00:1450:4001:802::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9c
2a02:2638:3::c
2a06:98c1:3121::3
3.131.102.46
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
048b0b687ec3e83f2e34cde43acf0b21f5cbfcf44cce55fbb77f2924edadcd09
072bec5d1c3ce22e62e9d44c8f5c67e35b2bc1f4a89e415ab415687e0a228a2c
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
141b346ba9de0f16f5583f75df31c4a58fbdc90e371b290847cf869685191dfc
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b83d1fb7e0d64977753e14cb18c6afd23973f19f4c82c569ca5d45281539ad6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d128f1e72e5dd55b87e95091c22202bd1086684114c6cf7fee7c00a2889578
3ef37fe559a87592fbf19e2084e10cd60f1d2aadc49386295f022260a775862f
404eb501b521781a004136536468926c775d5f57aa83324aad0f2aa885804212
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4535c49a645129b908fc3231621e329ebe2c86f2d6fd5b2c4b60e77104c17080
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4ba73e0c52e4d73461898e6ba7f16c0f755697f0fa94714962b872e80c175752
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f2b0b0518a56293a7bda3e7fdb6ed91846ed3d5233f07abadab1683a7562df5
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51657e62e70217322d0d74dacd4cfd7f34890fed96df6328979880e3f8b947ea
520c9e3b6d76999c7bae39f879b577397a4c33365b6b368e329cf90bb31fc3fa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
641a065f1145a46e10a4509bd40d0302bbee949a239460741acdb5b013a5b665
64a8c1f4577bc21dbf8114224493e9b8de6cb5623c86b64e4f29529062f34553
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
674b7a0e283b78e231c3078ba56618d29620f6a893f55f5dd70ffd8d62e9efeb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fee84411ea75ca922b144b7b09481d048e7eee21b3d3e5231480590b0b8d77b
7056ee35245d2a45248788af5dfa633c9bd2245f8d94a2208742bafba791ba23
73f09c1d3ff3b327ed96ce0395d704a8a2fe061852bc81109817bf6287ebae74
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
7e24e760d549a8100eadd804691e52fee21fb90b747bee00e618972a8667ba1a
8109a764490d5d2d2751b875e0be8796ae99e37fb4c698cd051248294754cf59
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
8a15c00b44697ec90954602e724fca95a43f1e66136443b763ef87c8dbece085
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
925c5ee21752cc70377c8d2754f86b1229cd3237e2300ddfb10c55c8de3a4f16
945095fd8784ae9d49ad5d67f543cffee77494e53c0a29dd7d3dd7038957348c
95a994f3641189753980fbdf24e1b42982e297286a7fbf91c948baa81fd2b2cc
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aef3b2453348d39c204347cc3760290569bd236d7bb818ff5ab672e2994fcf42
b0b045e90907a78289e38b0e175205002151442be3c5ddc8eeda5168ea4100fd
b549e3c2eee89b5a499732b03ac14059a6d771f634a650e10afd1617bc038c84
bab0e8cefd2e3928a4b1672ac9a40a625e44482e2facf7ea2d005b7c045db68b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c3d81f36dc03519cce27e07bfcbded028976029fd657bf53c6e094dd6e00d43b
d7522cb16aee820fa21664077c7ab5c3a49ea002f2023751e7abcc62f726e5ff
de0ad9f9b65578330ea72a33d18ff093c33fd38d403b80edaeaa75afa7159cfe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0f8d9203a084855ec3252ed54409199f6610b7352b507d00d5a01b0b94c0c1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67484e8e973be8ae40007c916ca19a673f3cf5409ed04e07fd32bafc297b367
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
eb17e7721c8cc50eaf7e4e96ae4c234645cb378f0e6a1a6c79de8bbcf5aa77ad
ebb1ff13c3347e8cb3a9a95de8c9ca8b5f393292fd485f540534b88f20e1d4b2
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
fdbe8e2a616606e7852540e847fabeda682538746b8bd20f77cf5041b398bf68

conservativestar.com Open in urlscan Pro 2606:4700:20::681a:37e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

75 %IPv6

15 Domains

21 Subdomains

20 IPs

4 Countries

10135 kBTransfer

14340 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

conservativestar.com Open in urlscan Pro
2606:4700:20::681a:37e Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

75 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

10135 kB
Transfer

14340 kB
Size

12
Cookies

89 HTTP transactions
1 data transactions