se1.iran22.fun Open in urlscan Pro
104.21.17.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://se1.iran22.fun/
Submission: On February 14 via api (February 14th 2024, 4:41:50 pm UTC) from US — Scanned from US

Summary HTTP 238 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 63 IPs in 2 countries across 44 domains to perform 238 HTTP transactions. The main IP is 104.21.17.14, located in and belongs to CLOUDFLARENET, US. The main domain is se1.iran22.fun.
TLS certificate: Issued by GTS CA 1P5 on February 11th 2024. Valid for: 3 months.

This is the only time se1.iran22.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.17.14 104.21.17.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.22.75.216 104.22.75.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.160.43.93 34.160.43.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	142.250.65.225 142.250.65.225	15169 (GOOGLE) (GOOGLE)
1	172.253.62.84 172.253.62.84	15169 (GOOGLE) (GOOGLE)
6	142.250.80.78 142.250.80.78	15169 (GOOGLE) (GOOGLE)
15	18.173.166.2 18.173.166.2	16509 (AMAZON-02) (AMAZON-02)
1	172.64.146.86 172.64.146.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.170 142.251.40.170	15169 (GOOGLE) (GOOGLE)
10	142.251.40.232 142.251.40.232	15169 (GOOGLE) (GOOGLE)
1	13.226.34.55 13.226.34.55	16509 (AMAZON-02) (AMAZON-02)
3	18.238.63.215 18.238.63.215	16509 (AMAZON-02) (AMAZON-02)
1	129.158.208.173 129.158.208.173	() ()
1	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
3	142.250.80.3 142.250.80.3	15169 (GOOGLE) (GOOGLE)
2	34.149.155.241 34.149.155.241	() ()
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.3.70 104.26.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
3	54.148.119.109 54.148.119.109	16509 (AMAZON-02) (AMAZON-02)
6	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.65.206 142.250.65.206	15169 (GOOGLE) (GOOGLE)
8	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
2	63.140.37.206 63.140.37.206	16509 (AMAZON-02) (AMAZON-02)
1 1	34.232.236.171 34.232.236.171	14618 (AMAZON-AES) (AMAZON-AES)
1	104.22.61.90 104.22.61.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.16.122.175 104.16.122.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.132.67 18.173.132.67	16509 (AMAZON-02) (AMAZON-02)
2	54.208.255.188 54.208.255.188	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.54.29 108.139.54.29	16509 (AMAZON-02) (AMAZON-02)
1	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
4	13.226.38.199 13.226.38.199	16509 (AMAZON-02) (AMAZON-02)
1	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
2	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	104.117.182.33 104.117.182.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.79.84.247 104.79.84.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.238.59.145 18.238.59.145	() ()
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
3	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
4	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
32	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
1 2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
1	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1 3	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	52.218.132.152 52.218.132.152	16509 (AMAZON-02) (AMAZON-02)
1	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.164.101.60 18.164.101.60	16509 (AMAZON-02) (AMAZON-02)
4	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2	142.250.72.100 142.250.72.100	15169 (GOOGLE) (GOOGLE)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	54.82.140.179 54.82.140.179	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
5	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1	35.155.246.37 35.155.246.37	16509 (AMAZON-02) (AMAZON-02)
238	63

6 104.21.17.14 (None, )

ASN13335 (CLOUDFLARENET, US)

se1.iran22.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.75.216 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.43.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.43.160.34.bc.googleusercontent.com

thestar.solutions.cdn.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.84 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.173.166.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-166-2.mia3.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.86 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.40.232 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-55.ewr53.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.63.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-63-215.jfk52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.158.208.173 (Ashburn, United States)

ASN- ()

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.155.241 (Kansas City, United States)

ASN- ()
PTR: 241.155.149.34.bc.googleusercontent.com

thestar.cloud.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.184 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.148.119.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-119-109.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.37.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-37-206.data.adobedc.net

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.236.171 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-236-171.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.61.90 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.122.175 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-67.jfk52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.255.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-255-188.compute-1.amazonaws.com

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.54.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-54-29.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.182.33 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-33.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.79.84.247 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-84-247.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.59.145 (United States)

ASN- ()
PTR: server-18-238-59-145.jfk52.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.96.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.132.152 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.140.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-140-179.compute-1.amazonaws.com

mia-placement-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.246.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-246-37.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 23151	769 KB
33	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 14018 query.petametrics.com — Cisco Umbrella Rank: 14688	256 KB
18	thestar.com resources.thestar.com — Cisco Umbrella Rank: 254398 www.thestar.com — Cisco Umbrella Rank: 230928 s.thestar.com — Cisco Umbrella Rank: 376525	109 KB
13	google.com accounts.google.com — Cisco Umbrella Rank: 30 news.google.com — Cisco Umbrella Rank: 6359 ampcid.google.com — Cisco Umbrella Rank: 3038 analytics.google.com — Cisco Umbrella Rank: 177 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 122	156 KB
13	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 ad.doubleclick.net — Cisco Umbrella Rank: 149 stats.g.doubleclick.net — Cisco Umbrella Rank: 113 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 486635 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	182 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	280 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	778 KB
9	googlesyndication.com fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	42 KB
6	permutive.com api.permutive.com — Cisco Umbrella Rank: 2355	846 B
6	iran22.fun se1.iran22.fun	97 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 391 www.linkedin.com — Cisco Umbrella Rank: 643	2 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 303 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 624 aax.amazon-adsystem.com — Cisco Umbrella Rank: 407	77 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 927	5 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1944	35 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 192	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 409	14 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 250 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 385090	5 KB
3	optable.co thestar.solutions.cdn.optable.co — Cisco Umbrella Rank: 473029 thestar.cloud.optable.co — Cisco Umbrella Rank: 336080	7 KB
3	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1023 api.btloader.com — Cisco Umbrella Rank: 1108	18 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3135 p1.parsely.com — Cisco Umbrella Rank: 2444	26 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 990	20 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1036	16 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1250	10 KB
2	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 13427	565 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 931	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1074	1 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1354	173 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1487	637 B
1	rubiconproject.com mia-placement-server.rubiconproject.com — Cisco Umbrella Rank: 49943	178 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 317	65 KB
1	amazonaws.com s3.us-west-2.amazonaws.com	35 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 935	725 B
1	t.co t.co — Cisco Umbrella Rank: 641	375 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 916	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1406	517 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 272	699 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 507891	216 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 350508	103 B
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 13368	201 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 362218	129 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 381	10 KB
238	44

	Domain	Requested by
57	bloximages.chicago2.vip.townnews.com	se1.iran22.fun bloximages.chicago2.vip.townnews.com
32	query.petametrics.com	cdn.petametrics.com se1.iran22.fun
15	resources.thestar.com	se1.iran22.fun resources.thestar.com
10	www.googletagmanager.com	se1.iran22.fun www.googletagmanager.com
8	www.gstatic.com	news.google.com www.gstatic.com
6	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6	news.google.com	se1.iran22.fun news.google.com www.gstatic.com
6	securepubads.g.doubleclick.net	se1.iran22.fun securepubads.g.doubleclick.net www.googletagservices.com
6	se1.iran22.fun	se1.iran22.fun
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.google.com
4	ct.pinterest.com	s.pinimg.com se1.iran22.fun
4	px.ads.linkedin.com	2 redirects se1.iran22.fun snap.licdn.com
4	cdn.segment.com	se1.iran22.fun cdn.segment.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects se1.iran22.fun
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	se1.iran22.fun bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	se1.iran22.fun c.amazon-adsystem.com
2	www.google.com	se1.iran22.fun tpc.googlesyndication.com
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	s.pinimg.com	se1.iran22.fun s.pinimg.com
2	snap.licdn.com	se1.iran22.fun snap.licdn.com
2	www.redditstatic.com	se1.iran22.fun www.redditstatic.com
2	api.viafoura.co	cdn.viafoura.net
2	unpkg.com	1 redirects se1.iran22.fun
2	s.thestar.com	resources.thestar.com se1.iran22.fun
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dpm.demdex.net	resources.thestar.com se1.iran22.fun
2	ad-delivery.net	se1.iran22.fun
2	thestar.cloud.optable.co	thestar.solutions.cdn.optable.co
2	btloader.com	1 redirects se1.iran22.fun
1	api.segment.io	cdn.segment.com
1	p1.parsely.com	se1.iran22.fun
1	alb.reddit.com	se1.iran22.fun
1	mia-placement-server.rubiconproject.com	s3.us-west-2.amazonaws.com
1	adservice.google.com	10230056.fls.doubleclick.net
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	www.linkedin.com	1 redirects
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	s3.us-west-2.amazonaws.com	securepubads.g.doubleclick.net
1	analytics.twitter.com	se1.iran22.fun
1	t.co	se1.iran22.fun
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d1z2jf7jlzjs58.cloudfront.net	se1.iran22.fun
1	static.ads-twitter.com	se1.iran22.fun
1	ampcid.google.com	www.google-analytics.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.petametrics.com	bloximages.chicago2.vip.townnews.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	ad.doubleclick.net	se1.iran22.fun
1	api.btloader.com	btloader.com
1	ib.adnxs.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	www.thestar.com	se1.iran22.fun
1	torstar.gscontxt.net	se1.iran22.fun
1	cdn.viafoura.net	se1.iran22.fun
1	fonts.googleapis.com	se1.iran22.fun
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	se1.iran22.fun
1	accounts.google.com	se1.iran22.fun
1	cdn.ampproject.org	se1.iran22.fun
1	thestar.solutions.cdn.optable.co	se1.iran22.fun
238	66

This site contains links to these domains. Also see Links.

Domain
torontostar.pressreader.com
www.northstarbets.ca
readerschoice.thestar.com
obituaries.thestar.com
diversions.thestar.com
www.thestar.com
www.tsoffers.ca
toriservices.newscyclecloud.com
careers.smartrecruiters.com
thestarepaper.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
www.microsoft.com
www.google.com
www.mozilla.org
notices.torstar.com

Subject Issuer	Validity	Valid
iran22.fun GTS CA 1P5	`2024-02-11` - `2024-05-11`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
thestar.solutions.cdn.optable.co GTS CA 1D4	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.thestar.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
viafoura.com Amazon RSA 2048 M02	`2023-08-08` - `2024-09-06`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-12-09`	a year	crt.sh
thestar.com GTS CA 1P5	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
join.ca.optable.co R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.prmutv.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
api.permutive.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
s.thestar.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
cdn.petametrics.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.liftigniter.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-16` - `2025-01-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-01-23` - `2024-12-31`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://se1.iran22.fun/
Frame ID: 0EFB2E5CCE2796EE94FA7A54EBBE1FA4
Requests: 209 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1707928901494&publicationId=thestar.com
Frame ID: F1A316294D96014E1A1CD37EDD6F6DD4
Requests: 11 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 6C221D1C89D672035D723DD8339CFE6B
Requests: 1 HTTP requests in this frame

Frame: https://fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A273BAEFCFE0FFF4F347CE9EE6860EE
Requests: 1 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F
Frame ID: 23C5D1956194AAC508AFD2196EB312F1
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDa1FD8AuGdCeGrOtCCy5-EUqmSDbN4LBsRzU77gWk6dsJdNY6k72x_Aagxb3OD7hX3xPHT1sBaKD9Bdkp8Mj_VqA-f5zfLVec-BkpNDYlxvZQ1IQcTIYpzOX0LZ4wyuqsyGScmi-l2uDZib41_cPsJmaUWh19l9FFUikxDJIVqLHzV5wFbBhO500bB5ns97R0qiM9L2sIBM2SEN9F9kTvoEhe9yePtW4b4HJhM3HXkm9Z-XqEO7vQ9UK91qRG_Is5awRbHi23UP-lMnssH3gMj9bp5mvhOMHa2HyEOGzfSbWrIrfzjNn9SK8mwtONGTOo0w8RyS1Rj3vRdBIGgWI8JCb7mP3qvufbbdk&sai=AMfl-YQ3xOkmaGD2zCERPMvH9jxG4rJkiKZy3zi6ZcF2eM61i7bX3LkAxyrBTLtuVXIBarolUaK2Dkuf3_xA6yLsJTQKZp6xzo2IMB6ueba7ldgAG20pFNq7HvzT5Z5xqNP5pc3zLDC20HS20qfLUHorbT-V&sig=Cg0ArKJSzG_ycG_UbSY9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BDA903795E870778CCB383297766803C
Requests: 7 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2D7A6905151A15C8A8923A72B08908B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 217BF71BB108DCC0CBADCF2C1E4FF282
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28E0821C66A9935F109B9E61869C599E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking News - Headlines & Top Stories | The Star

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

238
Requests

96 %
HTTPS

0 %
IPv6

44
Domains

66
Subdomains

63
IPs

2
Countries

3394 kB
Transfer

11016 kB
Size

44
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: https://torontostar.pressreader.com/
Title: Today's paper

Search URL Search Domain Scan URL

URL: https://www.northstarbets.ca/page?key=ej0xMzUyNzc3NCZsPTEzNTI3NzcyJnA9MzQ2MQ%3D%3D&ut[%E2%80%A6]hStarBets__&utm_content=custom/tracking_sportsbettinglogo
Title: Betting

Search URL Search Domain Scan URL

URL: https://readerschoice.thestar.com/readerschoice-toronto/
Title: Readers’ Choice Awards

Search URL Search Domain Scan URL

URL: https://obituaries.thestar.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: Fun & Games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: Comics

Search URL Search Domain Scan URL

URL: https://www.thestar.com/subscribe/swg-ann/
Title: SALE: Only $1.20/week! Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/provincial/doug-ford-government-scrapping-licence-plate-renewals/article_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html?li_source=LI&li_medium=Recommended

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/world/united-states/milwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana/article_7831e0ef-bc55-5744-b8cb-b51dde97799f.html?li_source=LI&li_medium=Recommended

Search URL Search Domain Scan URL

URL: https://www.thestar.com/business/ctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what/article_abe5d964-c6ab-11ee-800a-0b227e178666.html?li_source=LI&li_medium=Recommended

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/relationships/i-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i/article_dd83c28c-bb99-11ee-bad1-871e3dde352d.html?li_source=LI&li_medium=Recommended

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/king-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us/article_87ee48bc-c9de-11ee-9f52-bbb781632a44.html?li_source=LI&li_medium=Recommended

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/gta/heres-how-much-snow-is-coming-to-toronto-this-week/article_4dae5c8a-ca76-11ee-9a69-9b5343fdb8e1.html?li_source=LI&li_medium=Recommended

Search URL Search Domain Scan URL

URL: https://www.thestar.com/business/a-canada-thing-popular-menu-hack-convinces-a-w-to-offer-south-asian-style-sandwich/article_f1ef04f6-b0e7-5565-ab16-de5a244618d4.html?li_source=LI&li_medium=business
Title: 'A Canada thing': Popular menu hack convinces A&W to offer South Asian-style sandwich

Search URL Search Domain Scan URL

URL: https://www.thestar.com/business/opinion/where-are-you-more-productive-in-the-office-or-working-remotely-the-verdict-is-in/article_b040c3b2-c083-11ee-86d8-03f3af704357.html?li_source=LI&li_medium=business
Title: Where are you more productive, in the office or working remotely? The verdict is in …

Search URL Search Domain Scan URL

URL: https://www.thestar.com/business/how-much-are-canadians-paying-per-month-on-average-to-own-a-car-heres-what/article_a457f8e2-c2bb-11ee-b93b-2f3e8fa2fb1d.html?li_source=LI&li_medium=business
Title: How much are Canadians paying per month on average to own a car? Here's what one report found

Search URL Search Domain Scan URL

URL: https://www.thestar.com/business/cpa-canada-cuts-20-of-workforce-ahead-of-split-with-ontario-and-quebec/article_aa531dc3-03f9-5823-98e7-41c40200176a.html?li_source=LI&li_medium=business
Title: CPA Canada cuts 20% of workforce ahead of split with Ontario and Quebec

Search URL Search Domain Scan URL

URL: https://www.thestar.com/business/not-a-viable-business-anymore-bell-media-selling-45-radio-stations-amid-layoffs/article_59a7d1cd-4fb8-5494-9dd6-01b6d3b96364.html?li_source=LI&li_medium=business
Title: 'Not a viable business anymore': Bell Media selling 45 radio stations amid layoffs

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/protest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau/article_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html?li_source=LI&li_medium=canada

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/canada-has-a-car-theft-epidemic-here-are-simple-ways-to-protect-your-vehicle-from/article_356e7786-ca76-11ee-ab3b-630b7f0e0162.html?li_source=LI&li_medium=canada
Title: Canada has a car theft epidemic. Here are simple ways to protect your vehicle from being stolen

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/slain-manitoba-family-identified-in-obituary-remembered-as-beautiful-souls/article_be5acf86-b2ba-52d4-8187-4bfc316a7203.html?li_source=LI&li_medium=canada
Title: Slain Manitoba family identified in obituary, remembered as beautiful souls

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/ford-government-facing-lawsuit-over-expansion-of-pickering-care-home-where-dozens-died-during-covid/article_6e8ad4ee-ca7e-11ee-9118-a7c929cdd23a.html?li_source=LI&li_medium=canada
Title: Ford government facing lawsuit over expansion of Pickering care home where dozens died during COVID

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/anger-in-n-l-after-rental-company-links-song-ise-the-b-y-with-squealing/article_f7f66334-53dd-58d1-afe5-5456aee36528.html?li_source=LI&li_medium=canada
Title: Anger in N.L. after rental company links song 'I'se the B’y' with squealing livestock

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/historic-n-s-storm-woman-dies-after-snow-falls-on-propane-line-outside-seniors-home/article_648ac784-ffbc-5fe0-9463-465fa6a38914.html?li_source=LI&li_medium=canada
Title: Historic N.S. storm: Woman dies after snow falls on propane line outside seniors home

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/canada/canada-cant-find-a-way-out-for-palestinians-who-grow-desperate-in-gaza-where-will/article_2d2225da-c78a-11ee-a97f-1bc46444291a.html?li_source=LI&li_medium=canada
Title: Canada can't find a way out for Palestinians who grow desperate in Gaza: 'Where will we go? Where will we run?'

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/provincial/doug-ford-government-scrapping-licence-plate-renewals/article_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html?li_source=LI&li_medium=politics

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/conservative-motion-backed-by-ndp-produced-40m-in-regulatory-relief-for-bell/article_2bc47172-5c9b-53a6-bc84-b8f3aa1c335f.html?li_source=LI&li_medium=politics
Title: Conservative motion, backed by NDP, produced $40M in regulatory relief for Bell

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/political-opinion/pierre-poilievre-can-dish-it-out-why-cant-he-take-it/article_541f230e-c9e2-11ee-bb71-77dfb5e88928.html?li_source=LI&li_medium=politics
Title: Pierre Poilievre can dish it out. Why can't he take it?

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/federal/toronto-conservatives-accuse-federal-party-of-undemocratic-meddling-in-nomination-of-karen-stintz/article_41c12f9e-ca97-11ee-b053-bfe1144ebe4b.html?li_source=LI&li_medium=politics
Title: Toronto Conservatives accuse federal party of 'undemocratic' meddling in nomination of Karen Stintz

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/federal/justin-trudeau-blames-stephen-harper-cuts-for-auto-theft-issue-as-ottawa-moves-to-ban/article_bc662988-c6ba-11ee-aba9-0b4ecdd4dcaf.html?li_source=LI&li_medium=politics
Title: Justin Trudeau blames Stephen Harper cuts for auto theft issue, as Ottawa moves to ban high-tech devices used to steal cars

Search URL Search Domain Scan URL

URL: https://www.thestar.com/politics/political-opinion/justin-trudeau-and-pierre-poilievre-have-found-a-common-enemy-for-whats-wrong-with-canada/article_db7ba512-c789-11ee-92f1-77940a32944d.html?li_source=LI&li_medium=politics
Title: Justin Trudeau and Pierre Poilievre have found a common enemy for what's wrong with Canada

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/world/united-states/trumps-pick-to-lead-the-rnc-is-facing-skepticism-from-some-republicans/article_a95e83be-9251-5ba1-8ce8-ad6db0d7cba9.html?li_source=LI&li_medium=world
Title: Trump's pick to lead the RNC is facing skepticism from some Republicans

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/world/united-states/jill-biden-sends-valentines-day-love-to-americans-with-an-art-display-on-the-white/article_8ff62d1d-00ab-5b54-8696-e8880cdce768.html?li_source=LI&li_medium=world
Title: Jill Biden sends Valentine's Day love to Americans with an art display on the White House lawn

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/world/united-states/usher-and-longtime-partner-jenn-goicoechea-married-after-the-super-bowl-records-show/article_ab1cec9d-b9eb-5511-9398-c42742191bfd.html?li_source=LI&li_medium=world
Title: Usher and longtime partner Jenn Goicoechea married after the Super Bowl, records show

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/world/united-states/reluctant-pastors-son-to-most-viewed-preacher-shooting-puts-new-spotlight-on-joel-osteen/article_fb0008c1-83c9-5096-a250-5a1ebfd6d4c3.html?li_source=LI&li_medium=world
Title: Reluctant pastor's son to most-viewed preacher: Shooting puts new spotlight on Joel Osteen

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/world/united-states/trump-wants-to-install-new-rnc-leadership-including-his-daughter-in-law-as-co-chair/article_9bdb6714-34d0-57ae-ab97-38169fb43bf7.html?li_source=LI&li_medium=world
Title: Trump wants to install new RNC leadership including his daughter-in-law as co-chair

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/king-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us/article_87ee48bc-c9de-11ee-9f52-bbb781632a44.html?li_source=LI&li_medium=life
Title: King Charles wants us to know he’s just fine — and Kate would like us to mind our own business

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/parent/ive-always-considered-myself-a-free-range-parent-then-i-found-porn-on-my-11/article_d8f4af46-c13a-11ee-8a91-8f9873377fc9.html?li_source=LI&li_medium=life
Title: I've always considered myself a 'free-range' parent. Then I found porn on my 11-year old daughter’s laptop

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/relationships/my-friend-dealt-with-something-truly-awful-in-her-family-she-cant-forgive-me-for/article_ddd50a1c-bb9d-11ee-a37b-7771d3dec627.html?li_source=LI&li_medium=life
Title: My friend dealt with something truly awful in her family. She can't forgive me for not supporting her 'properly.' Is it my fault? Ask Lisi

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/autos/what-is-the-point-of-this-suv-hint-its-designed-to-attract-new-buyers-to/article_ec9682ec-c773-11ee-8190-2bd3293d0f54.html?li_source=LI&li_medium=life
Title: What is the point of this SUV? Hint: It's designed to attract new buyers to this brand

Search URL Search Domain Scan URL

URL: https://www.thestar.com/life/relationships/my-son-wants-his-girlfriend-to-sleep-over-theyre-nine-should-i-say-yes-ask/article_ff50f6b6-bb9c-11ee-8b46-bb87283e423c.html?li_source=LI&li_medium=life
Title: My son wants his 'girlfriend' to sleep over. They're nine. Should I say yes? Ask Lisi

Search URL Search Domain Scan URL

URL: https://www.thestar.com/sports/blue-jays/ben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays/article_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html?li_source=LI&li_medium=sports

Search URL Search Domain Scan URL

URL: https://www.thestar.com/sports/raptors/scottie-barnes-early-exit-is-another-lesson-in-the-grooming-of-the-raptors-star/article_66dfb796-c92f-11ee-9b52-7bca636213ec.html?li_source=LI&li_medium=sports
Title: Scottie Barnes' early exit is another lesson in the grooming of the Raptors' star

Search URL Search Domain Scan URL

URL: https://www.thestar.com/sports/curling/decorated-canadian-curler-jennifer-jones-to-retire-from-team-curling/article_2aef5cc9-f65e-5db4-912a-0317ec11fff9.html?li_source=LI&li_medium=sports
Title: Decorated Canadian curler Jennifer Jones to retire from team curling

Search URL Search Domain Scan URL

URL: https://www.thestar.com/sports/leafs/mcmann-of-the-hour-little-used-forward-scores-three-as-leafs-beat-blues-without-three/article_93478e1c-c92f-11ee-ab02-c3d4bcad4295.html?li_source=LI&li_medium=sports
Title: McMann of the hour: Little-used forward scores three as Leafs beat Blues without three of their stars

Search URL Search Domain Scan URL

URL: https://www.thestar.com/sports/leafs/make-hockey-violent-again-isn-t-the-answer-but-right-or-wrong-morgan-rielly-stood/article_a91c2ac6-c935-11ee-8fcb-3ff0ae5d4a3d.html?li_source=LI&li_medium=sports
Title: ‘Make hockey violent again’ isn’t the answer. But right or wrong, Morgan Rielly stood up for the Maple Leafs vs. the hotdogging Senator

Search URL Search Domain Scan URL

URL: https://www.thestar.com/sports/top-10-most-watched-super-bowl-ads-on-youtube-canada-played-on-nostalgia-and-reunited/article_001356e8-c9b2-11ee-8ecb-bbd4a6c8d16e.html?li_source=LI&li_medium=sports
Title: Top 10 most watched Super Bowl ads on YouTube Canada played on nostalgia and reunited some of Hollywood's biggest names

Search URL Search Domain Scan URL

URL: https://www.thestar.com/entertainment/welcome-home-jon-stewart-late-night-tv-and-sanity-needs-you/article_fb8f73ee-caa7-11ee-af73-937be5f86f23.html?li_source=LI&li_medium=entertainment

Search URL Search Domain Scan URL

URL: https://www.thestar.com/entertainment/sorry-maga-taylor-swift-helped-win-a-super-bowl-and-she-can-help-win-an/article_213ffce8-c9aa-11ee-8d3c-5bec51d1beea.html?li_source=LI&li_medium=entertainment

Search URL Search Domain Scan URL

URL: https://www.thestar.com/entertainment/books/new-book-based-on-sex-survey-offers-unprecedented-look-into-canadians-bedrooms/article_b9dda8d0-15a2-59ae-8a88-c26f130f5785.html?li_source=LI&li_medium=entertainment

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: https://careers.smartrecruiters.com/Torstar/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://thestarepaper.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: https://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: https://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www&referrer=utm_source%3Dweb-driver%26utm_medium%3Ddriver%26utm_content%3Dfooter

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://btloader.com/tag?o=5071905434894336&upapi=true&async=true HTTP 302
https://btloader.com/tag?o=5071905434894336&upapi=true

Request Chain 100

https://cm.everesttech.net/cm/dd?d_uuid=30009863760758891793613811639891348870 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcztRgAAAGhu2gOj

Request Chain 103

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js

Request Chain 158

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F

Request Chain 175

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1707928903337%26url%3Dhttps%253A%252F%252Fse1.iran22.fun%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F&cookiesTest=true&liSync=true

Request Chain 224

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707928906684&ns_c=UTF-8&c7=https%3A%2F%2Fse1.iran22.fun%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707928906684&ns_c=UTF-8&c7=https%3A%2F%2Fse1.iran22.fun%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=

238 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
se1.iran22.fun/ 523 KB
63 KB 1441ms
1158ms Document
text/html 104.21.17.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.17.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9751d9261cc190ac91be1f947e1a9fb1de1d95ef7c105ecbcb5ea39f557d9fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 40
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8556c27eba4c2aa9-LAX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 16:41:39 GMT
last-modified: Wed, 14 Feb 2024 16:40:58 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZiUXx84AiERkum5U7NG%2B7J%2Fx6l0C7AZcF1xN%2Fh1kFOYSnCVsXGZLpqHji8n32ULdcivNTXPeUT52oxpv1UkIa%2FMgu8Tg0Xk%2BQtwmPVY2NR4W1ewLskuwf%2B6fC6uQGY79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.74.1; app16; 0.82s; 6.9M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://www.thestar.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 400ms
192ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6670698
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876ac42ad7-LAX
expires: Fri, 01 Nov 2024 05:37:04 GMT

GET
H2 200 user.js Show response
se1.iran22.fun/shared-content/art/tncms/user/ 3 KB
2 KB 1108ms
1095ms Script
application/x-javascript 104.21.17.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://se1.iran22.fun/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 13 Feb 2024 22:37:54 GMT
x-vcache: HIT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65cbef42-c46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4IIR8qB%2FfyCCp%2FHz9sIbOhugHPYdVXG8v63%2F9LUmY5vjSuDfQqclwJ1wdAe%2BqlYY7MpzgdIrAG%2FJlWWO8q6ZiD7KhyfnOulgHDnXhCFcB26iTRh8NoIBdnM5xHUnHrF7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8556c2862b962aa9-LAX
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 497ms
292ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6584099
cross-origin-resource-policy: cross-origin
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c287cb422ad7-LAX
expires: Tue, 19 Nov 2024 09:37:13 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
13 KB 436ms
232ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6757689
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf1-841f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876ac22ad7-LAX
expires: Wed, 27 Nov 2024 07:05:41 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 492ms
287ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 8314027
cross-origin-resource-policy: cross-origin
last-modified: Fri, 27 Oct 2023 21:37:38 GMT
x-vcache: MISS
server: cloudflare
etag: W/"653c2da2-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c287cb402ad7-LAX
expires: Fri, 08 Nov 2024 06:06:02 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 291ms
87ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 8488444
cross-origin-resource-policy: cross-origin
last-modified: Fri, 13 Oct 2023 13:11:31 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65294203-1102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876abf2ad7-LAX
expires: Wed, 30 Oct 2024 11:28:53 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
958 B 482ms
285ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 8493268
cross-origin-resource-policy: cross-origin
last-modified: Fri, 27 Oct 2023 21:37:38 GMT
x-vcache: MISS
server: cloudflare
etag: W/"653c2da2-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c287cb3c2ad7-LAX
expires: Thu, 31 Oct 2024 11:35:39 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 338ms
141ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6749659
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:51 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaef-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876abb2ad7-LAX
expires: Wed, 27 Nov 2024 09:38:35 GMT

GET
H2 200 layout.b46cef82bac6c2a77ca1f12b4c79fc8a.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 446ms
250ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.b46cef82bac6c2a77ca1f12b4c79fc8a.css

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb7fe33bdf54061530811bf05a157d73cfe308366274ff99123affd1b0729c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 678986
cross-origin-resource-policy: cross-origin
last-modified: Mon, 29 Jan 2024 16:56:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65b7d8ad-26683"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876abe2ad7-LAX
expires: Wed, 05 Feb 2025 20:01:15 GMT

GET
H2 200 flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 531 B
371 B 283ms
86ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1832806
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf3-213"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876abc2ad7-LAX
expires: Sun, 10 Nov 2024 06:18:04 GMT

GET
H2 200 flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 8 KB
2 KB 281ms
85ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6755766
cross-origin-resource-policy: cross-origin
last-modified: Fri, 27 Oct 2023 21:37:41 GMT
x-vcache: MISS
server: cloudflare
etag: W/"653c2da5-2021"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876aba2ad7-LAX
expires: Fri, 08 Nov 2024 08:21:08 GMT

GET
H2 200 access.d7adebba498598b0ec2c.js Show response
se1.iran22.fun/shared-content/art/tncms/api/ 70 KB
27 KB 1457ms
1455ms Script
application/x-javascript 104.21.17.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://se1.iran22.fun/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer: https://se1.iran22.fun/
Origin: https://se1.iran22.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 14:03:24 GMT
x-vcache: HIT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65ae75ac-1164b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuIg2sZI7BHyDbYnjNnjLECkjpLIGP538EO7%2F9eh%2FmOORkKNEulgin61ql3GSNvk9eaCfa7A5ye6v8CH8ePLF5%2F9Gno2Y%2FMbDLFrJgXKOs6bJt0LkXjEgmFF1IYXLHSSLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8556c2862b9a2aa9-LAX
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
https://btloader.com/tag?o=5071905434894336&upapi=true

53 KB
18 KB

87ms
86ms

Script
application/javascript

104.22.75.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Server: 104.22.75.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2fb9bb0f952b709eaaef5735c38c8221da34ec23a6ea89475a31fc6f264211

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 15:58:50 GMT
server: cloudflare
age: 2506
etag: "a6d552ee9f5b387fa3071ce9bef80b47"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8556c290a9ab5349-LAX
content-length: 18196

Redirect headers

date: Wed, 14 Feb 2024 16:41:41 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2511
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8
location: /tag?o=5071905434894336&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 8556c28f4f975349-LAX

GET
H2 200 thestar-sdk.js Show response
thestar.solutions.cdn.optable.co/public-assets/ 20 KB
7 KB 226ms
68ms Script
text/javascript 34.160.43.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.43.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.43.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 922419daf0f7f53cca9234ef4f41bffaafb484020e655eae333ee4ba2af6a76a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 15:49:52 GMT
content-encoding: gzip
via: 1.1 google
age: 3109
x-guploader-uploadid: ABPtcPpiUkBZuXcTFaGo_DET0-OWAfcDh8dovimWn8r082FpsBsqE0YWiCGllPsxH-OtYj0Nm1HSpSl81g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6656
last-modified: Mon, 12 Feb 2024 18:46:14 GMT
server: UploadServer
etag: "f103a28383efce0a517cfe2a769e445e"
x-goog-generation: 1707763574283265
x-goog-hash: crc32c=JtGrOg==, md5=8QOig4PvzgpRfP4qdp5EXg==
content-type: text/javascript
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 6656
accept-ranges: bytes

GET
H2 200 footer.nav.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 2 KB
620 B 283ms
88ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/footer.nav.js?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e8f1eb1391780e4d77b2b47e6b25799bfccf566138ce3c3838989065a2776f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597363
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-8f5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2876ac02ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 517ms
209ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

ebaf2f5229b68474d902a9a20557687309cfe589d65596a468fef86d1e2d48fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29428
x-xss-protection: 0
server: cafe
etag: 155 / 19767 / 31081088 / config-hash: 4563306469833703355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 16:41:41 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
260 B 280ms
278ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:39 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6667263
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf3-cf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c287cb452ad7-LAX
expires: Wed, 27 Nov 2024 08:42:36 GMT

GET
H3 200 tracking.js Show response
se1.iran22.fun/shared-content/art/tncms/ 3 KB
2 KB 1080ms
1079ms Script
application/x-javascript 104.21.17.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://se1.iran22.fun/shared-content/art/tncms/tracking.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.17.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 13 Feb 2024 22:37:54 GMT
x-vcache: HIT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65cbef42-a3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifjPw3%2B3PFXPMDW3buAU18CE7Oybql6rkgzJMEOpNCa0qUOQ4rn7F3lk3NP2zUdOIPMeOklHprMFMzG2ocR11FoT9M38M%2BUBXOHcc27qQ6g8aGCTsfzdFbxI4ai3H3wcpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8556c2877a272ed5-LAX
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
98 KB 95ms
87ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6731417
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf1-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28e5b012ad7-LAX
expires: Sun, 10 Nov 2024 11:34:09 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
10 KB 514ms
151ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f1.1e100.net

Software

sffe /

Resource Hash

776a03d310f4289e3f1b612a9c95915ac2aff101bb4604dcdf41902fb175f4a1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8919
x-xss-protection: 0
server: sffe
etag: "e33ce01729ac5f51"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Feb 2024 16:41:41 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 206 KB
80 KB 472ms
173ms Script
application/javascript 172.253.62.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f84.1e100.net

Software

ESF /

Resource Hash

49003edf417b7531ac27bce16596b3e067cf71057220e76ef6d3bc59f64dbdec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vGn908TZIOt851Gwq20YGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-vGn908TZIOt851Gwq20YGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 14 Feb 2024 16:41:41 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 206 KB
60 KB 432ms
138ms Script
text/javascript 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

sffe /

Resource Hash

f73e6815042dd44b90e6d3337789749248d4c28fe2b7376e1dd4225e6d7f47d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60693
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 21:36:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 16:53:54 GMT

GET
H2 200 launch-9387fe3a1e9f.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/ 337 KB
79 KB 486ms
162ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37608a0907bc5f6496d993afab6008f8c733ab12d22a5f2258342473e29f384c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:15 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:45 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"cd512659b5b74f3e8ad9340f3d09b8bd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: a1cXssyF6jVkTQyCcZpXWLRA23tnF8u2rDZu4_sMjugxlNyL9_oRhg==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 517 KB
129 KB 234ms
80ms Script
application/javascript 172.64.146.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.86 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3cf42134c7069baf8bb3becde86e4198002c05ebe928d46feb451238d19ed6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 0
x-guploader-uploadid: ABPtcPopJFeJRCA1QS1LBf3Av17G86o-0ofJjWMTb5qh2Vr-xqDR-EYjceE90ED265KCh94uxbUYNMAq4CX_aKxV6-8fr6_NaVRl
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 131206
last-modified: Mon, 04 Dec 2023 18:59:04 GMT
server: cloudflare
etag: "4214f8e67313465490e9ea8d6e67d4b7"
vary: Accept-Encoding
x-goog-generation: 1701716344208732
content-type: application/javascript
x-goog-hash: crc32c=kOqrmg==, md5=QhT45nMTRlSQ6eqNbmfUtw==
cache-control: public, max-age=900
x-goog-stored-content-length: 131206
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8556c28f4e6bdbb6-LAX
expires: Wed, 14 Feb 2024 16:56:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 37 KB
2 KB 460ms
154ms Stylesheet
text/css 142.251.40.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f10.1e100.net

Software

ESF /

Resource Hash

38c72280fd4b4e560b133e535e282d411d5e806eaba6b768cfd9c9ff9fa7a24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 16:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 16:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 16:41:40 GMT

GET
H2 200 navigation.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 10 KB
2 KB 93ms
86ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/navigation.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597363
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-28b1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc6b2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 pages.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 198 B
214 B 110ms
102ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/pages.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-c6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc6e2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 blocks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 5 KB
2 KB 94ms
87ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/blocks.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597363
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-12e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc6f2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 628 B
436 B 110ms
103ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/utilities.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-274"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc702ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 global.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 34 KB
7 KB 107ms
101ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

640ffe794ffc6f498c928232b6433adfc359c060698f38d2eed5f88fe88f9cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-8894"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc712ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 stn.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 3 KB
790 B 101ms
96ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/stn.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597363
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-ded"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc732ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 storypacks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 52 KB
5 KB 110ms
105ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/storypacks.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d72995ef7e52dafc770a56457038f77d59a619a426132bfe914ba3ba4f683640

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-cfe5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc752ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 33 KB
7 KB 103ms
99ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/utilities.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c03070b837ed5f43fd2b4195034005f828cb8af6a53b05b3fe16ee4cca56fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597363
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-823f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc762ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 user-controls.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 6 KB
2 KB 104ms
100ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/user-controls.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53426bb3fb09b76cd18d82e241a6b581cd187e3c2c355abda74a072b46a68b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-1839"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc772ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 icons.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 11 KB
998 B 101ms
97ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b22acf3b276d3f419653cda2fcd12b7a8c87d2b0b34e44511b60a23ab72d7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-2dda"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc7a2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 staronly.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 223 B
216 B 105ms
102ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/staronly.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-df"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc7d2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 site.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 339 B
311 B 101ms
98ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/site.css?_dc=1671043982

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6757227
cross-origin-resource-policy: cross-origin
last-modified: Wed, 14 Dec 2022 18:53:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"639a1b8e-153"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c288fc7f2ad7-LAX
expires: Fri, 01 Nov 2024 08:24:23 GMT

GET
H3 200 tracker.js Show response
se1.iran22.fun/shared-content/art/stats/common/ 9 KB
3 KB 1055ms
1053ms Script
application/x-javascript 104.21.17.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://se1.iran22.fun/shared-content/art/stats/common/tracker.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.17.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Jul 2023 14:44:35 GMT
x-vcache: HIT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"64b94853-2200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT5HnhuZXc7T2klAqwa%2BJypbfr7xUAkqti1uvdLjhnBL1%2FYkinEu1VtMrP1wA4ltrHiF7LKAiCmfjoBM3KDrBanekqpZY%2FmS361t1CVbfL7iVUljvmOknTJx8nNl1DomEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8556c288fbf82ed5-LAX
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
80 KB 453ms
157ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6b1c5924672f3d5ec187f08b473b06b3c2e5dc51686a48fd22d256cf21139e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81692
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:41 GMT

GET
H2 200 31c48758-8d44-11ed-8c30-0bcb8697ec11.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 1 KB
1 KB 76ms
75ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/31c48758-8d44-11ed-8c30-0bcb8697ec11.png

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 6571419
cf-polished: origFmt=png, origSize=1362
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="31c48758-8d44-11ed-8c30-0bcb8697ec11.webp"
content-length: 1086
cf-bgj: imgq:85,h2pri
last-modified: Thu, 05 Jan 2023 21:59:15 GMT
server: cloudflare
x-vcache: MISS
etag: "63b74833-552"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c289fdc02ad7-LAX
expires: Thu, 28 Nov 2024 23:22:13 GMT

GET
H2 200 65cbd13c7e203.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/9/ab/9abf844a-7fd3-5133-ad8f-4e6ab47727a1/ 156 KB
156 KB 150ms
149ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/9/ab/9abf844a-7fd3-5133-ad8f-4e6ab47727a1/65cbd13c7e203.image.jpg?crop=1704%2C1136%2C59%2C0&resize=1200%2C800&order=crop%2Cresize

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c6aab782668823f75003765632cc75c18e712dd3462a88c0f75366ca85a4aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=160695, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Feb 2024 20:29:49 GMT
server: cloudflare
x-vcache: MISS
etag: "201b0c34880a8796ab1124f3faf3c74a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28a2de32ad7-LAX
expires: Thu, 13 Feb 2025 16:32:40 GMT

GET
H2 200 65ccc51559b42.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/8/8e/88e7159f-429f-5c67-a4e5-4c126dd32d10/ 125 KB
126 KB 78ms
77ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/8/8e/88e7159f-429f-5c67-a4e5-4c126dd32d10/65ccc51559b42.image.jpg?crop=1744%2C1163%2C0%2C12&resize=1200%2C800&order=crop%2Cresize

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e14ad718c395e1bfc938690af5e1fc1d8684600b1f8a52f210e456f252f844f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 7098
cf-polished: origSize=129496, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Feb 2024 13:50:15 GMT
server: cloudflare
x-vcache: MISS
etag: "a46064068ff917d9f627898bde102481"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28b5f642ad7-LAX
expires: Thu, 13 Feb 2025 14:24:41 GMT

GET
H2 200 2faeee7c-8d44-11ed-8c18-eb5483a10695.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 1 KB
1 KB 85ms
84ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/2faeee7c-8d44-11ed-8c18-eb5483a10695.png

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 6757688
cf-polished: origFmt=png, origSize=1545
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="2faeee7c-8d44-11ed-8c18-eb5483a10695.webp"
content-length: 1228
cf-bgj: imgq:85,h2pri
last-modified: Thu, 05 Jan 2023 21:59:11 GMT
server: cloudflare
x-vcache: MISS
etag: "63b7482f-609"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c28befff2ad7-LAX
expires: Wed, 20 Nov 2024 18:25:11 GMT

GET
H3 200 email-decode.min.js Show response
se1.iran22.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 71ms
70ms Script
application/javascript 104.21.17.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://se1.iran22.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.17.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 18:12:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65cbb0fd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU4qFd8OA0rwmEMPCGXyFvObWqnZrvnGAyRwfdw1kemndAL4si%2Bgf5r2NwNTILByZucFq0qXsgnbJ47StdGQHHHCvuHhrVtbv%2FPK%2FUWZeeeA6BrmsaZMf74WIPDLk%2BTd%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8556c28c0f8e2ed5-LAX
expires: Fri, 16 Feb 2024 16:41:40 GMT

GET
H2 200 subscription-landing.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 11 KB
2 KB 76ms
76ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/subscription-landing.css?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fccb27bed15422298100f23773bbc262d36964eb5381ed360e06799db31b48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597216
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-2b4b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28c788d2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:23 GMT

GET
H2 200 edition-selector.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 8 KB
2 KB 78ms
78ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/edition-selector.js?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-2076"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28c88972ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 tnt.ads.core.06f66657baee8dcc28d4650bb59ec82f.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 13 KB
5 KB 83ms
83ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.06f66657baee8dcc28d4650bb59ec82f.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6356d29bf00c5989310f2d27428b334a9ec913da489ae28af252b61966de0a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 596285
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:33:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ccf8-35c9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28cf9032ad7-LAX
expires: Thu, 06 Feb 2025 19:01:13 GMT

GET
H2 200 sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
2 KB 87ms
82ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6664829
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf1-1010"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28d19402ad7-LAX
expires: Wed, 27 Nov 2024 08:14:53 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 81ms
80ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6662604
cross-origin-resource-policy: cross-origin
last-modified: Fri, 27 Oct 2023 21:37:38 GMT
x-vcache: MISS
server: cloudflare
etag: W/"653c2da2-1021"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28d89f52ad7-LAX
expires: Fri, 08 Nov 2024 08:01:31 GMT

GET
H2 200 liftigniter.min.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 14 KB
5 KB 79ms
79ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/liftigniter.min.js?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

980c8780366c4be3d8e14ac0a98833e357313bd0c55e9cec1b5f16deec75c049

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-37b0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28d9a022ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 promo_popup.min.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 3 KB
889 B 81ms
76ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/promo_popup.min.js?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516743678b07edcf236561fed911dd419248fe4e6ae651c201b2fbd90f2572b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-a04"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28e1ac92ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 save.asset.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 2 KB
684 B 77ms
76ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/save.asset.js?_dc=1707331096

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:40 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce18-721"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28e1acc2ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 861 KB
201 KB 461ms
166ms Script
application/javascript 13.226.34.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-55.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92646a86f3a69094b6ad08cb64f573d8ed5e5641c88c19d306f1052a3a6d8488

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: xi_TPJZIG.f_Yok9TjjuHYMjXlpC4XSv
content-encoding: br
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 16:41:36 GMT
x-amz-cf-pop: EWR53-C2
age: 12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 17:00:58 GMT
server: AmazonS3
etag: W/"2ede96e1129405ba06eff9d2cacd5eba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: AkL5PlnAeU1Ru4YVt_dDRtp0Wz3QNt-NONB1Ukt5HkwBZcfx6nscGQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 287 KB
72 KB 439ms
162ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7daf755b623cb0003b375d09763a1ba0ef903621de9b28dbc95ced9d53c3fdc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:36:18 GMT
content-encoding: gzip
via: 1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront), 1.1 694f0c51ec6e4c7f413de59a8f819960.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 20:28:20 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
age: 324
x-amz-server-side-encryption: AES256
etag: W/"e35db9e01c8bbaeaf0056483266eecd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: MB7es4J9qZ0SIynvg7mRiDkCpuQ5cza2qlgYVmYxaWAkdfOv7xd93g==

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 26 B
103 B 542ms
130ms Script
application/javascript 129.158.208.173

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fse1.iran22.fun%2F
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.158.208.173 Ashburn, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: 01594e833d67163c5d71c470fb205ab5dcea6c114cb3408c3aed83d139697c36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 26
Content-Type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
90 KB 166ms
163ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

658efaad40f64e45dea9783c59ac69a7addfb9d34e4943895114cefd2381a685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91491
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracker.gif
www.thestar.com/shared-content/art/stats/common/ 0
146 B 371ms
116ms Image
image/gif 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestar.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=170792890102316001200637235271944&tnms_dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&tnms_upage=1&tnms_do=www.thestar.com&tnms_uri=/&tnms_ref=&rt=1707928901026
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Toronto_Star_logo.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/ 6 KB
2 KB 80ms
79ms Image
image/svg+xml 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/Toronto_Star_logo.svg?_dc=1707331094

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 597364
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Feb 2024 18:38:14 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65c3ce16-16bb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28fdd382ad7-LAX
expires: Thu, 06 Feb 2025 18:43:19 GMT

GET
H2 200 guest.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 662 B
547 B 79ms
78ms Image
image/svg+xml 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/guest.svg

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1707331096

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1707331096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 9099035
cross-origin-resource-policy: cross-origin
last-modified: Thu, 19 Oct 2023 18:06:51 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6531703b-296"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28fdd3d2ad7-LAX
expires: Thu, 31 Oct 2024 05:43:24 GMT

GET
H2 200 nbetting.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/ 6 KB
6 KB 76ms
75ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/nbetting.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1707331096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 6589559
cf-polished: origFmt=png, origSize=11103
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="nbetting.webp"
content-length: 6086
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Nov 2023 18:35:11 GMT
server: cloudflare
x-vcache: MISS
etag: "6553bddf-2b5f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c28fdd422ad7-LAX
expires: Thu, 28 Nov 2024 10:13:37 GMT

GET
H2 200 chevron.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 347 B
482 B 79ms
78ms Image
image/svg+xml 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/chevron.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1707331096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6754233
cross-origin-resource-policy: cross-origin
last-modified: Tue, 18 Jul 2023 19:58:47 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64b6eef7-15b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28fed602ad7-LAX
expires: Thu, 18 Jul 2024 22:55:08 GMT

GET
H2 200 warning-updated.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 383 B
383 B 76ms
76ms Image
image/svg+xml 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/warning-updated.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39af5bc38f03afb9bbcacadacdf8ce2adc5f6745217ef8868696c6cb38e2bfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1707331096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6763310
cross-origin-resource-policy: cross-origin
last-modified: Tue, 14 Nov 2023 18:35:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6553bde0-17f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c28fed622ad7-LAX
expires: Wed, 27 Nov 2024 08:42:02 GMT

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
38 KB 425ms
138ms Font
font/woff2 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f3.1e100.net

Software

sffe /

Resource Hash

a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://se1.iran22.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:33:58 GMT
x-content-type-options: nosniff
age: 43663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38268
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:13:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 04:33:58 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v20/ 43 KB
44 KB 533ms
247ms Font
font/woff2 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v20/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f3.1e100.net

Software

sffe /

Resource Hash

fbc774cb96be46cab2c4f68a761ba7f4b5cfa0bd2d7a9487e1fbed4b60e547c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://se1.iran22.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:56:12 GMT
x-content-type-options: nosniff
age: 27929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44476
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 15:33:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 08:56:12 GMT

GET
H2 200 1ad7564a-a2cc-11ed-ad65-4fe77989d2c2.784b653fa494d1b84d4bf6df570ed4b7.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/1/ad/756/ 420 B
625 B 78ms
76ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/1/ad/756/1ad7564a-a2cc-11ed-ad65-4fe77989d2c2.784b653fa494d1b84d4bf6df570ed4b7.png?_dc=1675323302

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d683c982077343a5bff3cb148b821aedc8ed3d22b6d34a852f486b2b6e76484c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 185396
cf-polished: origFmt=png, origSize=642
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="1ad7564a-a2cc-11ed-ad65-4fe77989d2c2.webp"
content-length: 420
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Feb 2023 07:35:02 GMT
server: cloudflare
x-vcache: HIT
etag: "63db67a6-282"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2908e6e2ad7-LAX
expires: Thu, 06 Feb 2025 15:50:29 GMT

GET
H2 200 4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/ 7 KB
8 KB 83ms
81ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png?_dc=1683211417

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e62bc02cd5fca4b743c497a1b1b06096f90407e772e6acf00d6e0ec60970ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 10390
cf-polished: origFmt=png, origSize=11982
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="4bf41a72-9d1f-11ed-962a-731f98635eec.webp"
content-length: 7582
cf-bgj: imgq:85,h2pri
last-modified: Thu, 04 May 2023 14:43:37 GMT
server: cloudflare
x-vcache: MISS
etag: "6453c499-2ece"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2908e712ad7-LAX
expires: Thu, 13 Feb 2025 02:24:38 GMT

GET
H2 200 c34f419e-9d03-11ed-b22f-a3fc8d59330d.61c09f4e62d855dd5a206cbd778d8137.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/c/34/f41/ 8 KB
9 KB 78ms
77ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/c/34/f41/c34f419e-9d03-11ed-b22f-a3fc8d59330d.61c09f4e62d855dd5a206cbd778d8137.png?_dc=1683853323

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e645dab567c8f0d10cdd0c0490f302ba46a44ce98761fc4d1dd12a59b536ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 272870
cf-polished: origFmt=png, origSize=12947
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="c34f419e-9d03-11ed-b22f-a3fc8d59330d.webp"
content-length: 8548
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 May 2023 01:02:03 GMT
server: cloudflare
x-vcache: MISS
etag: "645d900b-3293"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2908e722ad7-LAX
expires: Sun, 09 Feb 2025 18:10:16 GMT

OPTIONS
H2 403 init
thestar.cloud.optable.co/prod-thestar-com/ Frame 0
0 305ms
147ms Preflight 34.149.155.241

General

Check archive.org

Show headers Download Go to

Full URL: https://thestar.cloud.optable.co/prod-thestar-com/init?cookies=no&passport=&osdk=web-v0.16.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN (),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://se1.iran22.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Feb 2024 16:41:41 GMT
via: 1.1 google

POST init
thestar.cloud.optable.co/prod-thestar-com/ 0
0

GET
H2 200 2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
37 KB 385ms
295ms Font
font/woff2 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f3.1e100.net

Software

sffe /

Resource Hash

2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://se1.iran22.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:54:29 GMT
x-content-type-options: nosniff
age: 28032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37848
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:30:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 08:54:29 GMT

GET
H2 200 65cbcf2688774.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/9/48/948d46b0-a8de-5873-9722-e677a40c6895/ 25 KB
25 KB 152ms
151ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/9/48/948d46b0-a8de-5873-9722-e677a40c6895/65cbcf2688774.image.jpg?crop=1763%2C1175%2C0%2C0&resize=400%2C267&order=crop%2Cresize

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1542e97d8bc081a10a5320a196655e5922acb90aa00af579a87f7f4dd5b2f881

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=25860, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Feb 2024 20:20:59 GMT
server: cloudflare
x-vcache: MISS
etag: "d30669fbe49f7935e72cfeadc2cc4f47"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2919fe62ad7-LAX
expires: Thu, 13 Feb 2025 04:10:35 GMT

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 12 B
216 B 380ms
222ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://se1.iran22.fun
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
699 B 420ms
140ms XHR
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:41 GMT
an-x-request-uuid: 8a01bae1-6d9d-4d65-b8ba-447bed9f9299
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 83.171.251.80; 83.171.251.80; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 state Show response
api.btloader.com/mw/ 40 B
167 B 281ms
116ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
vary: Origin
content-type: application/json

GET
H2 200 px.gif
ad-delivery.net/ 43 B
907 B 262ms
75ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1388389
x-guploader-uploadid: ABPtcPpUuFVidBfCupR3XR09MVxHiLIwbUWxjX98kzXTUTaIw2zvAlKzZ5JC077_86xIq3GJ_rxWp1lw8A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wElrFYqh8kF3hwXS9EcOlH%2BsGwHJYpf4wV0bydAoXDkA2kWMI%2FS2m36PPL0AcNgIg6WP1doNM5oINV6qp7Q31IXfig7fUvLbsE3RNDKQPzEvgMZ00LYsmATHrPAgOlHQNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8556c2937a2d0905-LAX
expires: Mon, 29 Jan 2024 15:43:34 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 433ms
141ms Image
image/x-icon 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Feb 2024 09:05:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
324 B 262ms
77ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.48832576161947827
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1388389
x-guploader-uploadid: ABPtcPpUuFVidBfCupR3XR09MVxHiLIwbUWxjX98kzXTUTaIw2zvAlKzZ5JC077_86xIq3GJ_rxWp1lw8A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jazTznVfJ6AdXqnaMbPSuXSpHZgL5iTmfINQ%2FjRJBYPrQ5oKNd16mkgxfdHkdcNezCFYb%2BHErCicFRFkCUHFvDnbg1y99P0VyGfV47n5D6rzOxtEcyujjtMH4uBndVAoPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8556c2937a2f0905-LAX
expires: Mon, 29 Jan 2024 15:43:34 GMT

GET
BLOB 200
OK 9817bedb-b5fd-4bc1-91df-5f9cd0118e0b
https://se1.iran22.fun/ 225 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://se1.iran22.fun/9817bedb-b5fd-4bc1-91df-5f9cd0118e0b
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72956fed691627b50461a9176d096dbfdebe035fab5f653b8b8098d869919d7f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 230409
Content-Type

GET
BLOB 200
OK 631ed5ce-8fc4-4344-adc7-1d41efae8225
https://se1.iran22.fun/ 225 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://se1.iran22.fun/631ed5ce-8fc4-4344-adc7-1d41efae8225
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72956fed691627b50461a9176d096dbfdebe035fab5f653b8b8098d869919d7f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 230409
Content-Type

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 18 KB
5 KB 141ms
140ms Stylesheet
text/css 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

sffe /

Resource Hash

2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5195
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 16:53:46 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 143ms
142ms Other
image/svg+xml 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 17:06:00 GMT

GET
H2 200 serviceiframe Show response
news.google.com/swg/ui/v1/ Frame F1A3 16 KB
8 KB 245ms
243ms Document
text/html 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=1707928901494&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

653426c445656ae3c641e6d7f26ac0a6d76c0e734a1258b17a243cf83258e56e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-FinB2NQApBj34weBeexmvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-FinB2NQApBj34weBeexmvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Wed, 14 Feb 2024 16:41:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjytHikmII0JBicDa_xRT35xZT1OlHTOYJT5m-HXrG9AOI3315ySTw9SWTBBBrAfEOHw-WN-HTWfkiprPG1U1nLQBivnXTWQ3XT2ft_z-ddSIQO6XPYA0BYp_6GaxxQDxP4TzrAiAW4uE4emvzOjaBCw_f7GECAIpHNAU"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/ 436 KB
137 KB 142ms
141ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139960
x-xss-protection: 0
server: cafe
etag: 11977059823252198946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 13 Feb 2025 16:35:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
74 B 545ms
258ms XHR
application/json 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=se1.iran22.fun

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

e40c4be40792e99c3bda89239c1acb29fc0fb8f7b22ab24a0746661b0da8f4bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
x-xss-protection: 0
expires: Wed, 14 Feb 2024 16:41:41 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 387 B
930 B 302ms
97ms XHR
application/json 54.148.119.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1707928901550

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.119.109 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-119-109.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca2305e6af61a0b9f8e5e51279468e537d56aaf1699e023ee24950088497f3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-usw2-1-v051-053f90cd3.edge-usw2.demdex.com 3 ms
pragma: no-cache
date: Wed, 14 Feb 2024 16:41:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: Ph3o1K2EQMg=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 326
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 139ms
136ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:15 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:43 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"208eb534ea01036a4fca64e6715ccf3f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: nkWcG0dxbP1eWrB4k-jBu8ldDk1Nls3AmpKj2aTpAlvYvPvFKacAog==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 140ms
137ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:15 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:43 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"f1e098a5dd836ea5fc9726c429c8d71d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: lzfOheuqEe1u5RJVseNuHgcc07BLH9UwMNLTq5NgslKuK3jCSQxpxQ==

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 272 B
385 B 387ms
214ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 0206048a398c32af1e6afc13765226784f44e88ed9b2713b671eac5f4289ebf4

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://se1.iran22.fun
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
78 B 424ms
251ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://se1.iran22.fun
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET targeting
thestar.cloud.optable.co/prod-thestar-com/v2/ 0
0

OPTIONS
H2 403 targeting
thestar.cloud.optable.co/prod-thestar-com/v2/ Frame 0
0 147ms
146ms Preflight 34.149.155.241

General

Check archive.org

Show headers Download Go to

Full URL: https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=&osdk=web-v0.16.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN (),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://se1.iran22.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Feb 2024 16:41:41 GMT
via: 1.1 google

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 430ms
139ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 15:51:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 14 Feb 2024 17:51:43 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
66 KB 153ms
153ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8420e7c43994879622f9e308e23c1fb10d3c8ff7250f5dbbca492159184a77b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67214
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:41 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
72 KB 162ms
161ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

aeebfffbf7c51cd754e4796bd2a377e45459535c231edd633802edc7bc1988a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73295
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:41 GMT

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame F1A3 0
25 B 190ms
188ms Other
text/html 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KRuEbuxAFwfAKf-7XM8otg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=1707928901494&publicationId=thestar.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-KRuEbuxAFwfAKf-7XM8otg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/ed=1/rs=ABXTjI5-UgpT46zlQys-reQBXzfptn1PYQ/ Frame F1A3 745 B
1 KB 728ms
142ms Stylesheet
text/css 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/ed=1/rs=ABXTjI5-UgpT46zlQys-reQBXzfptn1PYQ/m=serviceiframeview,_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1707928901494&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 00:59:26 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/am=wKAZ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AB... Frame F1A3 197 KB
70 KB 729ms
144ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/am=wKAZ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5GHYQKgJp3x1Waccz383DuBIP3jA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1707928901494&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

0f1607f89474d8968c84c4aeb75c86a7119acabd7aba091708537fef7a9926a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71021
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 03:51:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 08:55:52 GMT

GET
H2 200 dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 6C22 7 KB
3 KB 118ms
98ms Document
text/html 54.148.119.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.148.119.109 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-119-109.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 14 Feb 2024 16:41:42 GMT
dcs: dcs-prod-usw2-1-v051-035c2b626.edge-usw2.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 14 Feb 2024 11:32:25 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: FPQAoKmhSko=

GET
H2 200 id Show response
s.thestar.com/ 48 B
456 B 605ms
74ms XHR
application/x-javascript 63.140.37.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=30018254756618608813615216093572110220&ts=1707928902014

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.37.206 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-37-206.data.adobedc.net

Software

jag /

Resource Hash

ec46887fd0185d1cba140c2f675ea6fae174d7b80e24976970d9170a01923e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://se1.iran22.fun
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZcztRgAAAGhu2gOj
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=30009863760758891793613811639891348870
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcztRgAAAGhu2gOj

42 B
717 B

97ms
96ms

Image
image/gif

54.148.119.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcztRgAAAGhu2gOj

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Server

54.148.119.109 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-119-109.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

dcs: dcs-prod-usw2-2-v051-0100ab5c0.edge-usw2.demdex.com 1 ms
pragma: no-cache
date: Wed, 14 Feb 2024 16:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: bywjbjLsQtY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZcztRgAAAGhu2gOj
Date: Wed, 14 Feb 2024 16:41:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 RC0dd9b93c2d074bb3b67166f0f6236c0a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 440 B
806 B 131ms
131ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC0dd9b93c2d074bb3b67166f0f6236c0a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05f9253f10d43a4dda65ccaf49c178d8b9878cbfb38b08ed4e43b0f3d4f80875

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:15 GMT
x-amz-version-id: null
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 16:32:41 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P7
age: 448
etag: "fd1c6f32d43541df708d45c8f58594db"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 440
x-amz-cf-id: Q0HSFjbC_LdCHuOshwps7vHdhWnE9d5SkuyNolK-W_8XBCpXk2In6Q==

GET
H2 200 7noslr035pfb0mvo-nbc.js Show response
cdn.petametrics.com/ 178 KB
50 KB 586ms
79ms Script
application/javascript 104.22.61.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Requested by: Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/liftigniter.min.js?_dc=1707331096
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.61.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b992cf8419f1b144a718b10fcb97fb1e09220fa9f11887514c648fe6282ce312

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: gzip
via: 1.1 f781ef6ca1647978bf98d972dc06ed4a.cloudfront.net (CloudFront)
x-amz-version-id: j3S0qrIJGMY9pBe7DEtDc18z3IrmD1ek
cf-cache-status: HIT
x-amz-cf-pop: LAX50-P2
age: 421831
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 09 Feb 2024 19:29:39 GMT
server: cloudflare
etag: W/"3c48b48fe9390191e782efc69c2b360d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200, s-maxage=31536000
cf-ray: 8556c29918ac2f11-LAX
x-amz-cf-id: k7F7OmQYWNcp4U914_2D3hZINFcxJwMo3m3oyu0OY5esaXa1eEPjhA==

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.5.2/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js

7 KB
3 KB

84ms
84ms

Script
application/javascript

104.16.122.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Server

104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0e1f95aa09754b10449fd8cd7f2e76d8f232d1038b6cf7454db558ac79962e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1713438
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HN15VPXDFSJDJKBM7FNEDTJB-lax
server: cloudflare
etag: W/"1bff-XBuNuslfZI/SL2xuiJqqum43R9A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8556c299bc7c3215-LAX

Redirect headers

date: Wed, 14 Feb 2024 16:41:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HPM7R0QGGTFGQAEAGEDPYS3J-lax
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 186
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.5.2/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8556c298fbc33215-LAX

GET
H2 200 5028 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
797 B 561ms
140ms Script
application/javascript 18.173.132.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/5028
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-67.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 095cc79a8d23cf53f4363500b8a08cc1b185ff21bbe2bc81d1168d4bc53e04aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 15:46:49 GMT
via: 1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 3293
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: I3hONv73skuUxQzf8HK3X-A-ealo2raSS32HPtaKoUFbwpUElF33tA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 599 B
948 B 151ms
150ms XHR
application/json 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fse1.iran22.fun
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: c7e791cd90e0a1f79ac0639e79e74527567696f3d5420566415c7234123f432e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:41 GMT
via: 1.1 694f0c51ec6e4c7f413de59a8f819960.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://se1.iran22.fun
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 599
x-amz-cf-id: xawuzZKD1F7Wf9-26L4oFmzTJ99b3zAPnVDGhI5uX4oyiwu2m0lJpQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 445ms
164ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: VJGOeBq55qrgvZhjL5aDNHiT8kv4kJSbMnlYiHNeiEEDWxYon0G_kw==

POST
H2 404 v2 Show response
api.viafoura.co/v2/se1.iran22.fun/bootstrap/ 138 B
565 B 409ms
142ms XHR
application/json 54.208.255.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/se1.iran22.fun/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.255.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-255-188.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0e396c44938ac792546ac6681c44921a2f64c28e51fe363ddfa43ade287152c4

Request headers

Accept: application/json, text/plain, */*
Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-instance-id: i-06f3d330da35fd683

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
355 B 446ms
141ms XHR
text/javascript 108.139.54.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fse1.iran22.fun%2F&pid=C4U19pUHt0y63&cb=0&ws=1600x1200&v=24.206.2351&t=2000&slots=%5B%7B%22sd%22%3A%22ad-2827824%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2827002%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2827005%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=40d3be8b-46b9-422b-833c-faad3f52a515&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.54.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-54-29.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
via: 1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://se1.iran22.fun
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VaMQjqeaJpGy_U45833HtBp_sMh9v0910Ma5yGG22NvX0K4xGEioNg==

GET
H2 200 65cc30420eeda.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/c/15/c158a483-776b-52de-b908-04b1f8c37273/ 4 KB
4 KB 150ms
150ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/c/15/c158a483-776b-52de-b908-04b1f8c37273/65cc30420eeda.image.jpg?crop=1763%2C1175%2C0%2C0&resize=150%2C100&order=crop%2Cresize

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f259c26d3aabc22ed550fb037eda8d76c8710bad06295edb4038d82e5cb16d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=4463, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 4309
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Feb 2024 03:15:16 GMT
server: cloudflare
x-vcache: MISS
etag: "2df773a2e1a374ab06bff2eea1cd19d3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c29758c12ad7-LAX
expires: Thu, 13 Feb 2025 16:10:14 GMT

GET
H2 200 RCfbf0720bb01c4d4e801a3915545b03ce-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 1 KB
992 B 136ms
131ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RCfbf0720bb01c4d4e801a3915545b03ce-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e975d778dae418b5a07906c79417d2aa246bc93a5fe2bf67df4c0081770e632

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"5f2d638ae255cbc869279f9b985e5eee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: PE_6gcbBZJr963xzH0s2YwSJnIoM1MQ9re2NwVSXsRt7GKZyrGKEBw==

GET
H2 200 RC7e9de84bc387466e8242f60f18eee3fc-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 1 KB
937 B 137ms
132ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC7e9de84bc387466e8242f60f18eee3fc-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9fa707d3fe2c59b4aca10262d80ee7b9cd2d424eabd3e65f28bbf967322ce7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"7421bc7ec91be076e2eff0eede3a7d34"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: _Bm61_h0OVlTsel3ZowsDFjDVP2q67tRXBKbMXY1GgPu0DDR0k27kQ==

GET
H2 200 RC9df263a6428c49049bf4185ed168ffb9-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 1002 B
954 B 138ms
134ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC9df263a6428c49049bf4185ed168ffb9-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1528b2562c69bee8946b337415c6e3adc7323d77bf53b77a67691a05c280a62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"0745457aed4357215c8733471d825a2a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: ebKtj5QC_Rt14Xv3FkhTnyTmT2A5RzyM3f8qgdqOVN_0LfLXlRDCAw==

GET
H2 200 RCcd2169c442e84c47b913c30750cf2680-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 962 B
1 KB 139ms
135ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RCcd2169c442e84c47b913c30750cf2680-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e95c910b6c56705ebcaae3e1d1859b7b2013045b46d46b3e1be7f6fc6564b908

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P7
age: 447
etag: "9beba63f4a03c7a317d6135a632b4259"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 962
x-amz-cf-id: BnWwhMqSnXkHzUcIR2NdJp6rjKPandWhOQ5A5uyBTMQeY8lsJI3fGA==

GET
H2 200 RCf6619f9360ee41aca5d49a2d0a0b4a75-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 1 KB
907 B 140ms
136ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RCf6619f9360ee41aca5d49a2d0a0b4a75-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 897042ee9aaf7b0455a2db0a548e572a88edebc5c64d3291434e393df6181d60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"630c91fe6c1a403a185d8b448b985d1e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: MU8EEd771NrUJbW5aqGUzud8zlZ436ZYJWxUfhTaErMAuXhcdOVjFA==

GET
H2 200 RC91b2a4a7e5ff4d34a216aea083d48bb6-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 965 B
1 KB 140ms
137ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC91b2a4a7e5ff4d34a216aea083d48bb6-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d13d4d55d98452dc85160297e0ce6996ca8b04661b452c1ba8eacf0dddf19db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P7
age: 447
etag: "c3d402cbc242e0dcc686a6a6e5c6a718"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 965
x-amz-cf-id: WkvnsBSnmnxSGo75NShAC2fQeMaf1L0K1EqTFrick9c_q-o_KsRMyw==

GET
H2 200 RC59a3e4659ace4b35a0c334132bf75aff-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 953 B
1 KB 141ms
138ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC59a3e4659ace4b35a0c334132bf75aff-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4600e5a62e763181217e02a8d54449e58d5d1cc3a9be57aef6b6f924d6749122

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P7
age: 447
etag: "3404b8896f22654ea111e5f08bb822b0"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 953
x-amz-cf-id: yEu2Bck-brDvENOjRlgnqlfvDap03bHitrI_3vcqMa3fpXIrxU_9ug==

GET
H2 200 RC784d83fde90043148b6585239c3c84a8-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 4 KB
1 KB 141ms
139ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC784d83fde90043148b6585239c3c84a8-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4a1d629247793c9a37e72e7f72a09e6ca0e7d652244745cada2b6da93d04684

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"18d87e849d046aa9035d1ceac94e54f4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: SOI0M6rpE7MFd0uceMTGpJ1bztq4CevCkWb-pO9-uBbrQv_YQFKCOA==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
367 B 456ms
166ms XHR
application/json 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://se1.iran22.fun
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 108 KB
29 KB 501ms
200ms Script
text/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5e1075fe3b051dc5dd57d13bcce154e2db0737871b07811fc388b47be997184

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: N5QdkmaKsbL58tRdBEZTsRpvBjLOp50v
content-encoding: br
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 16:41:23 GMT
x-amz-cf-pop: EWR53-C2
age: 21
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Feb 2024 21:47:05 GMT
server: AmazonS3
etag: W/"12066f12294cef38f028e6dc52bbffe0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: ccKTejACu2kylh3G_-bP3Tejo8p66vWkQOFKcGNA2DY7yoSvcvRVHQ==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 153ms
152ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

57e1db376fddf5c515013845b14c2037cc2674ba1b13dd1a3a53c5f3cf1fe03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 16:41:42 GMT

GET
H2 200 f19e32ee-c520-11ee-9001-377c16e1b6db.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 7 KB
7 KB 76ms
75ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/f19e32ee-c520-11ee-9001-377c16e1b6db.jpg?resize=300%2C184

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd07eb5d183bdf0aed3e0d1111e2b0ecaf4cc488704353b7c381a02f32ccd324

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 182195
cf-polished: qual=85, origFmt=jpeg, origSize=9184
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="f19e32ee-c520-11ee-9001-377c16e1b6db.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 06 Feb 2024 18:52:57 GMT
server: cloudflare
x-vcache: MISS
etag: "0cd488724ea29dd5941382589aa5f82f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c29839d92ad7-LAX
expires: Tue, 11 Feb 2025 13:59:59 GMT

OPTIONS
H2 204 v2
api.viafoura.co/v2/se1.iran22.fun/bootstrap/ Frame 0
0 517ms
130ms Preflight 54.208.255.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/se1.iran22.fun/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.255.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-255-188.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://se1.iran22.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: https://se1.iran22.fun
access-control-max-age: 1728000
cache-control: max-age=0
date: Wed, 14 Feb 2024 16:41:42 GMT
expires: Wed, 14 Feb 2024 16:41:42 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 158ms
153ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

435e079ed027223638bcafc42956f4b7d249c4f783fac3e9b29a68fdd0864daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78842
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 186ms
182ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

60671b77d817e196b67d19373e7dd056cc5f23a70f3c41e32bc378a850f13575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78785
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 175ms
173ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4f848e52906e48f4d22b0e0b71b94cf7118ad9378e98c2009081dd347a56089e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70362
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 203ms
201ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5163831b302467569ebebe2f4e8ff84653289bdbadccc1a2e8ec89bd378a9093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70324
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 16:41:42 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 421ms
137ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200042-IAD, cache-lga21947-LGA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 1567ms
75ms Script
application/javascript 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: d0721ac91b973b019d6f365bafb54fe794c973f88277924c036e25a077f5feaa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 08 Feb 2024 20:24:57 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "0ca83ac178b16bd69bff070b635cd7fa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8698

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
834 B 414ms
135ms Script
application/javascript 104.117.182.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

41b98c57dbe2a6c7a9e86497f1ffcf4ca102e86480be8cef7272a55855324355

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Feb 2024 10:51:32 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65811
accept-ranges: bytes
content-length: 624

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 270ms
100ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 14 Feb 2024 16:41:42 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8D060F7AD874149A9AB9A976AB694D0 Ref B: LAXEDGE1615 Ref C: 2024-02-14T16:41:42Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 452ms
129ms Script
application/javascript 104.79.84.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.84.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-84-247.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 102576977cfbca21dfdb2c1169801f04e204ca1ed8c603c71fc9959cd0739eba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "49f1b09533b1387025b51f42c09b71f3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1865

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 679ms
134ms Script
application/javascript 18.238.59.145

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.59.145 , United States, ASN (),
Reverse DNS: server-18-238-59-145.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 08:54:04 GMT
Via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P4
Age: 28059
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: do_GQbUnfY3-EVDVSJgoWHFkIN9NnQWvmn2ivZgE-XSHW-SzZen8DA==
Expires: Thu, 15 Feb 2024 08:54:04 GMT

GET
H2 200 RC5ac9a1d70048415e9d593b52d8006a28-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 756 B
1 KB 133ms
133ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RC5ac9a1d70048415e9d593b52d8006a28-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14fed6f425b91b5a10f4cc7076eaf5f6bb4e024ae1a1cae3dd8df918dfe32f92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P7
age: 447
etag: "d53f3d0d97284d95e9f7005780caef7c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 756
x-amz-cf-id: 2hKjiZ8GqOTPk_Hqs1BikasdEYRhrVHAvzROu3QKKBqK8riajrnqtg==

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 241ms
89ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je42c0v887101457z8861227858za200&_p=1707928900802&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1124111793.1707928903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&dl=https%3A%2F%2Fse1.iran22.fun%2F&sid=1707928902&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.thestar.com%2F&epn.townnews_crm_group_id=848&ep.generator=BLOX&ep.generator_version=1.74.1&tfd=4593
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 662ms
142ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1124111793.1707928903&gtm=45je42c0v887101457z8861227858za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 380ms
369ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2123154730848665&correlator=4283689114658832&eid=31081144%2C31081146%2C31079239%2C31081088&output=ldjh&gdfp_req=1&vrg=202402070101&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C2x1%2C300x600%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1707928902724&lmt=1707928858&adxs=436%2C799%2C1055&adys=21%2C145%2C892&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fse1.iran22.fun%2F&vis=1&psz=728x-1%7C1600x-1%7C300x600&msz=728x-1%7C1600x-1%7C300x600&fws=516%2C516%2C4&ohw=1600%2C1600%2C1600&ga_vid=1124111793.1707928903&ga_sid=1707928903&ga_hid=324039876&ga_fc=true&dlt=1707928899489&idt=2704&prev_scp=pos%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dimpact-top%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26k%3Dtoronto%2520star%26page%3Dhomepage%252Capp-editorial%26environment%3Dprod%26cutpoint%3Dlarge%26permutive%3Drts%26gs_channels%3Dgx_retry%26prmtvsdk%3Dweb&adks=4245816087%2C3334131667%2C3682374077&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

cb608d1f7f20edc1312f0f0e426822173477ec1fdd75b35411e75cae0fdd575e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0
google-lineitem-id: -2,6395607082,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138445168598,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A27 6 KB
3 KB 464ms
153ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 16:41:43 GMT
expires: Thu, 13 Feb 2025 16:41:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s11967056645191
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.25.0-LDQM/ 43 B
202 B 95ms
94ms Image
image/gif 63.140.37.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.25.0-LDQM/s11967056645191?AQB=1&ndh=1&pf=1&t=14%2F1%2F2024%206%3A41%3A42%203%20600&mid=30018254756618608813615216093572110220&aamlh=9&ce=UTF-8&ns=torstardigital&cdp=2&fpCookieDomainPeriods=2&pageName=thestar%7Chome&g=https%3A%2F%2Fse1.iran22.fun%2F&cc=CAD&ch=home&server=thestar.com&events=event72&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=D%3D%2B%22thestar%7C%22%2Bh2&c2=home&h2=home&c4=D%3Dg&v4=D%3Dg&c9=breaking%20news%20-%20headlines%20%26%20top%20stories%20%7C%20the%20star&v15=landscape&v16=standard-web-experience&c18=no&c19=D%3Dserver&c24=desktop&c26=not-specified&v29=https%3A%2F%2Fwww.thestar.com%2F&c43=toronto&v49=D%3DpageName&c51=no-adblock-detected&c55=D%3Dmid&c56=no&c57=home&c70=D%3Dserver&v71=571772d1-93ad-4bdc-ae9e-318b96da0bcc&v79=no&v80=no&v83=no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&AQE=1

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.37.206 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-37-206.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 16:41:42 GMT
server: jag
etag: 3667749389878132736-4617775398372469755
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2024 16:41:42 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 36 B
91 B 222ms
221ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:42 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 174 KB
23 KB 739ms
587ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: ec35831599e14f0d72fe7b1453574dfa33431de499721e4345691a6d11809a97

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 183 KB
27 KB 655ms
505ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a238524a90b422b3c42822dd4233a4c4f53a82f7053ce1a1fccd5824e6212926

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 174 KB
25 KB 654ms
504ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: c92834a2998d0bf2b43cf656569766e5918a0304381c0e2815dd35316150b202

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 188 KB
28 KB 758ms
609ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 9bbe7f68d7b49ec81d9a5adceef1d9b6e0bff795be5d090a61e5047f16b3757d

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 189 KB
25 KB 526ms
378ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 7670a59a7daa5523caf0636cf74acafd08165f2e1b9fe877185dad505a8bc24f

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 162 KB
27 KB 600ms
452ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 31c96b7744aa69e231b316fbc4c6d801bfb8e762f65a61eacab22387f1ca1e50

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 173 KB
24 KB 744ms
531ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: b856b8bb6238c3b4ae933aed9036f6616075289caf808e807f91f45f70decdb0

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 179 KB
26 KB 705ms
494ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/model
Requested by: Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/7noslr035pfb0mvo-nbc.js?ts=474424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: edbe87a19fccef2378490eeb1bfeb0e8adbcbbfb28e9cb517d9a2e3a3e7df7a5

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 152ms
150ms XHR
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=324039876&t=pageview&_s=1&dl=https%3A%2F%2Fse1.iran22.fun%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCACAAI~&jid=917192080&gjid=1216202395&cid=1124111793.1707928903&tid=UA-54716522-7&_gid=1860354281.1707928903&_slc=1&gtm=45He42c0n71PDQV3Nv72758733za200&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.thestar.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=817&gcd=13l3l3l3l1&dma=0&z=153814139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 544ms
140ms XHR
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=1124111793.1707928903&jid=917192080&gjid=1216202395&_gid=1860354281.1707928903&_u=YCDAgUABAAQCAGAAI~&z=1226616687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Feb 2024 16:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RCf9fbf93615df4b4aa748e2328a706496-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 13 KB
3 KB 134ms
131ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RCf9fbf93615df4b4aa748e2328a706496-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d040f1ed8f372771c39d02cc9b3a67aacd07e097c5bd38bb249a74eeb7678861

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-P7
etag: W/"72887a239465561844e9de59f0a07e94"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 447
x-amz-cf-id: AHSC4rtdvfnFdXTuHJZVPMagdki4TAvjDD9Z4e0t9u--GE4DcTFB-A==

GET
H2 200 RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/ 621 B
985 B 135ms
133ms Script
text/javascript 18.173.166.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/e7dedc8b87e1/RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.166.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-166-2.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f198836de6a934158b2fefb5e628f5a48b0d2b975c1531af2e823de9ad68daff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:34:16 GMT
x-amz-version-id: null
via: 1.1 e310f7e63a4f82a466ec0d5a5d825aa8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 16:32:42 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P7
age: 447
etag: "91b7e652440f61657aebfd0339cecde5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 621
x-amz-cf-id: N5IRzK3S3uc7F2196MBDf7C0xwVCzhUZlnZi0E0agdeXNL9m07YrSw==

GET
H2 200 m=W93Wdc Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L... Frame F1A3 131 KB
44 KB 154ms
144ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI52sJCz6uQGB_SXocShkhRKdLNRXQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/am=wKAZ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5GHYQKgJp3x1Waccz383DuBIP3jA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

506b355f0131ad4c98708ea927cd780c11e039af311d1a2b855d5c5fab6d61df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45264
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 09:16:59 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L... Frame F1A3 5 KB
2 KB 172ms
165ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI52sJCz6uQGB_SXocShkhRKdLNRXQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

e9636f359cd4408dd8d0898ef844c4784553764159f66ce7c429ba62d772a766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2240
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 09:01:03 GMT

GET
H2 204 13008914.js Show response
bat.bing.com/p/action/ 0
116 B 110ms
99ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 14 Feb 2024 16:41:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 684A4414A6FA4B0B9F99B712455D398E Ref B: LAXEDGE1615 Ref C: 2024-02-14T16:41:42Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 143ms
142ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=144e4d1e-8a1f-4c16-a454-a993bece901d&sid=ef1d41e0cb5711eea8f6db4e3774c102&vid=ef1e1780cb5711ee9ce28fddf7aed79d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&kw=toronto%20star&p=https%3A%2F%2Fse1.iran22.fun%2F&r=&lt=4017&evt=pageLoad&sv=1&rn=595332

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Feb 2024 16:41:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA4F6F76F16D45D7B08D06AF7A0FAA5A Ref B: LAXEDGE1615 Ref C: 2024-02-14T16:41:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 4 KB
1 KB 3529ms
206ms Fetch
application/json 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8b88b817bb9842c3a440c3bf5a377863eaec2de43f66340fd7c3ef053f7ee66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: _6iKRvM.Nc81ElVBbaVGniY1Nrh7b_HY
content-encoding: br
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 16:35:39 GMT
x-amz-cf-pop: EWR53-C2
age: 368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Feb 2024 19:57:38 GMT
server: AmazonS3
etag: W/"d9376493933ff3817b5999882be3b428"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: fKEa6EO-FmN6SZ4wX5u3v1QbAuZRh4EHeSL6r6UfhSyQ7Gk4IvTpPA==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 270 KB
91 KB 162ms
161ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ce2d7970ab159e46de9664b3f75d6d3f0120cf58600a2cae66bac58149820027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92891
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 16:41:43 GMT

GET
H2

200

activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafv... Show response
10230056.fls.doubleclick.net/ Frame 23C5
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;u...
https://10230056.fls.doubleclick.net/activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za20...

490 B
494 B

214ms
213ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

e0881f84b54605a731552d09d56cdbffb85400d9871fb73240793fc4782d299a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 16:41:43 GMT
expires: Wed, 14 Feb 2024 16:41:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 16:41:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
2 KB 451ms
165ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1707928903051&cv=11&fst=1707928903051&bg=ffffff&guid=ON&async=1&gtm=45be42c0v867836103za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fse1.iran22.fun%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&pscdl=noapi&auid=1053461465.1707928902&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9bc0d41b4d9aed2e4002fe9afb20a51343fc9ed6f42085ab9081013af8f8a9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 131ms
130ms Script
application/javascript 104.117.182.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 294
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Feb 2024 10:51:31 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65811
accept-ranges: bytes
content-length: 15732

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 3534ms
210ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-90.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 16:49:58 GMT
content-encoding: gzip
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 85909
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DKIyweZ0hhoiRElWkvjmsNiWvLqnHLtQYC2u8Qv8ghWfJT4NpXTy3Q==

GET
H2 200 adsct
t.co/1/i/ 43 B
375 B 288ms
98ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=736dddb8-9eaf-49ba-ae91-98a8aee9fd3e&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4024ed0d-df06-47a5-98eb-6008f7ede19d&tw_document_href=https%3A%2F%2Fse1.iran22.fun%2F&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=0
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 1fe2be8cab70ce54
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 70dfa9ef95d31ec5dcad3f81de7cf9ffb521d260393474a2bbe66c38d18161b1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 1303ms
96ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=736dddb8-9eaf-49ba-ae91-98a8aee9fd3e&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4024ed0d-df06-47a5-98eb-6008f7ede19d&tw_document_href=https%3A%2F%2Fse1.iran22.fun%2F&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Feb 2024 16:41:44 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: e500e33f3551d668
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: d39a3f94c216daccf65cf65f5af38cceb5e1a6f1c11d1540915a44d95754f98d
content-length: 43

GET
H2 200 main.23bc7c79.js Show response
s.pinimg.com/ct/lib/ 64 KB
18 KB 191ms
189ms Script
application/javascript 104.79.84.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.84.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-84-247.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 15206059b1193773426292f9308891fa641157df77b08524ff746eb44c3165b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cbabad732da8f3d054a3ab25fec80718"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18522

GET
H2 200 m=LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L... Frame F1A3 236 B
253 B 139ms
138ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI52sJCz6uQGB_SXocShkhRKdLNRXQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 08:56:53 GMT

GET
H2 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L... Frame F1A3 1 KB
888 B 138ms
138ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI52sJCz6uQGB_SXocShkhRKdLNRXQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

13b042f6067d50d2fbdd7d9aec7e1ed264b592621945c0817af7414820508560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 03:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 03:21:23 GMT

GET
H2 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L... Frame F1A3 19 KB
6 KB 139ms
139ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI52sJCz6uQGB_SXocShkhRKdLNRXQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

e87ac06db3a497bf3387aefe664b602447c7f686fbc596f3764f4b24b7b7f0ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6507
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 08:59:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDA9 0
0 202ms
201ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDa1FD8AuGdCeGrOtCCy5-EUqmSDbN4LBsRzU77gWk6dsJdNY6k72x_Aagxb3OD7hX3xPHT1sBaKD9Bdkp8Mj_VqA-f5zfLVec-BkpNDYlxvZQ1IQcTIYpzOX0LZ4wyuqsyGScmi-l2uDZib41_cPsJmaUWh19l9FFUikxDJIVqLHzV5wFbBhO500bB5ns97R0qiM9L2sIBM2SEN9F9kTvoEhe9yePtW4b4HJhM3HXkm9Z-XqEO7vQ9UK91qRG_Is5awRbHi23UP-lMnssH3gMj9bp5mvhOMHa2HyEOGzfSbWrIrfzjNn9SK8mwtONGTOo0w8RyS1Rj3vRdBIGgWI8JCb7mP3qvufbbdk&sai=AMfl-YQ3xOkmaGD2zCERPMvH9jxG4rJkiKZy3zi6ZcF2eM61i7bX3LkAxyrBTLtuVXIBarolUaK2Dkuf3_xA6yLsJTQKZp6xzo2IMB6ueba7ldgAG20pFNq7HvzT5Z5xqNP5pc3zLDC20HS20qfLUHorbT-V&sig=Cg0ArKJSzG_ycG_UbSY9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Feb 2024 16:41:43 GMT

GET
H/1.1 200
OK pub.js Show response
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/ Frame BDA9 35 KB
35 KB 560ms
114ms Script
application/javascript 52.218.132.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.132.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 65b0df417f0b51c3142aac8035a3a5f35a58a6b6fcfe4473fe48a9b8d3f16f2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 16:41:44 GMT
Last-Modified: Mon, 12 Feb 2024 15:44:58 GMT
Server: AmazonS3
x-amz-request-id: J0ZGZ38GMSVVTKRD
ETag: "3e4a487301924e05c34bb7a764e5e51b"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 35682
x-amz-id-2: eiFiX2tptDPImcA7b/Hb7lcKHqWtfxQwFbs0xlVaW9hV75q+71EE3+YbXIYVw+cD6IWAxEF/Nnc=

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDA9 204 KB
65 KB 450ms
166ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

sffe /

Resource Hash

73aa571c99c135b50ec78a42411ff31e823251e88739b22a249e3f8110c5877b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65897
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707770302313459"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 16:41:43 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame F1A3 140 B
173 B 200ms
199ms XHR
application/json 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-6440774735667686453&bl=boq_subscribewithgoogleclientserver_20240211.09_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=24104&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

57a7651847084ab1f4e168511f77643b223b6411c60a7285d7efe1afedc6bd04

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 76ms
73ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je42c0v873043922z89101115636za200&_p=1707928900802&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1124111793.1707928903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707928903&sct=1&seg=0&dl=https%3A%2F%2Fse1.iran22.fun%2F&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=FCP&_fv=1&_ss=1&ep.web_vitals_measurement_name=FCP&ep.web_vitals_measurement_id=v3-1707928902902-4805737821039&epn.web_vitals_measurement_value=3212.800003051758&epn.value=3212.800003051758&ep.CWV_Rating=poor&epn.web_vitals_measurement_value2=3212.800003051758&ep.web_vitals_element=&tfd=5270
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 142ms
140ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=1124111793.1707928903&gtm=45je42c0v873043922z89101115636za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://se1.iran22.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
128 B 217ms
216ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 9867ad0515e39b35aec7cb2dcfc447a2a9c12cc76b711345a57e6c15bdfea6fc

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://se1.iran22.fun
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1707928903337%26url%3Dhttps%253A%252F%252Fse1.iran22.fun%252F%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F&cookiesTest=true&liSync=true

0
385 B

118ms
116ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F&cookiesTest=true&liSync=true
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:44 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6D27EBC0DCC14418BC6B3F514F45224E Ref B: LAX311000109051 Ref C: 2024-02-14T16:41:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRWi+ilaHW15dTuoUZrw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 16:41:43 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYRWi+gWeg17SnaRRsDgg==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 882F8D3CF6FB4E7CA019F8D6370E1B3A Ref B: LAX311000109051 Ref C: 2024-02-14T16:41:44Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1707928903337&url=https%3A%2F%2Fse1.iran22.fun%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L... Frame F1A3 108 KB
36 KB 142ms
142ms Script
text/javascript 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.udL53IPJcF4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.s7-QuAdcpMw.L.B1.O/am=wKAZ/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI52sJCz6uQGB_SXocShkhRKdLNRXQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

ee6476ad283e25475f35ace64690205f251e344e2206c38a7f5f3041ef6bc9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 07:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37208
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 05:50:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 07:48:28 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 1440ms
138ms Script
application/javascript 18.164.101.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-101-60.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Feb 2024 08:58:03 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
x-amz-cf-pop: JFK50-P5
age: 27821
etag: W/"62b5164f-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: lbbbNp3FhE8t1zKaUETxF8lpNSZ8hi1zMBpbiI3O8NQsTiqrjZ_lmA==
expires: Thu, 15 Feb 2024 08:58:03 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
436 B 1400ms
144ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612846434758&cb=1707928903385&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:44 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1628033045473711
content-length: 174
pin-unauth: dWlkPU1XUTJOamxrTnpVdFlUZzRPUzAwTUdZNExUZzJZalF0WlRnM1lUaGxNak15WldReg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://se1.iran22.fun
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5e9185f4784a1f462245b4a8b4bb295a1429c36e
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
399 B 1398ms
143ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fse1.iran22.fun%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2223bc7c79%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1707928903386
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:44 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 875f2e02e50c112557997c9ed58d87a8d887f4ed
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1040375541365892
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
455 B 460ms
156ms Image
image/gif 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1707928903051&cv=11&fst=1707926400000&bg=ffffff&guid=ON&async=1&gtm=45be42c0v867836103za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fse1.iran22.fun%2F&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_7rLbQHoEO3SwUkWanI7ud5RojYQD8w&random=4076346898&rmt_tld=0&ipr=y

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 342ms
201ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5584&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=12&jsfv=nbc&ts=1707928903751&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=800&w=Recommended&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fheres-how-much-snow-is-coming-to-toronto-this-week%2Farticle_4dae5c8a-ca76-11ee-9a69-9b5343fdb8e1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays%2Farticle_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fwelcome-home-jon-stewart-late-night-tv-and-sanity-needs-you%2Farticle_fb8f73ee-caa7-11ee-af73-937be5f86f23.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fprotest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau%2Farticle_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fgardiner-expressway-reduced-to-two-lanes-for-the-next-3-years%2Farticle_1f394842-ca8f-11ee-88f8-eb455af10340.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fit-felt-like-home-beloved-pickle-barrel-location-shutters-after-more-than-50-years%2Farticle_3ebbb2c4-c75e-11ee-8e4f-df444adef2cd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fpierre-poilievre-can-dish-it-out-why-cant-he-take-it%2Farticle_541f230e-c9e2-11ee-bb71-77dfb5e88928.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 335ms
196ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5613&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=12&jsfv=nbc&ts=1707928903755&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=Recommended&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fheres-how-much-snow-is-coming-to-toronto-this-week%2Farticle_4dae5c8a-ca76-11ee-9a69-9b5343fdb8e1.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fheres-how-much-snow-is-coming-to-toronto-this-week%2Farticle_4dae5c8a-ca76-11ee-9a69-9b5343fdb8e1.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays%2Farticle_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fwelcome-home-jon-stewart-late-night-tv-and-sanity-needs-you%2Farticle_fb8f73ee-caa7-11ee-af73-937be5f86f23.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fprotest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau%2Farticle_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fgardiner-expressway-reduced-to-two-lanes-for-the-next-3-years%2Farticle_1f394842-ca8f-11ee-88f8-eb455af10340.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fit-felt-like-home-beloved-pickle-barrel-location-shutters-after-more-than-50-years%2Farticle_3ebbb2c4-c75e-11ee-8e4f-df444adef2cd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fpierre-poilievre-can-dish-it-out-why-cant-he-take-it%2Farticle_541f230e-c9e2-11ee-bb71-77dfb5e88928.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 339ms
199ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5613&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=12&jsfv=nbc&ts=1707928903756&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=Recommended&source=LI&st=5613&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2Fheres-how-much-snow-is-coming-to-toronto-this-week%2Farticle_4dae5c8a-ca76-11ee-9a69-9b5343fdb8e1.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 339ms
200ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5622&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=22&jsfv=nbc&ts=1707928903756&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=839&w=business&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fa-canada-thing-popular-menu-hack-convinces-a-w-to-offer-south-asian-style-sandwich%2Farticle_f1ef04f6-b0e7-5565-ab16-de5a244618d4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2Fwhere-are-you-more-productive-in-the-office-or-working-remotely-the-verdict-is-in%2Farticle_b040c3b2-c083-11ee-86d8-03f3af704357.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fhow-much-are-canadians-paying-per-month-on-average-to-own-a-car-heres-what%2Farticle_a457f8e2-c2bb-11ee-b93b-2f3e8fa2fb1d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcpa-canada-cuts-20-of-workforce-ahead-of-split-with-ontario-and-quebec%2Farticle_aa531dc3-03f9-5823-98e7-41c40200176a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fnot-a-viable-business-anymore-bell-media-selling-45-radio-stations-amid-layoffs%2Farticle_59a7d1cd-4fb8-5494-9dd6-01b6d3b96364.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Fthe-great-wealth-transfer-how-adult-kids-can-start-talking-to-their-parents-about-it%2Farticle_5b137f41-f963-54f9-9de8-39d45665d79b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Floss-leaders-how-grocery-stores-get-shoppers-in-the-door-entice-them-to-spend-more%2Farticle_08effca1-ec96-541e-8c5f-09ceb8cdf7b6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Finvesting-101-the-basics-of-getting-your-money-to-grow%2Farticle_54e79599-cc21-587c-a961-56a03878f865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Four-ultimate-toronto-project-massive-crystalline-skyscraper-coming-to-the-heart-of-downtown%2Farticle_e5e5bc0e-bf87-11ee-84be-4323615a9710.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fapple-agrees-to-pay-14-million-battery-settlement-canadian-iphone-owners-can-apply-for-up%2Farticle_1e7c82ae-b093-11ee-9fa2-3300fa5b7462.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fikea-canada-is-cutting-prices-on-over-1-500-products-here-s-why%2Farticle_f0007228-bc6d-11ee-851b-97ce83515f28.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 328ms
191ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5640&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=22&jsfv=nbc&ts=1707928903756&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=business&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fa-canada-thing-popular-menu-hack-convinces-a-w-to-offer-south-asian-style-sandwich%2Farticle_f1ef04f6-b0e7-5565-ab16-de5a244618d4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2Fwhere-are-you-more-productive-in-the-office-or-working-remotely-the-verdict-is-in%2Farticle_b040c3b2-c083-11ee-86d8-03f3af704357.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fhow-much-are-canadians-paying-per-month-on-average-to-own-a-car-heres-what%2Farticle_a457f8e2-c2bb-11ee-b93b-2f3e8fa2fb1d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcpa-canada-cuts-20-of-workforce-ahead-of-split-with-ontario-and-quebec%2Farticle_aa531dc3-03f9-5823-98e7-41c40200176a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fnot-a-viable-business-anymore-bell-media-selling-45-radio-stations-amid-layoffs%2Farticle_59a7d1cd-4fb8-5494-9dd6-01b6d3b96364.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fa-canada-thing-popular-menu-hack-convinces-a-w-to-offer-south-asian-style-sandwich%2Farticle_f1ef04f6-b0e7-5565-ab16-de5a244618d4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2Fwhere-are-you-more-productive-in-the-office-or-working-remotely-the-verdict-is-in%2Farticle_b040c3b2-c083-11ee-86d8-03f3af704357.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fhow-much-are-canadians-paying-per-month-on-average-to-own-a-car-heres-what%2Farticle_a457f8e2-c2bb-11ee-b93b-2f3e8fa2fb1d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcpa-canada-cuts-20-of-workforce-ahead-of-split-with-ontario-and-quebec%2Farticle_aa531dc3-03f9-5823-98e7-41c40200176a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fnot-a-viable-business-anymore-bell-media-selling-45-radio-stations-amid-layoffs%2Farticle_59a7d1cd-4fb8-5494-9dd6-01b6d3b96364.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Fthe-great-wealth-transfer-how-adult-kids-can-start-talking-to-their-parents-about-it%2Farticle_5b137f41-f963-54f9-9de8-39d45665d79b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Floss-leaders-how-grocery-stores-get-shoppers-in-the-door-entice-them-to-spend-more%2Farticle_08effca1-ec96-541e-8c5f-09ceb8cdf7b6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal-finance%2Finvesting-101-the-basics-of-getting-your-money-to-grow%2Farticle_54e79599-cc21-587c-a961-56a03878f865.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Four-ultimate-toronto-project-massive-crystalline-skyscraper-coming-to-the-heart-of-downtown%2Farticle_e5e5bc0e-bf87-11ee-84be-4323615a9710.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fapple-agrees-to-pay-14-million-battery-settlement-canadian-iphone-owners-can-apply-for-up%2Farticle_1e7c82ae-b093-11ee-9fa2-3300fa5b7462.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fikea-canada-is-cutting-prices-on-over-1-500-products-here-s-why%2Farticle_f0007228-bc6d-11ee-851b-97ce83515f28.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 240ms
105ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5640&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=22&jsfv=nbc&ts=1707928903756&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=business&source=LI&st=5640&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fctv-cancelling-most-noon-and-weekend-newscasts-as-bell-cuts-4-800-jobs-heres-what%2Farticle_abe5d964-c6ab-11ee-800a-0b227e178666.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fa-canada-thing-popular-menu-hack-convinces-a-w-to-offer-south-asian-style-sandwich%2Farticle_f1ef04f6-b0e7-5565-ab16-de5a244618d4.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2Fwhere-are-you-more-productive-in-the-office-or-working-remotely-the-verdict-is-in%2Farticle_b040c3b2-c083-11ee-86d8-03f3af704357.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fhow-much-are-canadians-paying-per-month-on-average-to-own-a-car-heres-what%2Farticle_a457f8e2-c2bb-11ee-b93b-2f3e8fa2fb1d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fcpa-canada-cuts-20-of-workforce-ahead-of-split-with-ontario-and-quebec%2Farticle_aa531dc3-03f9-5823-98e7-41c40200176a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fnot-a-viable-business-anymore-bell-media-selling-45-radio-stations-amid-layoffs%2Farticle_59a7d1cd-4fb8-5494-9dd6-01b6d3b96364.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 333ms
197ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5644&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=25&jsfv=nbc&ts=1707928903756&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=862&w=canada&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fprotest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau%2Farticle_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-has-a-car-theft-epidemic-here-are-simple-ways-to-protect-your-vehicle-from%2Farticle_356e7786-ca76-11ee-ab3b-630b7f0e0162.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fslain-manitoba-family-identified-in-obituary-remembered-as-beautiful-souls%2Farticle_be5acf86-b2ba-52d4-8187-4bfc316a7203.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fford-government-facing-lawsuit-over-expansion-of-pickering-care-home-where-dozens-died-during-covid%2Farticle_6e8ad4ee-ca7e-11ee-9118-a7c929cdd23a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fanger-in-n-l-after-rental-company-links-song-ise-the-b-y-with-squealing%2Farticle_f7f66334-53dd-58d1-afe5-5456aee36528.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fhistoric-n-s-storm-woman-dies-after-snow-falls-on-propane-line-outside-seniors-home%2Farticle_648ac784-ffbc-5fe0-9463-465fa6a38914.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-cant-find-a-way-out-for-palestinians-who-grow-desperate-in-gaza-where-will%2Farticle_2d2225da-c78a-11ee-a97f-1bc46444291a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Funtenable-and-appalling-crisis-ottawa-must-fill-judicial-vacancies-plaguing-lower-courts-federal-court-rules%2Farticle_68cee7f8-ca82-11ee-b2d8-cb85608d06d6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fhuge-snowstorm-sweeps-across-atlantic-canada-forcing-closures-and-cancellations%2Farticle_0d594ed0-10a5-52d0-bb4b-eb82f3e1ef73.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Froyal-ontario-museum-to-redesign-main-floor-which-will-be-free-for-visitors%2Farticle_7a7c39b5-7ba4-5464-a885-2259b282a6dd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcheese-products-salad-kits-sold-at-loblaw-and-costco-stores-in-canada-recalled-for-risk%2Farticle_c89193fa-c683-11ee-9e52-338118591042.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fwe-have-a-very-large-problem-why-ontario-is-dealing-with-syphilis-rates-it-hasnt%2Farticle_3436f69e-c6a8-11ee-bd88-e34dac0de87a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fn-s-board-rules-for-two-week-suspension-of-officer-who-arrested-couple-in-park%2Farticle_9e7eb8c1-a6cd-59c2-a8d9-b96ddf49dfab.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fdental-providers-arent-smiling-about-reimbursement-under-federal-plan%2Farticle_aa45b64a-d7ff-5210-a5ff-b506becd819b.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 238ms
104ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5650&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=25&jsfv=nbc&ts=1707928903757&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=canada&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fprotest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau%2Farticle_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-has-a-car-theft-epidemic-here-are-simple-ways-to-protect-your-vehicle-from%2Farticle_356e7786-ca76-11ee-ab3b-630b7f0e0162.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fslain-manitoba-family-identified-in-obituary-remembered-as-beautiful-souls%2Farticle_be5acf86-b2ba-52d4-8187-4bfc316a7203.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fford-government-facing-lawsuit-over-expansion-of-pickering-care-home-where-dozens-died-during-covid%2Farticle_6e8ad4ee-ca7e-11ee-9118-a7c929cdd23a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fanger-in-n-l-after-rental-company-links-song-ise-the-b-y-with-squealing%2Farticle_f7f66334-53dd-58d1-afe5-5456aee36528.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fhistoric-n-s-storm-woman-dies-after-snow-falls-on-propane-line-outside-seniors-home%2Farticle_648ac784-ffbc-5fe0-9463-465fa6a38914.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-cant-find-a-way-out-for-palestinians-who-grow-desperate-in-gaza-where-will%2Farticle_2d2225da-c78a-11ee-a97f-1bc46444291a.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fprotest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau%2Farticle_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-has-a-car-theft-epidemic-here-are-simple-ways-to-protect-your-vehicle-from%2Farticle_356e7786-ca76-11ee-ab3b-630b7f0e0162.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fslain-manitoba-family-identified-in-obituary-remembered-as-beautiful-souls%2Farticle_be5acf86-b2ba-52d4-8187-4bfc316a7203.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fford-government-facing-lawsuit-over-expansion-of-pickering-care-home-where-dozens-died-during-covid%2Farticle_6e8ad4ee-ca7e-11ee-9118-a7c929cdd23a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fanger-in-n-l-after-rental-company-links-song-ise-the-b-y-with-squealing%2Farticle_f7f66334-53dd-58d1-afe5-5456aee36528.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fhistoric-n-s-storm-woman-dies-after-snow-falls-on-propane-line-outside-seniors-home%2Farticle_648ac784-ffbc-5fe0-9463-465fa6a38914.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-cant-find-a-way-out-for-palestinians-who-grow-desperate-in-gaza-where-will%2Farticle_2d2225da-c78a-11ee-a97f-1bc46444291a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Funtenable-and-appalling-crisis-ottawa-must-fill-judicial-vacancies-plaguing-lower-courts-federal-court-rules%2Farticle_68cee7f8-ca82-11ee-b2d8-cb85608d06d6.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fhuge-snowstorm-sweeps-across-atlantic-canada-forcing-closures-and-cancellations%2Farticle_0d594ed0-10a5-52d0-bb4b-eb82f3e1ef73.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Froyal-ontario-museum-to-redesign-main-floor-which-will-be-free-for-visitors%2Farticle_7a7c39b5-7ba4-5464-a885-2259b282a6dd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcheese-products-salad-kits-sold-at-loblaw-and-costco-stores-in-canada-recalled-for-risk%2Farticle_c89193fa-c683-11ee-9e52-338118591042.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fwe-have-a-very-large-problem-why-ontario-is-dealing-with-syphilis-rates-it-hasnt%2Farticle_3436f69e-c6a8-11ee-bd88-e34dac0de87a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fn-s-board-rules-for-two-week-suspension-of-officer-who-arrested-couple-in-park%2Farticle_9e7eb8c1-a6cd-59c2-a8d9-b96ddf49dfab.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fdental-providers-arent-smiling-about-reimbursement-under-federal-plan%2Farticle_aa45b64a-d7ff-5210-a5ff-b506becd819b.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 330ms
196ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5650&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=25&jsfv=nbc&ts=1707928903757&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=canada&source=LI&st=5650&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fprotest-outside-mount-sinai-hospital-reprehensible-show-of-antisemitism-trudeau%2Farticle_e5f3ad96-40e0-5bb8-bf22-b50e2973db33.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-has-a-car-theft-epidemic-here-are-simple-ways-to-protect-your-vehicle-from%2Farticle_356e7786-ca76-11ee-ab3b-630b7f0e0162.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fslain-manitoba-family-identified-in-obituary-remembered-as-beautiful-souls%2Farticle_be5acf86-b2ba-52d4-8187-4bfc316a7203.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fford-government-facing-lawsuit-over-expansion-of-pickering-care-home-where-dozens-died-during-covid%2Farticle_6e8ad4ee-ca7e-11ee-9118-a7c929cdd23a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fanger-in-n-l-after-rental-company-links-song-ise-the-b-y-with-squealing%2Farticle_f7f66334-53dd-58d1-afe5-5456aee36528.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fhistoric-n-s-storm-woman-dies-after-snow-falls-on-propane-line-outside-seniors-home%2Farticle_648ac784-ffbc-5fe0-9463-465fa6a38914.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fcanada-cant-find-a-way-out-for-palestinians-who-grow-desperate-in-gaza-where-will%2Farticle_2d2225da-c78a-11ee-a97f-1bc46444291a.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 332ms
198ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5654&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=29&jsfv=nbc&ts=1707928903757&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=873&w=politics&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fconservative-motion-backed-by-ndp-produced-40m-in-regulatory-relief-for-bell%2Farticle_2bc47172-5c9b-53a6-bc84-b8f3aa1c335f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fpierre-poilievre-can-dish-it-out-why-cant-he-take-it%2Farticle_541f230e-c9e2-11ee-bb71-77dfb5e88928.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftoronto-conservatives-accuse-federal-party-of-undemocratic-meddling-in-nomination-of-karen-stintz%2Farticle_41c12f9e-ca97-11ee-b053-bfe1144ebe4b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-blames-stephen-harper-cuts-for-auto-theft-issue-as-ottawa-moves-to-ban%2Farticle_bc662988-c6ba-11ee-aba9-0b4ecdd4dcaf.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-and-pierre-poilievre-have-found-a-common-enemy-for-whats-wrong-with-canada%2Farticle_db7ba512-c789-11ee-92f1-77940a32944d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-adviser-defends-use-of-crude-language-in-online-exchange-with-right-wing-group%2Farticle_ae84cc8a-bedf-11ee-ab27-df4b248eb880.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjagmeet-singh-on-his-new-babys-name-and-why-he-regrets-biking-with-doug-ford%2Farticle_d5413c80-c20b-11ee-bb97-6fb5458bea3b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F10-000-ontario-patients-cut-loose-because-of-staffing-shortages%2Farticle_ed9ad508-bc74-11ee-b5ed-b3befb843bae.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fwhat-doug-ford-insiders-say-about-danielle-smiths-plan-for-transgender-rights-and-what-it%2Farticle_8c12fc38-c503-11ee-ba99-9330f15ddf32.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Farbitrator-awards-2-75-pay-raise-to-ontarios-public-school-teachers%2Farticle_16715594-c6c3-11ee-97ae-07fd254289c3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fcanada-announces-ukraine-60m-for-f-16-supplies-and-equipment-ahead-of-nato-meeting%2Farticle_bbcbdc79-cdf4-52eb-abe3-f75fcded8e15.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 330ms
196ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5661&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=29&jsfv=nbc&ts=1707928903758&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=politics&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fconservative-motion-backed-by-ndp-produced-40m-in-regulatory-relief-for-bell%2Farticle_2bc47172-5c9b-53a6-bc84-b8f3aa1c335f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fpierre-poilievre-can-dish-it-out-why-cant-he-take-it%2Farticle_541f230e-c9e2-11ee-bb71-77dfb5e88928.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftoronto-conservatives-accuse-federal-party-of-undemocratic-meddling-in-nomination-of-karen-stintz%2Farticle_41c12f9e-ca97-11ee-b053-bfe1144ebe4b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-blames-stephen-harper-cuts-for-auto-theft-issue-as-ottawa-moves-to-ban%2Farticle_bc662988-c6ba-11ee-aba9-0b4ecdd4dcaf.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-and-pierre-poilievre-have-found-a-common-enemy-for-whats-wrong-with-canada%2Farticle_db7ba512-c789-11ee-92f1-77940a32944d.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fconservative-motion-backed-by-ndp-produced-40m-in-regulatory-relief-for-bell%2Farticle_2bc47172-5c9b-53a6-bc84-b8f3aa1c335f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fpierre-poilievre-can-dish-it-out-why-cant-he-take-it%2Farticle_541f230e-c9e2-11ee-bb71-77dfb5e88928.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftoronto-conservatives-accuse-federal-party-of-undemocratic-meddling-in-nomination-of-karen-stintz%2Farticle_41c12f9e-ca97-11ee-b053-bfe1144ebe4b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-blames-stephen-harper-cuts-for-auto-theft-issue-as-ottawa-moves-to-ban%2Farticle_bc662988-c6ba-11ee-aba9-0b4ecdd4dcaf.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-and-pierre-poilievre-have-found-a-common-enemy-for-whats-wrong-with-canada%2Farticle_db7ba512-c789-11ee-92f1-77940a32944d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-adviser-defends-use-of-crude-language-in-online-exchange-with-right-wing-group%2Farticle_ae84cc8a-bedf-11ee-ab27-df4b248eb880.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjagmeet-singh-on-his-new-babys-name-and-why-he-regrets-biking-with-doug-ford%2Farticle_d5413c80-c20b-11ee-bb97-6fb5458bea3b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F10-000-ontario-patients-cut-loose-because-of-staffing-shortages%2Farticle_ed9ad508-bc74-11ee-b5ed-b3befb843bae.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fwhat-doug-ford-insiders-say-about-danielle-smiths-plan-for-transgender-rights-and-what-it%2Farticle_8c12fc38-c503-11ee-ba99-9330f15ddf32.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Farbitrator-awards-2-75-pay-raise-to-ontarios-public-school-teachers%2Farticle_16715594-c6c3-11ee-97ae-07fd254289c3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fcanada-announces-ukraine-60m-for-f-16-supplies-and-equipment-ahead-of-nato-meeting%2Farticle_bbcbdc79-cdf4-52eb-abe3-f75fcded8e15.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 315ms
184ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5661&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=29&jsfv=nbc&ts=1707928903758&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=politics&source=LI&st=5661&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2Fdoug-ford-government-scrapping-licence-plate-renewals%2Farticle_2d7ceb3e-ca71-11ee-8bb4-a7ecf1501a2d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fconservative-motion-backed-by-ndp-produced-40m-in-regulatory-relief-for-bell%2Farticle_2bc47172-5c9b-53a6-bc84-b8f3aa1c335f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fpierre-poilievre-can-dish-it-out-why-cant-he-take-it%2Farticle_541f230e-c9e2-11ee-bb71-77dfb5e88928.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Ftoronto-conservatives-accuse-federal-party-of-undemocratic-meddling-in-nomination-of-karen-stintz%2Farticle_41c12f9e-ca97-11ee-b053-bfe1144ebe4b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-blames-stephen-harper-cuts-for-auto-theft-issue-as-ottawa-moves-to-ban%2Farticle_bc662988-c6ba-11ee-aba9-0b4ecdd4dcaf.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2Fjustin-trudeau-and-pierre-poilievre-have-found-a-common-enemy-for-whats-wrong-with-canada%2Farticle_db7ba512-c789-11ee-92f1-77940a32944d.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 330ms
200ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5665&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=32&jsfv=nbc&ts=1707928903758&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=883&w=world&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrumps-pick-to-lead-the-rnc-is-facing-skepticism-from-some-republicans%2Farticle_a95e83be-9251-5ba1-8ce8-ad6db0d7cba9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fjill-biden-sends-valentines-day-love-to-americans-with-an-art-display-on-the-white%2Farticle_8ff62d1d-00ab-5b54-8696-e8880cdce768.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fusher-and-longtime-partner-jenn-goicoechea-married-after-the-super-bowl-records-show%2Farticle_ab1cec9d-b9eb-5511-9398-c42742191bfd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Freluctant-pastors-son-to-most-viewed-preacher-shooting-puts-new-spotlight-on-joel-osteen%2Farticle_fb0008c1-83c9-5096-a250-5a1ebfd6d4c3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrump-wants-to-install-new-rnc-leadership-including-his-daughter-in-law-as-co-chair%2Farticle_9bdb6714-34d0-57ae-ab97-38169fb43bf7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Frepublican-led-house-impeaches-homeland-security-secretary-alejandro-mayorkas-by-one-vote-over-border-management%2Farticle_e7854092-a1f6-5f6c-96d8-367834baa85e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fmiddle-east%2Fdisplaced-palestinians-leave-one-of-gazas-main-hospitals-after-weeks-of-being-isolated-by-fighting%2Farticle_0e4afc12-b793-5999-80c7-c72e3aa3b1d5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcity-of-memphis-releases-new-documents-tied-to-tyre-nichols-beating-death%2Farticle_129461e8-26aa-5edb-96ce-ec4e6a29449c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2Fheres-what-happened-to-a-man-who-broke-a-panda-parks-strict-dietary-rules%2Farticle_1a180174-bdc9-5286-88de-e8e89bd1b328.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fa-sniper-killed-a-florida-bank-robber-as-he-held-a-knife-to-a-hostages%2Farticle_e3cff60f-13bb-57a9-9f0a-6ea58d878ace.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fa-woman-stole-a-memory-card-from-a-truck-the-gruesome-footage-is-now-key%2Farticle_8324964c-15da-5816-b649-94e9bcacd8af.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmissing-teenager-found-in-mans-bedroom-under-trap-door%2Farticle_94c3bcc3-80dc-5e24-9518-3ff82386b1e5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2Fa-pet-cat-thrown-off-a-train-died-in-cold-weather-now-thousands-want-the%2Farticle_47cf76ae-0456-5133-b424-e5046addad37.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 319ms
190ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5672&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=32&jsfv=nbc&ts=1707928903758&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=world&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrumps-pick-to-lead-the-rnc-is-facing-skepticism-from-some-republicans%2Farticle_a95e83be-9251-5ba1-8ce8-ad6db0d7cba9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fjill-biden-sends-valentines-day-love-to-americans-with-an-art-display-on-the-white%2Farticle_8ff62d1d-00ab-5b54-8696-e8880cdce768.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fusher-and-longtime-partner-jenn-goicoechea-married-after-the-super-bowl-records-show%2Farticle_ab1cec9d-b9eb-5511-9398-c42742191bfd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Freluctant-pastors-son-to-most-viewed-preacher-shooting-puts-new-spotlight-on-joel-osteen%2Farticle_fb0008c1-83c9-5096-a250-5a1ebfd6d4c3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrump-wants-to-install-new-rnc-leadership-including-his-daughter-in-law-as-co-chair%2Farticle_9bdb6714-34d0-57ae-ab97-38169fb43bf7.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrumps-pick-to-lead-the-rnc-is-facing-skepticism-from-some-republicans%2Farticle_a95e83be-9251-5ba1-8ce8-ad6db0d7cba9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fjill-biden-sends-valentines-day-love-to-americans-with-an-art-display-on-the-white%2Farticle_8ff62d1d-00ab-5b54-8696-e8880cdce768.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fusher-and-longtime-partner-jenn-goicoechea-married-after-the-super-bowl-records-show%2Farticle_ab1cec9d-b9eb-5511-9398-c42742191bfd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Freluctant-pastors-son-to-most-viewed-preacher-shooting-puts-new-spotlight-on-joel-osteen%2Farticle_fb0008c1-83c9-5096-a250-5a1ebfd6d4c3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrump-wants-to-install-new-rnc-leadership-including-his-daughter-in-law-as-co-chair%2Farticle_9bdb6714-34d0-57ae-ab97-38169fb43bf7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Frepublican-led-house-impeaches-homeland-security-secretary-alejandro-mayorkas-by-one-vote-over-border-management%2Farticle_e7854092-a1f6-5f6c-96d8-367834baa85e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fmiddle-east%2Fdisplaced-palestinians-leave-one-of-gazas-main-hospitals-after-weeks-of-being-isolated-by-fighting%2Farticle_0e4afc12-b793-5999-80c7-c72e3aa3b1d5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fcity-of-memphis-releases-new-documents-tied-to-tyre-nichols-beating-death%2Farticle_129461e8-26aa-5edb-96ce-ec4e6a29449c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2Fheres-what-happened-to-a-man-who-broke-a-panda-parks-strict-dietary-rules%2Farticle_1a180174-bdc9-5286-88de-e8e89bd1b328.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fa-sniper-killed-a-florida-bank-robber-as-he-held-a-knife-to-a-hostages%2Farticle_e3cff60f-13bb-57a9-9f0a-6ea58d878ace.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fa-woman-stole-a-memory-card-from-a-truck-the-gruesome-footage-is-now-key%2Farticle_8324964c-15da-5816-b649-94e9bcacd8af.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmissing-teenager-found-in-mans-bedroom-under-trap-door%2Farticle_94c3bcc3-80dc-5e24-9518-3ff82386b1e5.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2Fa-pet-cat-thrown-off-a-train-died-in-cold-weather-now-thousands-want-the%2Farticle_47cf76ae-0456-5133-b424-e5046addad37.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 310ms
181ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5672&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=32&jsfv=nbc&ts=1707928903758&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=world&source=LI&st=5672&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fmilwaukee-woman-charged-with-killing-abuser-arrested-in-louisiana%2Farticle_7831e0ef-bc55-5744-b8cb-b51dde97799f.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrumps-pick-to-lead-the-rnc-is-facing-skepticism-from-some-republicans%2Farticle_a95e83be-9251-5ba1-8ce8-ad6db0d7cba9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fjill-biden-sends-valentines-day-love-to-americans-with-an-art-display-on-the-white%2Farticle_8ff62d1d-00ab-5b54-8696-e8880cdce768.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Fusher-and-longtime-partner-jenn-goicoechea-married-after-the-super-bowl-records-show%2Farticle_ab1cec9d-b9eb-5511-9398-c42742191bfd.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Freluctant-pastors-son-to-most-viewed-preacher-shooting-puts-new-spotlight-on-joel-osteen%2Farticle_fb0008c1-83c9-5096-a250-5a1ebfd6d4c3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Funited-states%2Ftrump-wants-to-install-new-rnc-leadership-including-his-daughter-in-law-as-co-chair%2Farticle_9bdb6714-34d0-57ae-ab97-38169fb43bf7.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 329ms
199ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5676&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=36&jsfv=nbc&ts=1707928903758&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=894&w=life&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fparent%2Five-always-considered-myself-a-free-range-parent-then-i-found-porn-on-my-11%2Farticle_d8f4af46-c13a-11ee-8a91-8f9873377fc9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-friend-dealt-with-something-truly-awful-in-her-family-she-cant-forgive-me-for%2Farticle_ddd50a1c-bb9d-11ee-a37b-7771d3dec627.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fautos%2Fwhat-is-the-point-of-this-suv-hint-its-designed-to-attract-new-buyers-to%2Farticle_ec9682ec-c773-11ee-8190-2bd3293d0f54.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-son-wants-his-girlfriend-to-sleep-over-theyre-nine-should-i-say-yes-ask%2Farticle_ff50f6b6-bb9c-11ee-8b46-bb87283e423c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fthese-12-toronto-restaurants-made-the-list-of-canadas-most-romantic-eateries%2Farticle_2b6313c2-c518-11ee-bcde-173ccbceac85.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fprince-harry-and-meghan-markle-are-coming-to-canada-next-week%2Farticle_ffc94f2a-0db1-5d34-8939-441f4f204605.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fits-called-cozy-cardio-in-a-world-seeking-comfort-some-see-a-happier-mode-of%2Farticle_0410cbe2-7cab-592a-a6a6-3d740d59c4ae.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftravel%2Fmy-best-travel-buddy-in-the-world-is-surprise-my-ex-husband-heres-why-it%2Farticle_04433250-c148-11ee-b9a6-570c6b1c75a3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fwhy-sophie-gr-goire-trudeau-s-personal-life-is-under-the-microscope-again%2Farticle_6d416a8d-4fda-553e-8574-42131084d7ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-sister-in-law-has-dementia-and-her-husband-has-a-new-girlfriend-its-making%2Farticle_0b0dee34-b09c-11ee-83ee-2b6c4cedf9e8.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 321ms
193ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5683&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=36&jsfv=nbc&ts=1707928903759&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=life&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fparent%2Five-always-considered-myself-a-free-range-parent-then-i-found-porn-on-my-11%2Farticle_d8f4af46-c13a-11ee-8a91-8f9873377fc9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-friend-dealt-with-something-truly-awful-in-her-family-she-cant-forgive-me-for%2Farticle_ddd50a1c-bb9d-11ee-a37b-7771d3dec627.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fautos%2Fwhat-is-the-point-of-this-suv-hint-its-designed-to-attract-new-buyers-to%2Farticle_ec9682ec-c773-11ee-8190-2bd3293d0f54.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-son-wants-his-girlfriend-to-sleep-over-theyre-nine-should-i-say-yes-ask%2Farticle_ff50f6b6-bb9c-11ee-8b46-bb87283e423c.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fparent%2Five-always-considered-myself-a-free-range-parent-then-i-found-porn-on-my-11%2Farticle_d8f4af46-c13a-11ee-8a91-8f9873377fc9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-friend-dealt-with-something-truly-awful-in-her-family-she-cant-forgive-me-for%2Farticle_ddd50a1c-bb9d-11ee-a37b-7771d3dec627.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fautos%2Fwhat-is-the-point-of-this-suv-hint-its-designed-to-attract-new-buyers-to%2Farticle_ec9682ec-c773-11ee-8190-2bd3293d0f54.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-son-wants-his-girlfriend-to-sleep-over-theyre-nine-should-i-say-yes-ask%2Farticle_ff50f6b6-bb9c-11ee-8b46-bb87283e423c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fthese-12-toronto-restaurants-made-the-list-of-canadas-most-romantic-eateries%2Farticle_2b6313c2-c518-11ee-bcde-173ccbceac85.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fprince-harry-and-meghan-markle-are-coming-to-canada-next-week%2Farticle_ffc94f2a-0db1-5d34-8939-441f4f204605.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhealth-wellness%2Fits-called-cozy-cardio-in-a-world-seeking-comfort-some-see-a-happier-mode-of%2Farticle_0410cbe2-7cab-592a-a6a6-3d740d59c4ae.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftravel%2Fmy-best-travel-buddy-in-the-world-is-surprise-my-ex-husband-heres-why-it%2Farticle_04433250-c148-11ee-b9a6-570c6b1c75a3.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fwhy-sophie-gr-goire-trudeau-s-personal-life-is-under-the-microscope-again%2Farticle_6d416a8d-4fda-553e-8574-42131084d7ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-sister-in-law-has-dementia-and-her-husband-has-a-new-girlfriend-its-making%2Farticle_0b0dee34-b09c-11ee-83ee-2b6c4cedf9e8.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 235ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5683&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=36&jsfv=nbc&ts=1707928903766&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=life&source=LI&st=5683&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fi-thought-i-was-good-friends-with-two-guys-in-high-school-years-later-i%2Farticle_dd83c28c-bb99-11ee-bad1-871e3dde352d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fking-charles-wants-us-to-know-he-s-just-fine-and-kate-would-like-us%2Farticle_87ee48bc-c9de-11ee-9f52-bbb781632a44.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fparent%2Five-always-considered-myself-a-free-range-parent-then-i-found-porn-on-my-11%2Farticle_d8f4af46-c13a-11ee-8a91-8f9873377fc9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-friend-dealt-with-something-truly-awful-in-her-family-she-cant-forgive-me-for%2Farticle_ddd50a1c-bb9d-11ee-a37b-7771d3dec627.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fautos%2Fwhat-is-the-point-of-this-suv-hint-its-designed-to-attract-new-buyers-to%2Farticle_ec9682ec-c773-11ee-8190-2bd3293d0f54.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fmy-son-wants-his-girlfriend-to-sleep-over-theyre-nine-should-i-say-yes-ask%2Farticle_ff50f6b6-bb9c-11ee-8b46-bb87283e423c.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 323ms
195ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5689&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=41&jsfv=nbc&ts=1707928903767&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=907&w=sports&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays%2Farticle_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fscottie-barnes-early-exit-is-another-lesson-in-the-grooming-of-the-raptors-star%2Farticle_66dfb796-c92f-11ee-9b52-7bca636213ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fcurling%2Fdecorated-canadian-curler-jennifer-jones-to-retire-from-team-curling%2Farticle_2aef5cc9-f65e-5db4-912a-0317ec11fff9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmcmann-of-the-hour-little-used-forward-scores-three-as-leafs-beat-blues-without-three%2Farticle_93478e1c-c92f-11ee-ab02-c3d4bcad4295.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmake-hockey-violent-again-isn-t-the-answer-but-right-or-wrong-morgan-rielly-stood%2Farticle_a91c2ac6-c935-11ee-8fcb-3ff0ae5d4a3d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftop-10-most-watched-super-bowl-ads-on-youtube-canada-played-on-nostalgia-and-reunited%2Farticle_001356e8-c9b2-11ee-8ecb-bbd4a6c8d16e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fa-frustrated-travis-kelce-bumps-andy-reid-knocks-the-65-year-old-chiefs-coach-back%2Farticle_93cdf025-6627-5c6f-817e-905f7c1edfb7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fdelayed-super-bowl-celebration-chiefs-hardman-blacks-out-didnt-know-he-made-game-ending-catch%2Farticle_19a16ea2-10f1-58d3-b593-14f36c0e3f1d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Ffive-storylines-heading-into-spring-training-as-blue-jays-pitchers-catchers-report-to-camp-wednesday%2Farticle_d0033352-c76c-11ee-bb15-1752e5af0b1c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fleafs-defenceman-rielly-suspended-five-games-for-cross-checking-greig%2Farticle_7faf3cf9-0f8f-51da-8134-b014db6d9d6c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fformer-maple-leafs-defenceman-surprises-ttc-riders-with-stanley-cup-on-morning-commute%2Farticle_5ec0466c-b7d6-11ee-9673-d7ae8928a8ff.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Ffive-games-isnt-nearly-enough-for-what-brendan-gallagher-did-the-nhl-is-embarrassing%2Farticle_3a925914-bc87-11ee-bcac-03429feccc6b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fpascal-siakam-returns-how-this-duo-helped-a-beloved-raptors-star-share-his-toronto-love%2Farticle_1320e294-c937-11ee-a2ee-7771fea0d439.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fblue-jays-mailbag-was-taking-vladimir-guerrero-jr-to-arbitration-worth-the-risk%2Farticle_1e877758-ca93-11ee-b306-d3aa7e8813f9.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 315ms
189ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5698&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=41&jsfv=nbc&ts=1707928903767&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=sports&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays%2Farticle_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fscottie-barnes-early-exit-is-another-lesson-in-the-grooming-of-the-raptors-star%2Farticle_66dfb796-c92f-11ee-9b52-7bca636213ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fcurling%2Fdecorated-canadian-curler-jennifer-jones-to-retire-from-team-curling%2Farticle_2aef5cc9-f65e-5db4-912a-0317ec11fff9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmcmann-of-the-hour-little-used-forward-scores-three-as-leafs-beat-blues-without-three%2Farticle_93478e1c-c92f-11ee-ab02-c3d4bcad4295.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmake-hockey-violent-again-isn-t-the-answer-but-right-or-wrong-morgan-rielly-stood%2Farticle_a91c2ac6-c935-11ee-8fcb-3ff0ae5d4a3d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftop-10-most-watched-super-bowl-ads-on-youtube-canada-played-on-nostalgia-and-reunited%2Farticle_001356e8-c9b2-11ee-8ecb-bbd4a6c8d16e.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays%2Farticle_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fscottie-barnes-early-exit-is-another-lesson-in-the-grooming-of-the-raptors-star%2Farticle_66dfb796-c92f-11ee-9b52-7bca636213ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fcurling%2Fdecorated-canadian-curler-jennifer-jones-to-retire-from-team-curling%2Farticle_2aef5cc9-f65e-5db4-912a-0317ec11fff9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmcmann-of-the-hour-little-used-forward-scores-three-as-leafs-beat-blues-without-three%2Farticle_93478e1c-c92f-11ee-ab02-c3d4bcad4295.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmake-hockey-violent-again-isn-t-the-answer-but-right-or-wrong-morgan-rielly-stood%2Farticle_a91c2ac6-c935-11ee-8fcb-3ff0ae5d4a3d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftop-10-most-watched-super-bowl-ads-on-youtube-canada-played-on-nostalgia-and-reunited%2Farticle_001356e8-c9b2-11ee-8ecb-bbd4a6c8d16e.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fa-frustrated-travis-kelce-bumps-andy-reid-knocks-the-65-year-old-chiefs-coach-back%2Farticle_93cdf025-6627-5c6f-817e-905f7c1edfb7.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fdelayed-super-bowl-celebration-chiefs-hardman-blacks-out-didnt-know-he-made-game-ending-catch%2Farticle_19a16ea2-10f1-58d3-b593-14f36c0e3f1d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Ffive-storylines-heading-into-spring-training-as-blue-jays-pitchers-catchers-report-to-camp-wednesday%2Farticle_d0033352-c76c-11ee-bb15-1752e5af0b1c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Fleafs-defenceman-rielly-suspended-five-games-for-cross-checking-greig%2Farticle_7faf3cf9-0f8f-51da-8134-b014db6d9d6c.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fformer-maple-leafs-defenceman-surprises-ttc-riders-with-stanley-cup-on-morning-commute%2Farticle_5ec0466c-b7d6-11ee-9673-d7ae8928a8ff.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2Ffive-games-isnt-nearly-enough-for-what-brendan-gallagher-did-the-nhl-is-embarrassing%2Farticle_3a925914-bc87-11ee-bcac-03429feccc6b.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fpascal-siakam-returns-how-this-duo-helped-a-beloved-raptors-star-share-his-toronto-love%2Farticle_1320e294-c937-11ee-a2ee-7771fea0d439.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fblue-jays-mailbag-was-taking-vladimir-guerrero-jr-to-arbitration-worth-the-risk%2Farticle_1e877758-ca93-11ee-b306-d3aa7e8813f9.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 228ms
103ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5698&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=41&jsfv=nbc&ts=1707928903767&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=sports&source=LI&st=5698&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fblue-jays%2Fben-shulman-takes-over-as-sportsnet-radio-play-by-play-broadcaster-for-the-blue-jays%2Farticle_32bd8704-caa1-11ee-b175-73b17b2b8c3a.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fscottie-barnes-early-exit-is-another-lesson-in-the-grooming-of-the-raptors-star%2Farticle_66dfb796-c92f-11ee-9b52-7bca636213ec.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fcurling%2Fdecorated-canadian-curler-jennifer-jones-to-retire-from-team-curling%2Farticle_2aef5cc9-f65e-5db4-912a-0317ec11fff9.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmcmann-of-the-hour-little-used-forward-scores-three-as-leafs-beat-blues-without-three%2Farticle_93478e1c-c92f-11ee-ab02-c3d4bcad4295.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2Fmake-hockey-violent-again-isn-t-the-answer-but-right-or-wrong-morgan-rielly-stood%2Farticle_a91c2ac6-c935-11ee-8fcb-3ff0ae5d4a3d.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftop-10-most-watched-super-bowl-ads-on-youtube-canada-played-on-nostalgia-and-reunited%2Farticle_001356e8-c9b2-11ee-8ecb-bbd4a6c8d16e.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 320ms
194ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_response&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5704&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=46&jsfv=nbc&ts=1707928903768&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&fst=1707928902818&fstr=4780&pt=1&cl=922&w=entertainment&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fwelcome-home-jon-stewart-late-night-tv-and-sanity-needs-you%2Farticle_fb8f73ee-caa7-11ee-af73-937be5f86f23.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fsorry-maga-taylor-swift-helped-win-a-super-bowl-and-she-can-help-win-an%2Farticle_213ffce8-c9aa-11ee-8d3c-5bec51d1beea.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fnew-book-based-on-sex-survey-offers-unprecedented-look-into-canadians-bedrooms%2Farticle_b9dda8d0-15a2-59ae-8a88-c26f130f5785.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmusic%2Finside-celine-dions-triumphant-return-at-the-grammys-and-that-taylor-swift-snub%2Farticle_15ebcf64-c439-11ee-841b-ffa7f53afe38.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fvisual-arts%2From-announces-major-new-project-that-it-says-will-usher-in-a-new-era-for%2Farticle_a580c222-caa8-11ee-a11b-538249666c97.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fapple-podcasts-top-10%2Farticle_1a7110bc-b09b-5b9c-83a3-3354914c4e84.html%22%5D&usedJS=27600000&totalJS=35100000&jsLimit=3760000000&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 230ms
106ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_tracking_items_mismatch&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5709&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=46&jsfv=nbc&ts=1707928903768&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=entertainment&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fwelcome-home-jon-stewart-late-night-tv-and-sanity-needs-you%2Farticle_fb8f73ee-caa7-11ee-af73-937be5f86f23.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fsorry-maga-taylor-swift-helped-win-a-super-bowl-and-she-can-help-win-an%2Farticle_213ffce8-c9aa-11ee-8d3c-5bec51d1beea.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fnew-book-based-on-sex-survey-offers-unprecedented-look-into-canadians-bedrooms%2Farticle_b9dda8d0-15a2-59ae-8a88-c26f130f5785.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fwelcome-home-jon-stewart-late-night-tv-and-sanity-needs-you%2Farticle_fb8f73ee-caa7-11ee-af73-937be5f86f23.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fsorry-maga-taylor-swift-helped-win-a-super-bowl-and-she-can-help-win-an%2Farticle_213ffce8-c9aa-11ee-8d3c-5bec51d1beea.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fnew-book-based-on-sex-survey-offers-unprecedented-look-into-canadians-bedrooms%2Farticle_b9dda8d0-15a2-59ae-8a88-c26f130f5785.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmusic%2Finside-celine-dions-triumphant-return-at-the-grammys-and-that-taylor-swift-snub%2Farticle_15ebcf64-c439-11ee-841b-ffa7f53afe38.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fvisual-arts%2From-announces-major-new-project-that-it-says-will-usher-in-a-new-era-for%2Farticle_a580c222-caa8-11ee-a11b-538249666c97.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fapple-podcasts-top-10%2Farticle_1a7110bc-b09b-5b9c-83a3-3354914c4e84.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/ 35 B
49 B 301ms
176ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/7noslr035pfb0mvo/573d6490-ac6e-45fe-e8a8-4e29b528c28c/__activity.gif?e=widget_shown&ct=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5709&blst=4000&ist=4769&iet=4776&bdst=4001&bdet=4698&bcttt=46&jsfv=nbc&ts=1707928903768&jsk=7noslr035pfb0mvo&jsv=20240209&cu=https%3A%2F%2Fse1.iran22.fun%2F&uid=573d6490-ac6e-45fe-e8a8-4e29b528c28c&sid=5800f567-cd30-4bec-8652-23dd96bb1457&pvid=e89b5486-d102-4ef6-f83c-f2205bdb9b1f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F121.0.6167.184+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=600&w=entertainment&source=LI&st=5709&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fwelcome-home-jon-stewart-late-night-tv-and-sanity-needs-you%2Farticle_fb8f73ee-caa7-11ee-af73-937be5f86f23.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fsorry-maga-taylor-swift-helped-win-a-super-bowl-and-she-can-help-win-an%2Farticle_213ffce8-c9aa-11ee-8d3c-5bec51d1beea.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fnew-book-based-on-sex-survey-offers-unprecedented-look-into-canadians-bedrooms%2Farticle_b9dda8d0-15a2-59ae-8a88-c26f130f5785.html%22%5D&sdk=bc-pixel
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 65ca8fc8ef0ea.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/4/25/425d91b6-b670-5e5b-aca7-c43bf48b1654/ 15 KB
15 KB 98ms
90ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/4/25/425d91b6-b670-5e5b-aca7-c43bf48b1654/65ca8fc8ef0ea.image.jpg?resize=540%2C360

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d720d513a1c440079d29e391a318abc05094fb7b16c52343a2af63123c622d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 85093
cf-polished: qual=85, origFmt=jpeg, origSize=18937
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65ca8fc8ef0ea.webp"
content-length: 15454
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Feb 2024 21:38:23 GMT
server: cloudflare
x-vcache: MISS
etag: "38f0c33efc43a9774dbea7c663402732"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2a0fc202ad7-LAX
expires: Wed, 12 Feb 2025 11:17:59 GMT

GET
H2 200 65cc06059aa22.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/0/3c/03cd1733-04e4-58d7-af3f-1288b6d39e15/ 23 KB
23 KB 102ms
93ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/0/3c/03cd1733-04e4-58d7-af3f-1288b6d39e15/65cc06059aa22.image.jpg?resize=540%2C448

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50aef3e0a684bb9b7e8a1c0e216307d0e42038a566837fa7d0a0b93c66d2d60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 48034
cf-polished: qual=85, origFmt=jpeg, origSize=25639
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65cc06059aa22.webp"
content-length: 23412
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Feb 2024 00:15:02 GMT
server: cloudflare
x-vcache: MISS
etag: "85ebad8916305f8229f319029f1f6854"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2a0fc242ad7-LAX
expires: Thu, 13 Feb 2025 00:35:19 GMT

GET
H2 200 65c528dae7fec.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/a/1f/a1ff81ff-52d9-5b30-aac5-436957b2e8e4/ 24 KB
24 KB 84ms
76ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/a/1f/a1ff81ff-52d9-5b30-aac5-436957b2e8e4/65c528dae7fec.image.jpg?resize=540%2C305

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b772ffc50b1ef697aa4033866c0ee36dabc26079bef3e6ad96014909455a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 484547
cf-polished: qual=85, origFmt=jpeg, origSize=26218
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65c528dae7fec.webp"
content-length: 24798
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Feb 2024 19:17:47 GMT
server: cloudflare
x-vcache: MISS
etag: "722a550073d26d2a8a4b90b69d874692"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2a0fc252ad7-LAX
expires: Fri, 07 Feb 2025 20:22:41 GMT

GET
H2 200 656a1d06e70cb.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/ed/3ed56d8c-cd66-5944-905d-c67602e21e1f/ 25 KB
25 KB 107ms
100ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/3/ed/3ed56d8c-cd66-5944-905d-c67602e21e1f/656a1d06e70cb.image.jpg?resize=540%2C401

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b367fd951660e763955a1043f0f07421a547bd4c9dfd1d9103f24c95dc3f2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 444402
cf-polished: qual=85, origFmt=jpeg, origSize=28632
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="656a1d06e70cb.webp"
content-length: 25244
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Dec 2023 17:51:03 GMT
server: cloudflare
x-vcache: MISS
etag: "37a0d652d17cc8d06d352bcb6e38a162"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2a10c262ad7-LAX
expires: Sat, 08 Feb 2025 11:14:32 GMT

GET
H2 200 65ca7a5e5c357.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/1/59/159f1154-f189-5d8d-a002-c7f17132dc5e/ 39 KB
39 KB 111ms
105ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/1/59/159f1154-f189-5d8d-a002-c7f17132dc5e/65ca7a5e5c357.image.jpg?resize=540%2C360

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1842d3738f53d64d8a88c1c60d3e4410cf96dbbf8bd9a9702d1c09101ead76e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 110045
cf-polished: origSize=39697, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 39451
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Feb 2024 20:06:56 GMT
server: cloudflare
x-vcache: MISS
etag: "7b53ffe973964f61bd0acf73222cf5e5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2a10c272ad7-LAX
expires: Tue, 11 Feb 2025 20:35:47 GMT

GET
H2 200 65cb7ecb73627.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/d/43/d437a934-a57f-5947-a613-b1b130727ac4/ 29 KB
30 KB 88ms
82ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/d/43/d437a934-a57f-5947-a613-b1b130727ac4/65cb7ecb73627.image.jpg?resize=540%2C360

Requested by

Host: se1.iran22.fun
URL: https://se1.iran22.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c0cc30a55ede57e0dc1b36135de228897b4e08405f7274c00b1d9430e9bc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:43 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12406
cf-polished: qual=85, origFmt=jpeg, origSize=31917
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65cb7ecb73627.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Feb 2024 14:38:08 GMT
server: cloudflare
x-vcache: MISS
etag: "46dc9ed3d14b4f8075d0948582f65eb9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8556c2a10c282ad7-LAX
expires: Wed, 12 Feb 2025 15:22:54 GMT

GET
H2 200 dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame 23C5 42 B
401 B 516ms
201ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=*;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CN3y3Pyiq4QDFUsSdgYd0gcNbA;src=10230056;type=ret01;cat=land01;ord=5259041419438;npa=0;auiddc=1053461465.1707928902;pscdl=noapi;gtm=45fe42c0za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fse1.iran22.fun%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 235ms
235ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:43 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 placements Show response
mia-placement-server.rubiconproject.com/ Frame BDA9 17 B
178 B 496ms
138ms Fetch
application/json 54.82.140.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mia-placement-server.rubiconproject.com/placements?location=https%3A%2F%2Fse1.iran22.fun%2F&publisherId=62019&size=xl
Requested by: Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.140.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-140-179.compute-1.amazonaws.com
Software: /
Resource Hash: b1b1ba9f3d21081238cdd860f56bd67c5f1db21b6deb58d9c32cbb86457b0acb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 16:41:44 GMT
content-length: 17
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
DATA 200
OK truncated
/ Frame BDA9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ce58dece1eb83168e07799708cd6f15f5ec776ea58e9a20264f05184a209a36

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDA9 0
0 202ms
202ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiQJiXDQW1lrDjFF75o-BL44lhrz7xZitx1qNm0n0V6TOkfCjmc6NPDCu0xnL1P-nMn3HdzTDUshSQfmpXNuf5piVPfTnTpPqxLbaiIrbJNeRNNyKGWqVo5EdcUcWhNNLu2MpIxSZPiuUd2ABMYX1vx4n2iNtOCC42msBtvD8cOpV23gNZtughAWrW3j7uat48tGFywjTfHmINVjqW50c3SL15ksWbjNC8C1STdFT_PICxTABMm5a6-1MhCkWvPWBWwXFuYOx1MLBpaJxPir2cKCzJcvOZL-Y-RqrHynL-OzGsqA269DV5j4VqR1it6FM2MhGz-T2uUvZqGxVTv1HqWKkzGyKFpMsaFtUCqw&sai=AMfl-YSe03WX509qj7XPPekgmo7HHR1GhNRIMkn7ymZNmqwtos84JQpKL0a3drB3rLjrPue3y5GttL9p5cS7BLs8MhggC12GoM-kA-CT5HFg8eGSX0KSgFI2hwRBQ6cFbwiKhMT4bTVbppw0ldKFMcc5A5RG&sig=Cg0ArKJSzCxwh-c0YAZQEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Feb 2024 16:41:44 GMT

GET
H2 200 t2_kcsr8bo_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 1364ms
83ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_kcsr8bo_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:45 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 1355ms
74ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1707928904135&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=423403f6-7c4f-41a2-8f91-6363a8c88ed8&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5ad1a28b&dpm=&dpcc=&dprc=
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:45 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 127ms
127ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 16:41:44 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E1C3C20BE38D4DC7AC732BB53B04E35B Ref B: LAX311000109051 Ref C: 2024-02-14T16:41:44Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://se1.iran22.fun
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYRWi+kimI6WJkrKD7q0g==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 217ms
217ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b9ca852d6f905a1cd1a2fe604a5d435fa054f33e7be5d9a0c89310339c7e2a9a

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Feb 2024 16:41:44 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://se1.iran22.fun
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 544ms
131ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1707928904908&plid=66378341&idsite=thestar.com&url=https%3A%2F%2Fse1.iran22.fun%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22%22%2C%22janrain_uuid%22%3A%22%22%2C%22site_level_uuid%22%3A%22%22%2C%22hub_level_uuid%22%3A%22%22%2C%22adobe_mcid%22%3A%2230018254756618608813615216093572110220%22%2C%22word_count%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11446%7D&sid=1&surl=https%3A%2F%2Fse1.iran22.fun%2F&sref=&sts=1707928904868&slts=0&title=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&date=Wed+Feb+14+2024+06%3A41%3A44+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&js=1&pvid=50825226&u=pid%3Df3fbdacbba0a61bbb0ad1d9888bd424a
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 16:41:45 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 14-Feb-2024 16:41:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDA9 42 B
404 B 490ms
203ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5VmDaop7fLpemaRUr4fCwOdqInK6u9HeZZOiafBaWhlCQ6L05yOHndEA_uD0US1vxnqvKvvh9mp92M4PaJTprByxu5go-JTfS-MRmj3wkIK0Qktn6TQPR9NrrI8XiLJWs9po0rAKTGaEcW47jLuV7-Nz35cxoIqg&sig=Cg0ArKJSzM70pUoUI1V3EAE&id=lidar2&mcvt=1000&p=56,799,57,801&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240212&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3334131667&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=386170300&rst=1707928903228&rpt=711&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 16:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 139ms
139ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:38:23 GMT
x-amz-version-id: 1zRCYnTqT7b5Sp5inLUGARXloL6P112m
content-encoding: br
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 5393003
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Dec 2023 23:39:44 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: SA4sxhd_93f8uoafPm7yMikRbkrZvVKa4Qc6NeUxa8fPjJBGRHJ3EQ==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 134ms
133ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 14:45:44 GMT
x-amz-version-id: NqLtoxal8QgLc3IEduuKdtP19NWPXDko
content-encoding: br
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3635763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 02 Jan 2024 23:27:24 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: lvPkvuD7qQ9FUPyLIgkB1yk2LYTM8bMxWKO10D4bpnD6tMBgKANH9Q==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707928906684&ns_c=UTF-8&c7=https%3A%2F%2Fse1.iran22.fun%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707928906684&ns_c=UTF-8&c7=https%3A%2F%2Fse1.iran22.fun%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%2...

0
225 B

150ms
150ms

Image
text/plain

18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707928906684&ns_c=UTF-8&c7=https%3A%2F%2Fse1.iran22.fun%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
Requested by: Host: se1.iran22.fun
URL: https://se1.iran22.fun/
Protocol: H2
Server: 18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-90.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:46 GMT
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-amz-cf-id: amBxCtSLmTWW9Z0VMQLnK6IWJ5dd_9k1G_jFx6Y9cNu32ewUK3j77Q==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 14 Feb 2024 16:41:46 GMT
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707928906684&ns_c=UTF-8&c7=https%3A%2F%2Fse1.iran22.fun%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
content-length: 0
x-amz-cf-id: VRVSNC6vToupQnH94EsndoJSX8FE_-Ube0CIXQXBZ-rBsMCyi7mCNQ==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 293ms
92ms Fetch
application/json 35.155.246.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-246-37.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://se1.iran22.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://se1.iran22.fun
date: Wed, 14 Feb 2024 16:41:47 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 222ms
219ms XHR
application/json 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

26265a95dfba1aae8771b5427cc21c460932b0ad7140bafc67475dc455a1cd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12321
x-xss-protection: 0

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 77ms
76ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddfb624caa4045659ee317be45d5f857ce64ef36525fa0e090b75eede8d53ed7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:47 GMT
x-cdn: fastly
age: 6027
etag: "35f071892db479f4d4f078ebd384d4fc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4043

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 2D7A 565 B
402 B 146ms
144ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 14 Feb 2024 16:41:47 GMT
pinterest-version: 875f2e02e50c112557997c9ed58d87a8d887f4ed
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1833484067150093

GET
H2 200 65ca8fc8ef0ea.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/4/25/425d91b6-b670-5e5b-aca7-c43bf48b1654/ 2 KB
2 KB 150ms
149ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/4/25/425d91b6-b670-5e5b-aca7-c43bf48b1654/65ca8fc8ef0ea.image.jpg?resize=100%2C67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27dcc42adc616dadb4a490427637983fd245fcc53d357520bcf85f3dacd7c149

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:47 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=2320
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65ca8fc8ef0ea.webp"
content-length: 2014
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Feb 2024 21:38:23 GMT
server: cloudflare
x-vcache: MISS
etag: "d79bf8abe9ae561addd4e338198d3882"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2b55c602ad7-LAX
expires: Tue, 11 Feb 2025 21:51:50 GMT

GET
H2 200 65cc06059aa22.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/0/3c/03cd1733-04e4-58d7-af3f-1288b6d39e15/ 2 KB
2 KB 153ms
152ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/0/3c/03cd1733-04e4-58d7-af3f-1288b6d39e15/65cc06059aa22.image.jpg?resize=100%2C83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c9fd49a92b1ec86e33db7a6e28662a38e67062cdfbaa0adaaec911cc554cd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:47 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=2970
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65cc06059aa22.webp"
content-length: 2066
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Feb 2024 00:15:02 GMT
server: cloudflare
x-vcache: MISS
etag: "950a4ba58e486949e3f08b34a4e50f49"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2b55c612ad7-LAX
expires: Thu, 13 Feb 2025 00:15:51 GMT

GET
H2 200 65c528dae7fec.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/a/1f/a1ff81ff-52d9-5b30-aac5-436957b2e8e4/ 2 KB
2 KB 80ms
80ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/a/1f/a1ff81ff-52d9-5b30-aac5-436957b2e8e4/65c528dae7fec.image.jpg?resize=100%2C56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7ac0c33450e7b1d57f156d852669feef76296a3592874d2cb03a8727fd1d1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:47 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 71097
cf-polished: qual=85, origFmt=jpeg, origSize=2288
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65c528dae7fec.webp"
content-length: 2202
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Feb 2024 19:17:47 GMT
server: cloudflare
x-vcache: MISS
etag: "ad23710a6ae8445982877eff8cfc6897"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8556c2b55c622ad7-LAX
expires: Fri, 07 Feb 2025 19:18:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 174ms
173ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 16:41:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 217B 13 KB
5 KB 140ms
134ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 73737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 20:12:50 GMT
expires: Wed, 12 Feb 2025 20:12:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 28E0 829 B
982 B 164ms
159ms Document
text/html 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

GSE /

Resource Hash

37296135359833b811f82968a7487a9fce520730abc57d8adfd9e38c2f8b8a5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sL31oIHtvj951yP4T6z7vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://se1.iran22.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sL31oIHtvj951yP4T6z7vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 16:41:47 GMT
expires: Wed, 14 Feb 2024 16:41:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 217B 39 KB
15 KB 418ms
138ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 08:55:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 28E0 0
0 453ms
197ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402070101&jk=2123154730848665&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 217B 0
10 B 140ms
139ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BpbhIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 16:41:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 202ms
201ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402070101&jk=2123154730848665&bg=!VlWlVRrNAAaxkZ3akZE7ADQBe5WfONRCf5nq_gid1Q3t_OgWXV8bYAaucgk-pi2pasVpl9lK_4shX7sIE1z3Z0rsf5AxAgAAAGZSAAAAA2gBB5kCwuRDGRSuULli_g_2hJ2fjC1WZbG9UznJjJnxL-Z716zxDTMCo3N609Hvy6CdbDythc9BO6pEQZS7NZlVJq8LUqsBCceoAs5GElNikk2CgyqitN3woUyasJlraHVNRL359vn56QmfS85IFxQNt9Xzc69ZjwXJkAJjiqKLIBYf3dz2p8-q97-AK5mJkx6nOFEpiXX6Pa9uddWPl2fZHaKIffWeYlu9FORSXfqZ3k08tXdw_B8oFLUqu8lYV5s4ICKkFkJ9Cy7Ho1yuLaQFSSEi-G8EIcbG0sRixLqEVeKrJ_ERWUEUIwMNVWF48Z-3iCe9XbJlIvf7P46y_0OmSsFR7suR8YCrLrs7L43OWnR5rlkM3cOKzC_cS-A2x72_YdJ_fmh97aTtwAqfchV0gUB5p3jPp_AEPkvieKENFLGc2etq92WY6zishh0y8usjIpGYANZeyzpzwcXdcqLj7OAqVu8taG3I1kyxCe5OrtRoOfputbvkPUQcEHQdaLFW5PR3iDYqYlKWH-HDE1sfwMt_oz9_3XEZCz8L58OWSmAKUjxIGff3WGGz220sqmZ2OkFfUUlZzrcT9SjIBb4NEo_GeAdGyaUpS0sgOjn1bmZk19TsTXb3T0wx122ANADFFU0gyzo-cUlyamKjsfwci2MArRl4CXLleef_ggP0p-pEuCBKPGjFzXh1ozqpAHfuy-f4sevOrhaFWWZeym-dR43vDqmhJF9aTkIgJ0lXsaie4GX3nLA-ZEbbWpPmirqhheTFLHDbHTOHvpTOxF1V4cjDUR1h1-kv6U9sIhFoBzPaXFwaNtpabCsdTncLjr7D8DnRxtCj-Gh1pPVs5c1iPyQmdbQdJH8HiHdfMWWYpFxVb-JR_vZSG2s6Ze-f1cYhSGTkf2SrgY3Cyg7RI-FYu2j4NbFr7MXybmM32WL5Uc-ABt1n8B4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.iran22.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: thestar.cloud.optable.co
URL: https://thestar.cloud.optable.co/prod-thestar-com/init?cookies=no&passport=&osdk=web-v0.16.1

Domain: thestar.cloud.optable.co
URL: https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=&osdk=web-v0.16.1

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iran22.fun/	1970-01-20 22:47:33	Name: permutive-id Value: 571772d1-93ad-4bdc-ae9e-318b96da0bcc
.demdex.net/	1970-01-20 22:44:40	Name: demdex Value: 30009863760758891793613811639891348870
.adnxs.com/	1970-01-21 04:01:28	Name: receive-cookie-deprecation Value: 1
.iran22.fun/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.iran22.fun/	1970-01-20 20:35:04	Name: _gcl_au Value: 1.1.1053461465.1707928902
.iran22.fun/	1970-01-21 04:01:28	Name: _ga_4T2EB147B8 Value: GS1.1.1707928902.1.0.1707928902.60.0.0
.everesttech.net/	1970-01-21 03:11:04	Name: everest_g_v2 Value: g_surferid~ZcztRgAAAGhu2gOj
.iran22.fun/	1969-12-31 23:59:59	Name: s_cc Value: true
se1.iran22.fun/	1969-12-31 23:59:59	Name: _igt Value: 5800f567-cd30-4bec-8652-23dd96bb1457
se1.iran22.fun/	1970-01-21 03:11:04	Name: _ig Value: 573d6490-ac6e-45fe-e8a8-4e29b528c28c
.iran22.fun/	1970-01-20 18:25:32	Name: AMP_TOKEN Value: %24NOT_FOUND
.iran22.fun/	1970-01-20 18:26:55	Name: _gid Value: GA1.2.1860354281.1707928903
.iran22.fun/	1970-01-20 18:25:28	Name: _dc_gtm_UA-54716522-7 Value: 1
.dpm.demdex.net/	1970-01-20 22:44:40	Name: dpm Value: 30009863760758891793613811639891348870
.iran22.fun/	1970-01-21 04:01:28	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19768%7CMCMID%7C30018254756618608813615216093572110220%7CMCAAMLH-1708533702%7C9%7CMCAAMB-1708533702%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1707936102s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19775%7CvVersion%7C5.5.0
.iran22.fun/	1970-01-20 18:26:55	Name: _uetsid Value: ef1d41e0cb5711eea8f6db4e3774c102
.iran22.fun/	1970-01-21 03:47:04	Name: _uetvid Value: ef1e1780cb5711ee9ce28fddf7aed79d
.bing.com/	1970-01-21 03:47:04	Name: MUID Value: 2AB5D623C06265DD3BE7C206C1996408
.bat.bing.com/	1970-01-20 18:35:33	Name: MR Value: 0
.iran22.fun/	1970-01-21 03:47:04	Name: __gads Value: ID=a28e282ab5e3b824:T=1707928902:RT=1707928902:S=ALNI_MZx2-oXDsr3zHAlP0n76HKWZmXbeQ
.iran22.fun/	1970-01-21 03:47:04	Name: __gpi Value: UID=00000a0d944fe345:T=1707928902:RT=1707928902:S=ALNI_MYVGNnpj5BOZtVpVhxhw7tsEvUV8g
.iran22.fun/	1970-01-21 04:01:28	Name: _ga Value: GA1.1.1124111793.1707928903
.doubleclick.net/	1970-01-21 04:01:28	Name: IDE Value: AHWqTUlewuQxfJb9Jp5c7YkmM4ebzsqCTK6FZk0xznPuniz9wT2YmFYuho08Rt3rFSc
.t.co/	1970-01-21 04:01:28	Name: muc_ads Value: 3eece40e-8c81-4e62-96eb-dcbf51f596ae
.doubleclick.net/	1970-01-20 18:25:29	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 22:44:40	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-20 20:35:04	Name: li_sugr Value: 943e4567-d6c1-44aa-a499-ff6c0aa0a4d5
.linkedin.com/	1970-01-21 03:11:04	Name: bcookie Value: "v=2&39ec5d11-5cc3-4666-8729-03cd08aecd29"
.linkedin.com/	1970-01-20 18:26:55	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2691:u=1:x=1:i=1707928903:t=1708015303:v=2:sig=AQE8T6IdCRD_SR3JUuLSvO7XDd0TX7Ku"
.linkedin.com/	1970-01-20 19:08:40	Name: UserMatchHistory Value: AQJ3YtPpTTFf2AAAAY2ofuDmDmX4NzDwWVI1jBiTSziqO_05HJp-PMz4dKDXs79jsCnSAFOPCc8eWw
.linkedin.com/	1970-01-20 19:08:40	Name: AnalyticsSyncHistory Value: AQKDYC4ZtgtQBAAAAY2ofuDmdeLpuL49guq0iCnTt9MKZvAyfcFOn8_tfCJbVeGSGl-2g4RGH3lFvgb5oLy7fQ
.www.linkedin.com/	1970-01-21 03:11:04	Name: bscookie Value: "v=1&202402141641447d023fd9-f345-4384-8fd1-56b905dec6f2AQHD1bY6qckRdJf6WHNwp4_XClql1m6m"
.iran22.fun/	1970-01-20 20:35:04	Name: _rdt_uuid Value: 1707928904134.423403f6-7c4f-41a2-8f91-6363a8c88ed8
.twitter.com/	1970-01-21 04:01:28	Name: guest_id_marketing Value: v1%3A170792890441340623
.twitter.com/	1970-01-21 04:01:28	Name: guest_id_ads Value: v1%3A170792890441340623
.twitter.com/	1970-01-21 04:01:28	Name: personalization_id Value: "v1_QJKe3cxwekfMk1CwvSwnKQ=="
.twitter.com/	1970-01-21 04:01:28	Name: guest_id Value: v1%3A170792890441340623
.pinterest.com/	1970-01-21 03:11:04	Name: ar_debug Value: 1
.se1.iran22.fun/	1970-01-21 03:11:04	Name: _pin_unauth Value: dWlkPU1XUTJOamxrTnpVdFlUZzRPUzAwTUdZNExUZzJZalF0WlRnM1lUaGxNak15WldReg
.iran22.fun/	1970-01-20 18:25:30	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://se1.iran22.fun/%22%2C%22sref%22:%22%22%2C%22sts%22:1707928904868%2C%22slts%22:0}
.iran22.fun/	1970-01-21 03:54:52	Name: _parsely_visitor Value: {%22id%22:%22pid=f3fbdacbba0a61bbb0ad1d9888bd424a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1707928904868}
.iran22.fun/	1970-01-21 03:11:04	Name: ajs_anonymous_id Value: 121bd6a9-a380-4f01-9d95-573c958eafe1
.scorecardresearch.com/	1970-01-21 04:01:28	Name: UID Value: 1C3fbfc7c63dc2dab194e0b1707928906
.iran22.fun/	1970-01-21 04:01:28	Name: _ga_6FZFMVVWVN Value: GS1.1.1707928903.1.1.1707928907.56.0.0

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://se1.iran22.fun/(Line 7986) Message: Access to fetch at 'https://thestar.cloud.optable.co/prod-thestar-com/init?cookies=no&passport=&osdk=web-v0.16.1' from origin 'https://se1.iran22.fun' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://thestar.cloud.optable.co/prod-thestar-com/init?cookies=no&passport=&osdk=web-v0.16.1 Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: https://se1.iran22.fun/(Line 7987) Message: Access to fetch at 'https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=&osdk=web-v0.16.1' from origin 'https://se1.iran22.fun' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=&osdk=web-v0.16.1 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://se1.iran22.fun/(Line 7987) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.viafoura.co/v2/se1.iran22.fun/bootstrap/v2 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://se1.iran22.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
aax.amazon-adsystem.com
accounts.google.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
alb.reddit.com
ampcid.google.com
analytics.google.com
analytics.twitter.com
api.btloader.com
api.permutive.com
api.segment.io
api.viafoura.co
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
bloximages.chicago2.vip.townnews.com
btloader.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cdn.segment.com
cdn.viafoura.net
cm.everesttech.net
config.aps.amazon-adsystem.com
ct.pinterest.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
fda6208c134ec4a90f3fbf97fa1b05a1.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
mia-placement-server.rubiconproject.com
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
px.ads.linkedin.com
query.petametrics.com
resources.thestar.com
s.pinimg.com
s.thestar.com
s3.us-west-2.amazonaws.com
sb.scorecardresearch.com
se1.iran22.fun
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
thestar.cloud.optable.co
thestar.solutions.cdn.optable.co
torontostarnewspaperslimited.demdex.net
torstar.gscontxt.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
thestar.cloud.optable.co
104.117.182.33
104.16.122.175
104.16.133.24
104.21.17.14
104.22.61.90
104.22.75.216
104.244.42.195
104.244.42.197
104.26.3.70
104.79.84.247
108.139.54.29
129.158.208.173
13.107.42.14
13.226.34.55
13.226.38.199
130.211.23.194
142.250.176.194
142.250.65.162
142.250.65.198
142.250.65.206
142.250.65.225
142.250.72.100
142.250.80.3
142.250.80.70
142.250.80.78
142.250.81.225
142.250.81.226
142.251.40.131
142.251.40.162
142.251.40.170
142.251.40.232
142.251.41.14
142.251.41.2
151.101.1.140
151.101.128.84
151.101.65.140
172.253.62.84
172.253.63.155
172.64.146.86
18.164.101.60
18.164.96.90
18.173.132.67
18.173.166.2
18.238.59.145
18.238.63.215
192.104.182.109
199.232.36.157
204.79.197.200
216.239.32.181
34.107.254.252
34.149.155.241
34.160.43.93
34.194.161.83
34.232.236.171
35.155.246.37
35.190.14.224
35.241.9.51
52.218.132.152
54.148.119.109
54.208.255.188
54.82.140.179
63.140.37.206
68.67.160.184
01594e833d67163c5d71c470fb205ab5dcea6c114cb3408c3aed83d139697c36
0206048a398c32af1e6afc13765226784f44e88ed9b2713b671eac5f4289ebf4
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
05f9253f10d43a4dda65ccaf49c178d8b9878cbfb38b08ed4e43b0f3d4f80875
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
095cc79a8d23cf53f4363500b8a08cc1b185ff21bbe2bc81d1168d4bc53e04aa
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
0e396c44938ac792546ac6681c44921a2f64c28e51fe363ddfa43ade287152c4
0e975d778dae418b5a07906c79417d2aa246bc93a5fe2bf67df4c0081770e632
0f1607f89474d8968c84c4aeb75c86a7119acabd7aba091708537fef7a9926a0
102576977cfbca21dfdb2c1169801f04e204ca1ed8c603c71fc9959cd0739eba
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13b042f6067d50d2fbdd7d9aec7e1ed264b592621945c0817af7414820508560
14fed6f425b91b5a10f4cc7076eaf5f6bb4e024ae1a1cae3dd8df918dfe32f92
15206059b1193773426292f9308891fa641157df77b08524ff746eb44c3165b1
1542e97d8bc081a10a5320a196655e5922acb90aa00af579a87f7f4dd5b2f881
17d720d513a1c440079d29e391a318abc05094fb7b16c52343a2af63123c622d
1842d3738f53d64d8a88c1c60d3e4410cf96dbbf8bd9a9702d1c09101ead76e4
190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f259c26d3aabc22ed550fb037eda8d76c8710bad06295edb4038d82e5cb16d9
244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26265a95dfba1aae8771b5427cc21c460932b0ad7140bafc67475dc455a1cd73
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
27dcc42adc616dadb4a490427637983fd245fcc53d357520bcf85f3dacd7c149
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31c96b7744aa69e231b316fbc4c6d801bfb8e762f65a61eacab22387f1ca1e50
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
37296135359833b811f82968a7487a9fce520730abc57d8adfd9e38c2f8b8a5e
37608a0907bc5f6496d993afab6008f8c733ab12d22a5f2258342473e29f384c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38c72280fd4b4e560b133e535e282d411d5e806eaba6b768cfd9c9ff9fa7a24e
39af5bc38f03afb9bbcacadacdf8ce2adc5f6745217ef8868696c6cb38e2bfe0
3c6aab782668823f75003765632cc75c18e712dd3462a88c0f75366ca85a4aa7
3c9fd49a92b1ec86e33db7a6e28662a38e67062cdfbaa0adaaec911cc554cd47
41b98c57dbe2a6c7a9e86497f1ffcf4ca102e86480be8cef7272a55855324355
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
435e079ed027223638bcafc42956f4b7d249c4f783fac3e9b29a68fdd0864daa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4600e5a62e763181217e02a8d54449e58d5d1cc3a9be57aef6b6f924d6749122
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
49003edf417b7531ac27bce16596b3e067cf71057220e76ef6d3bc59f64dbdec
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
4d13d4d55d98452dc85160297e0ce6996ca8b04661b452c1ba8eacf0dddf19db
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4f848e52906e48f4d22b0e0b71b94cf7118ad9378e98c2009081dd347a56089e
506b355f0131ad4c98708ea927cd780c11e039af311d1a2b855d5c5fab6d61df
50aef3e0a684bb9b7e8a1c0e216307d0e42038a566837fa7d0a0b93c66d2d60c
5163831b302467569ebebe2f4e8ff84653289bdbadccc1a2e8ec89bd378a9093
516743678b07edcf236561fed911dd419248fe4e6ae651c201b2fbd90f2572b9
51e62bc02cd5fca4b743c497a1b1b06096f90407e772e6acf00d6e0ec60970ad
53426bb3fb09b76cd18d82e241a6b581cd187e3c2c355abda74a072b46a68b95
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a7651847084ab1f4e168511f77643b223b6411c60a7285d7efe1afedc6bd04
57e1db376fddf5c515013845b14c2037cc2674ba1b13dd1a3a53c5f3cf1fe03d
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
5c03070b837ed5f43fd2b4195034005f828cb8af6a53b05b3fe16ee4cca56fd7
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
60671b77d817e196b67d19373e7dd056cc5f23a70f3c41e32bc378a850f13575
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6356d29bf00c5989310f2d27428b334a9ec913da489ae28af252b61966de0a00
640ffe794ffc6f498c928232b6433adfc359c060698f38d2eed5f88fe88f9cf6
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
653426c445656ae3c641e6d7f26ac0a6d76c0e734a1258b17a243cf83258e56e
658efaad40f64e45dea9783c59ac69a7addfb9d34e4943895114cefd2381a685
65b0df417f0b51c3142aac8035a3a5f35a58a6b6fcfe4473fe48a9b8d3f16f2d
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
69c0cc30a55ede57e0dc1b36135de228897b4e08405f7274c00b1d9430e9bc50
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1c5924672f3d5ec187f08b473b06b3c2e5dc51686a48fd22d256cf21139e1d
6b22acf3b276d3f419653cda2fcd12b7a8c87d2b0b34e44511b60a23ab72d7e6
6b367fd951660e763955a1043f0f07421a547bd4c9dfd1d9103f24c95dc3f2dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
72956fed691627b50461a9176d096dbfdebe035fab5f653b8b8098d869919d7f
73aa571c99c135b50ec78a42411ff31e823251e88739b22a249e3f8110c5877b
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7670a59a7daa5523caf0636cf74acafd08165f2e1b9fe877185dad505a8bc24f
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
776a03d310f4289e3f1b612a9c95915ac2aff101bb4604dcdf41902fb175f4a1
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7b3cf42134c7069baf8bb3becde86e4198002c05ebe928d46feb451238d19ed6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7daf755b623cb0003b375d09763a1ba0ef903621de9b28dbc95ced9d53c3fdc7
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
8420e7c43994879622f9e308e23c1fb10d3c8ff7250f5dbbca492159184a77b5
862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119
897042ee9aaf7b0455a2db0a548e572a88edebc5c64d3291434e393df6181d60
8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce
8c0e1f95aa09754b10449fd8cd7f2e76d8f232d1038b6cf7454db558ac79962e
8e645dab567c8f0d10cdd0c0490f302ba46a44ce98761fc4d1dd12a59b536ac7
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8fccb27bed15422298100f23773bbc262d36964eb5381ed360e06799db31b48f
922419daf0f7f53cca9234ef4f41bffaafb484020e655eae333ee4ba2af6a76a
92646a86f3a69094b6ad08cb64f573d8ed5e5641c88c19d306f1052a3a6d8488
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706
9751d9261cc190ac91be1f947e1a9fb1de1d95ef7c105ecbcb5ea39f557d9fe2
980c8780366c4be3d8e14ac0a98833e357313bd0c55e9cec1b5f16deec75c049
9867ad0515e39b35aec7cb2dcfc447a2a9c12cc76b711345a57e6c15bdfea6fc
9bbe7f68d7b49ec81d9a5adceef1d9b6e0bff795be5d090a61e5047f16b3757d
9bc0d41b4d9aed2e4002fe9afb20a51343fc9ed6f42085ab9081013af8f8a9db
9ce58dece1eb83168e07799708cd6f15f5ec776ea58e9a20264f05184a209a36
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a238524a90b422b3c42822dd4233a4c4f53a82f7053ce1a1fccd5824e6212926
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
a8b88b817bb9842c3a440c3bf5a377863eaec2de43f66340fd7c3ef053f7ee66
a9fa707d3fe2c59b4aca10262d80ee7b9cd2d424eabd3e65f28bbf967322ce7f
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeebfffbf7c51cd754e4796bd2a377e45459535c231edd633802edc7bc1988a9
af2fb9bb0f952b709eaaef5735c38c8221da34ec23a6ea89475a31fc6f264211
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1b1ba9f3d21081238cdd860f56bd67c5f1db21b6deb58d9c32cbb86457b0acb
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37
b856b8bb6238c3b4ae933aed9036f6616075289caf808e807f91f45f70decdb0
b992cf8419f1b144a718b10fcb97fb1e09220fa9f11887514c648fe6282ce312
b9ca852d6f905a1cd1a2fe604a5d435fa054f33e7be5d9a0c89310339c7e2a9a
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb7fe33bdf54061530811bf05a157d73cfe308366274ff99123affd1b0729c50
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bd07eb5d183bdf0aed3e0d1111e2b0ecaf4cc488704353b7c381a02f32ccd324
c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5
c2b772ffc50b1ef697aa4033866c0ee36dabc26079bef3e6ad96014909455a77
c4a1d629247793c9a37e72e7f72a09e6ca0e7d652244745cada2b6da93d04684
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
c7e791cd90e0a1f79ac0639e79e74527567696f3d5420566415c7234123f432e
c92834a2998d0bf2b43cf656569766e5918a0304381c0e2815dd35316150b202
ca2305e6af61a0b9f8e5e51279468e537d56aaf1699e023ee24950088497f3f1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb608d1f7f20edc1312f0f0e426822173477ec1fdd75b35411e75cae0fdd575e
ce2d7970ab159e46de9664b3f75d6d3f0120cf58600a2cae66bac58149820027
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d040f1ed8f372771c39d02cc9b3a67aacd07e097c5bd38bb249a74eeb7678861
d0721ac91b973b019d6f365bafb54fe794c973f88277924c036e25a077f5feaa
d3e8f1eb1391780e4d77b2b47e6b25799bfccf566138ce3c3838989065a2776f
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d683c982077343a5bff3cb148b821aedc8ed3d22b6d34a852f486b2b6e76484c
d72995ef7e52dafc770a56457038f77d59a619a426132bfe914ba3ba4f683640
d7ac0c33450e7b1d57f156d852669feef76296a3592874d2cb03a8727fd1d1ed
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
ddfb624caa4045659ee317be45d5f857ce64ef36525fa0e090b75eede8d53ed7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0881f84b54605a731552d09d56cdbffb85400d9871fb73240793fc4782d299a
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e14ad718c395e1bfc938690af5e1fc1d8684600b1f8a52f210e456f252f844f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c4be40792e99c3bda89239c1acb29fc0fb8f7b22ab24a0746661b0da8f4bb
e5e1075fe3b051dc5dd57d13bcce154e2db0737871b07811fc388b47be997184
e87ac06db3a497bf3387aefe664b602447c7f686fbc596f3764f4b24b7b7f0ce
e95c910b6c56705ebcaae3e1d1859b7b2013045b46d46b3e1be7f6fc6564b908
e9636f359cd4408dd8d0898ef844c4784553764159f66ce7c429ba62d772a766
ebaf2f5229b68474d902a9a20557687309cfe589d65596a468fef86d1e2d48fc
ec35831599e14f0d72fe7b1453574dfa33431de499721e4345691a6d11809a97
ec46887fd0185d1cba140c2f675ea6fae174d7b80e24976970d9170a01923e0e
edbe87a19fccef2378490eeb1bfeb0e8adbcbbfb28e9cb517d9a2e3a3e7df7a5
ee6476ad283e25475f35ace64690205f251e344e2206c38a7f5f3041ef6bc9eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1528b2562c69bee8946b337415c6e3adc7323d77bf53b77a67691a05c280a62
f198836de6a934158b2fefb5e628f5a48b0d2b975c1531af2e823de9ad68daff
f73e6815042dd44b90e6d3337789749248d4c28fe2b7376e1dd4225e6d7f47d3
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fbc774cb96be46cab2c4f68a761ba7f4b5cfa0bd2d7a9487e1fbed4b60e547c5

se1.iran22.fun Open in urlscan Pro 104.21.17.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

238 Requests

96 %HTTPS

0 %IPv6

44 Domains

66 Subdomains

63 IPs

2 Countries

3394 kBTransfer

11016 kBSize

44 Cookies

71 Outgoing links

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

se1.iran22.fun Open in urlscan Pro
104.21.17.14 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

96 %
HTTPS

0 %
IPv6

44
Domains

66
Subdomains

63
IPs

2
Countries

3394 kB
Transfer

11016 kB
Size

44
Cookies

238 HTTP transactions
2 data transactions