www.tvn-2.com Open in urlscan Pro
2a02:6ea0:cc2c:1::4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tvn.plus/
Effective URL:
https://www.tvn-2.com/plus
Submission: On November 20 via api (November 20th 2024, 9:51:22 pm UTC) from US — Scanned from US

Summary HTTP 109 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 29 domains to perform 109 HTTP transactions. The main IP is 2a02:6ea0:cc2c:1::4, located in Miami, United States and belongs to CDN77 Datacamp Limited, GB. The main domain is www.tvn-2.com. The Cisco Umbrella rank of the primary domain is 742373.
TLS certificate: Issued by E6 on October 11th 2024. Valid for: 3 months.

This is the only time www.tvn-2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
10	2a02:6ea0:cc2... 2a02:6ea0:cc2c:1::4	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
6	2606:4700::68... 2606:4700::6811:6fdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:e21... 2a02:6ea0:e210::4	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	3.167.69.77 3.167.69.77	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::67	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	13.33.252.108 13.33.252.108	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	16.182.75.41 16.182.75.41	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:201... 2600:9000:201e:d200:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::ac43:9fa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1f::9c	15169 (GOOGLE) (GOOGLE)
1	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	3.167.56.55 3.167.56.55	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1a0... 2400:52e0:1a00::1207:2	200325 (BunnyCDN ...) (BunnyCDN BUNNYWAY)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	57.128.96.95 57.128.96.95	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2600:9000:201... 2600:9000:201e:6800:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.20.248.244 52.20.248.244	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:201... 2600:9000:201e:1e00:10:be65:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.222.197.151 23.222.197.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.222.201.151 23.222.201.151	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c06::66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::94	15169 (GOOGLE) (GOOGLE)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.29.101 104.18.29.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	52.71.74.139 52.71.74.139	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.118 162.19.138.118	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::84	15169 (GOOGLE) (GOOGLE)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
109	44

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.tvn.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:cc2c:1::4 (Miami, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

www.tvn-2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:e210::4 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

static.tvn-2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.167.69.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-77.iad61.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.252.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-108.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 16.182.75.41 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

streann-static.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:d200:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::9a (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.56.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-55.iad61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 57.128.96.95 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy07.cl11.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:6800:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

loader.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.248.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-248-244.compute-1.amazonaws.com

services.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:1e00:10:be65:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

t.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.197.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.201.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-201-151.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::94 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

fapi.streann.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.74.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-74-139.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	76 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	189 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	336 KB
12	tvn-2.com www.tvn-2.com — Cisco Umbrella Rank: 742373 static.tvn-2.com — Cisco Umbrella Rank: 851798	785 KB
6	amazonaws.com streann-static.s3.amazonaws.com — Cisco Umbrella Rank: 987573	92 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669 onesignal.com — Cisco Umbrella Rank: 1761 img.onesignal.com — Cisco Umbrella Rank: 10383	94 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com	146 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	19 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 506	145 KB
3	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7097	2 KB
3	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 56050 loader.unblockia.com — Cisco Umbrella Rank: 59609 t.unblockia.com — Cisco Umbrella Rank: 50645	38 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	33 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	29 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1737 at.teads.tv — Cisco Umbrella Rank: 7513	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	insurads.com cdn.insurads.com — Cisco Umbrella Rank: 23273 services.insurads.com — Cisco Umbrella Rank: 19398	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1329	7 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	streann.com fapi.streann.com — Cisco Umbrella Rank: 969039	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	17 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9039	45 KB
1	tvn.plus 1 redirects www.tvn.plus	303 B
109	29

	Domain	Requested by
12	www.googletagmanager.com	www.tvn-2.com www.googletagmanager.com
11	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
10	www.tvn-2.com	www.tvn-2.com
6	securepubads.g.doubleclick.net	streann-static.s3.amazonaws.com securepubads.g.doubleclick.net imasdk.googleapis.com
6	streann-static.s3.amazonaws.com	www.googletagmanager.com streann-static.s3.amazonaws.com
4	pagead2.googlesyndication.com	cdn.unblockia.com imasdk.googleapis.com
4	www.google.com	www.googletagmanager.com www.tvn-2.com ep2.adtrafficquality.google
3	imasdk.googleapis.com	streann-static.s3.amazonaws.com imasdk.googleapis.com
3	events.newsroom.bi	sdk.mrf.io
3	td.doubleclick.net	www.googletagmanager.com
3	onesignal.com	cdn.onesignal.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	www.facebook.com	www.tvn-2.com
2	analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.tvn-2.com connect.facebook.net
2	tags.crwdcntrl.net	www.tvn-2.com securepubads.g.doubleclick.net
2	static.tvn-2.com	www.tvn-2.com
2	cdn.onesignal.com	www.tvn-2.com cdn.onesignal.com
1	gum.criteo.com	static.criteo.net
1	f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	fapi.streann.com	streann-static.s3.amazonaws.com
1	s0.2mdn.net	imasdk.googleapis.com
1	at.teads.tv	a.teads.tv
1	a.teads.tv	www.googletagmanager.com
1	img.onesignal.com	www.tvn-2.com
1	t.unblockia.com	cdn.unblockia.com
1	services.insurads.com	cdn.insurads.com
1	loader.unblockia.com	cdn.unblockia.com
1	cdn.insurads.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	sdk.mrf.io	www.tvn-2.com
1	cdn.unblockia.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.tvn.plus	1 redirects
109	46

This site contains links to these domains. Also see Links.

Domain
www.tvnpass.com
juguetes.tvn-2.com
tuhogar.tvn-2.com
www.facebook.com
www.instagram.com
www.youtube.com
apps.apple.com
play.google.com
streann.com

Subject Issuer	Validity	Valid
www.tvn-2.com E6	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
images.tvn-2.com E5	`2024-11-06` - `2025-02-04`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.unblockia.com Amazon RSA 2048 M03	`2024-01-23` - `2025-02-20`	a year	crt.sh
sdk.mrf.io WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.googleadservices.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2024-05-13` - `2025-06-14`	a year	crt.sh
ssl03.cert.cl11.k8s.mrf.io E5	`2024-10-08` - `2025-01-06`	3 months	crt.sh
teads.tv R11	`2024-11-05` - `2025-02-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.streann.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-30` - `2025-08-29`	a year	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.tvn-2.com/plus
Frame ID: 9296B4BA63A011D79F15F32A4937D25E
Requests: 96 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.tvn-2.com
Frame ID: 38716D720B9D4B05DAFD83D36250E954
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10965653580?random=1732139475636&cv=11&fst=1732139475636&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: A1B223E9F0949FA837D8E4CD7BD5231A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10965653580?random=1732139475667&cv=11&fst=1732139475667&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 57EA3B686A0E8920B4A0C60EBF5AD6D9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-2LE1FE1C9N&gacid=1724274854.1732139476&gtm=45je4bj0v892819104z877379006za200zb77379006&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=55114955
Frame ID: 3F8C0414B42491E44AEB79D57944F159
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 8B1A69E478E1F6A472C6763195F37B34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DD28B894619D8347BAB5DBD6497E7DD2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: A85CE0B754C40892736ED0DDCA15F5E1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 42542559C7D714E86AD0933E3790BB3E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 78C3AB9E16D2EEA40786670587BF927F
Requests: 1 HTTP requests in this frame

Frame: https://f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1EA25E5F2E526D3F1E9BC43029194FA1
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: D5B586CBD264785EDB228600DD8F34EB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DE0F59C3734EFD254A6C006C38CFB17
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.tvn-2.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: E6E6EF5CAD422B9D47F926CAAE1FF6E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.tvn.plus/ HTTP 301
https://www.tvn-2.com/plus Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

109
Requests

98 %
HTTPS

64 %
IPv6

29
Domains

46
Subdomains

44
IPs

4
Countries

2248 kB
Transfer

7007 kB
Size

33
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tvnpass.com/
Title: En vivo

Search URL Search Domain Scan URL

URL: https://juguetes.tvn-2.com/
Title: Juguetes

Search URL Search Domain Scan URL

URL: https://tuhogar.tvn-2.com/
Title: Tu Hogar

Search URL Search Domain Scan URL

URL: https://www.tvnpass.com/?utm_source=WEB&utm_medium=boton&utm_campaign=envivo
Title: Caso Cerrado

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tvnpanama

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tvnnoticias/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_r4iEfF8Nx6IAIZydux7yg

Search URL Search Domain Scan URL

URL: https://apps.apple.com/pa/app/tvn-noticias-panam%C3%A1/id494735235?platform=iphone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.tvn2.app

Search URL Search Domain Scan URL

URL: https://streann.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tvn.plus/ HTTP 301
https://www.tvn-2.com/plus Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10965653580/?random=1386805308&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAIgK72uQYQmOOe_P6C3sR8Eh0AVyOIN3uqAJW7A1DCYeOp9iiUbTV1yfy7MHccPA&pscrd=IhMIzNCasfLriQMVTgiICR2zjgsXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy50dm4tMi5jb20vQlRDaEFJZ0s3MnVRWVEwYnp3dExydWlkcFJFaXNBSHQ0Sm9kSkxEY1ZEWU42eUZTbV9sUy1kcWVJM01UNWZyR19FVUY5SDFyNXlaUlBlUUFGLUpwMWE HTTP 302
https://www.google.com/pagead/1p-conversion/10965653580/?random=1386805308&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIzNCasfLriQMVTgiICR2zjgsXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy50dm4tMi5jb20vQlRDaEFJZ0s3MnVRWVEwYnp3dExydWlkcFJFaXNBSHQ0Sm9kSkxEY1ZEWU42eUZTbV9sUy1kcWVJM01UNWZyR19FVUY5SDFyNXlaUlBlUUFGLUpwMWE&is_vtc=1&cid=CAQSKQCa7L7dhTmivAIuafRBzm41woOLMzphJgMDJ3A88yyFYCDMYTCu3dIL&eitems=ChAIgK72uQYQmOOe_P6C3sR8Eh0AVyOIN924MbkNL3ZAUI5p91_d_409TZ4uXc9lRw&random=40591781

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request plus Show response
www.tvn-2.com/
Redirect Chain

https://www.tvn.plus/
https://www.tvn-2.com/plus

98 KB
21 KB

728ms
41ms

Document
text/html

2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 6129767b9250caee4025e226c14f0ba94b33b19256c7a91067a89a2d799fa4bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 2112
cache-control: max-age=60, public, s-maxage=60
content-encoding: gzip
content-length: 20991
content-type: text/html; charset=UTF-8
cpc-age: 0
cpc-cache: MISS
date: Wed, 20 Nov 2024 21:16:02 GMT
surrogate-control: content="ESI/1.0"
tp-cache: hit
vary: Accept-Encoding, X-Device, X-Forwarded-Proto
x-amz-cf-id: QyCaf3N7A_cqcIZesiobhtc5uOnQTuz229XBqtkCwLoNSQevlcXz5w==
x-amz-cf-pop: MIA3-P2
x-cache: Error from cloudfront

Redirect headers

Connection: close
Content-Length: 61
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Nov 2024 21:51:14 GMT
Location: https://www.tvn-2.com/plus
Server: ip-10-123-124-151.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 10427f2a-ab5e-47d4-aabf-de4bd32f2156

GET
H2 200 app.h-f0498dae5b3204a3acbb.css
www.tvn-2.com/tvn/ 467 KB
47 KB 132ms
131ms Stylesheet
text/css 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/app.h-f0498dae5b3204a3acbb.css
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: d7b04f73f3dd1ab125b0618518b3efbfcef36d58b363e93b7bce49654eb058ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: MISS
content-encoding: gzip
etag: W/"672c7dce-74d3d"
age: 1170385
x-cache: Miss from cloudfront
x-amz-cf-id: bBlcFza-nFFNB5_Lfik_HC4TrPpKsqAo6SV-6oPRxlpBVhlgdmwRfg==
date: Thu, 07 Nov 2024 08:44:49 GMT
content-type: text/css
last-modified: Thu, 07 Nov 2024 08:43:58 GMT
vary: Accept-Encoding, X-Device, X-Forwarded-Proto
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
cpc-age: 0
content-length: 47381
x-amz-cf-pop: MIA3-P2

GET
H2 200 vendor.h-f0498dae5b3204a3acbb.css
www.tvn-2.com/tvn/ 11 KB
3 KB 146ms
145ms Stylesheet
text/css 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/vendor.h-f0498dae5b3204a3acbb.css
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: ab63c927c4fdec5c423982c2a588ceed2d2070222d091e0d3a61f2578497618e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: MISS
content-encoding: gzip
etag: W/"672c7dce-2a62"
age: 1170386
x-cache: Miss from cloudfront
x-amz-cf-id: X7RhAo0cnVG-wj50L_9CEmfnPhy7t1t2SM0eVU7C51YJ8I3DgLdu9A==
date: Thu, 07 Nov 2024 08:44:49 GMT
content-type: text/css
last-modified: Thu, 07 Nov 2024 08:43:58 GMT
vary: Accept-Encoding, X-Device, X-Forwarded-Proto
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
cpc-age: 0
content-length: 2292
x-amz-cf-pop: MIA3-P2

GET
H2 200 vendor.h-f0498dae5b3204a3acbb.js Show response
www.tvn-2.com/tvn/ 660 KB
194 KB 147ms
146ms Script
application/javascript 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/vendor.h-f0498dae5b3204a3acbb.js
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 40083b6ebd32925131753c10d5d8c9f23b20b90938371099fff7d7a24c587d7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tvn-2.com
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: MISS
content-encoding: gzip
etag: W/"672c7dce-a51b8"
age: 1170387
x-cache: Miss from cloudfront
x-amz-cf-id: _7hb5ykL0qFxZ1JqPWkAdCBT-9EqC5Ot_hV6xJ9hGpxu14JzMmeHyg==
date: Thu, 07 Nov 2024 08:44:47 GMT
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 08:43:58 GMT
vary: accept-encoding, X-Device, X-Forwarded-Proto
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
cpc-age: 0
content-length: 198169
x-amz-cf-pop: MIA3-P2

GET
H2 200 app.h-f0498dae5b3204a3acbb.js Show response
www.tvn-2.com/tvn/ 458 KB
118 KB 43ms
42ms Script
application/javascript 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/app.h-f0498dae5b3204a3acbb.js
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: c069b1fdf4dee32b30c9b1f01a4dd15dac35a44a6b5d61e1edecad45a192c533

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tvn-2.com
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: HIT
content-encoding: gzip
etag: W/"672c7dce-726ee"
age: 1170387
x-cache: Miss from cloudfront
x-amz-cf-id: wcqrLMSf9-E66Aodj0mtmi6VG7idusmIRMMsOLhs7GUI95Va5tDFYQ==
date: Thu, 07 Nov 2024 08:44:48 GMT
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 08:43:58 GMT
vary: accept-encoding, X-Device, X-Forwarded-Proto
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
cpc-age: 7
content-length: 120788
x-amz-cf-pop: MIA3-P2

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 50ms
30ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 3163
via: 1.1 google
cf-ray: 8e5ba9090d630ce9-EWR
expires: Sat, 23 Nov 2024 21:51:15 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 336 KB
115 KB 67ms
34ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97000b727383a3a7c33c74aca1129fdceaf07ec5c61b213b6c99ffb4e27e61fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 20 Nov 2024 21:51:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 117190
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 14a49111-b2d2-48ac-b94f-464ca87c2a83_source-aspect-ratio_default_0.jpg
static.tvn-2.com/clip/ 330 KB
331 KB 376ms
27ms Image
image/jpeg 2a02:6ea0:e210::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tvn-2.com/clip/14a49111-b2d2-48ac-b94f-464ca87c2a83_source-aspect-ratio_default_0.jpg
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e210::4 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 4d1a2133d90e217344b35c4b2b15b1e8256904e2078658d9bf0a66126ece8440

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

tp-cache: hit
cpc-cache: MISS
age: 96336
access-control-allow-methods: GET, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: 3U2xEscjWiAYq2MeZLMnRtfevgJQzvUPIJmsfAgr9K3EIQPt7_YagQ==
date: Tue, 19 Nov 2024 19:05:39 GMT
content-type: image/jpeg
vary: , X-Device, X-Forwarded-Proto
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: max-age=31536000, public, s-maxage=31536000
accept-ranges: bytes
access-control-allow-origin: *
cpc-age: 0
content-length: 338294
x-amz-cf-pop: IAD55-P2

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/16908/ 63 KB
19 KB 52ms
16ms Script
text/javascript 3.167.69.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16908/lt.min.js
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-77.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e11fe4bfc7bcd7a261144ffe3b61e98f8a4b8ed2222749748dfc585ea9bd0d3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"51d42c2f874ba5098c6142ff350d79c2"
age: 38814
via: 1.1 cdc92f37130d0a9615a188e5b74a6fb0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 4WX8Qfyyn9Ptr7qHiAa1ZlDdbuN0bi3jNczE4bMa7aQMZVcbtTnl1g==
date: Wed, 20 Nov 2024 11:04:22 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:50:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 33ms
33ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 1306
via: 1.1 google
cf-ray: 8e5ba9094d940ce9-EWR
expires: Sat, 23 Nov 2024 21:51:15 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

POST
H3 200 collect
www.google.com/ccm/ 0
0 71ms
29ms Ping
text/plain 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&scrsrc=www.googletagmanager.com&frm=0&rnd=256028635.1732139476&auid=1061126267.1732139476&npa=0&gtm=45He4bj0v77379006za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732139475526&tfd=1523&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 396 KB
130 KB 40ms
39ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2LE1FE1C9N&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77abf9306e3c04256dc07987af9b839d4f4ee1909d69752cfc124d4913f1dc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 21:51:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132967
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 45ms
8ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
age: 6147
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 22:08:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 20:08:48 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 hotjar-1694276.js Show response
static.hotjar.com/c/ 13 KB
6 KB 57ms
18ms Script
application/javascript 13.33.252.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1694276.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-108.jfk50.r.cloudfront.net

Software

Resource Hash

8b96b5430a12f5d1da29b950fe263b8afa5d9b2cdc78b3490fa1a015e13962cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
etag: W/4f53051a2415da5c944c25ee5f375a1e
age: 4
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: 39AQSeSbDFzcNcUZMxndoemLWcV7OxjiNMYCufl_OykuXKaL50O1Gg==
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 37c23a320daf1957772cba43d1a5bde0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P10

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 253 KB
91 KB 26ms
25ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10965653580&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a001500d61b1f8f58fccd240ea3792e03a132db857aa0124c23fa77518bc0ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 20 Nov 2024 21:51:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92554
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 41ms
15ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-nLfvg1eo' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-nLfvg1eo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4456, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: xvLA9G8IiJJe7cdnlTKkfg7yzS9YTKGEVa3RjbfoS9muvcCgzbTiuvmKLWzLMB5AtXcaxAbVNoTu6N4QyQZ22g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK player2.js Show response
streann-static.s3.amazonaws.com/inside-ad-ima-2/ 51 KB
52 KB 127ms
34ms Script
application/javascript 16.182.75.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.75.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c13153e8d8f9baac9227c7bcd5cdcacfb09f4ef4b8d128ea26009ca80bed9431

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: 31UfCqLOlTnUX1iXg0XFcH8Z/Nhytt7yO2R1ehO7DrU3Dc/RHYd+Ln56DVN0ZubILG4MhDZD5Sk=
ETag: "0b3d760e7647f0b59a30efec7c0560a3"
x-amz-version-id: VHFlefJPd01633fO9b4WFX2Ff3WwPku7
x-amz-request-id: MH3X80691NTRZH0G
Accept-Ranges: bytes
Content-Length: 52697
Date: Wed, 20 Nov 2024 21:51:16 GMT
Last-Modified: Wed, 06 Mar 2024 14:10:43 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 h.js Show response
cdn.unblockia.com/ 164 KB
37 KB 150ms
15ms Script
application/x-javascript 2600:9000:201e:d200:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:d200:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
x-amz-version-id: m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
x-amz-meta-codebuild-content-md5: fb4d4b7b1d35720e2d2481016ef4369b
age: 52618
etag: W/"bc5af0220c4116294c4e9c72ae4e244c"
x-cache: Hit from cloudfront
x-amz-cf-id: g3Gr-A-3NLzyfNjgu1PglXeMZ3BLJUTvY476JU0kT8vfVzHTwEMJ8w==
date: Wed, 20 Nov 2024 07:14:18 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
vary: accept-encoding, Origin
content-type: application/x-javascript
last-modified: Tue, 20 Jun 2023 10:06:46 GMT
via: 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
server: AmazonS3
x-amz-meta-codebuild-content-sha256: 02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-server-side-encryption: AES256

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 166 KB
45 KB 121ms
50ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7183
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc231b65510f6790491839c591fbe3174666aadfe0ebdfaebeab994c497a0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tvn-2.com
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 63
x-response-time: 20ms
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Nov 2024 21:48:12 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=1800
x-envoy-upstream-service-time: 32
cf-ray: 8e5ba90aaf7719bf-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45977
server: cloudflare

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 24ms
23ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
43 B 25ms
25ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 3871 0
0 46ms
15ms Document
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.tvn-2.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 78223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 00:07:32 GMT
expires: Thu, 20 Nov 2025 00:07:32 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 web Show response
onesignal.com/api/v1/sync/dad55a49-e950-406d-a478-67f4660bd987/ 3 KB
2 KB 67ms
49ms Script
text/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/dad55a49-e950-406d-a478-67f4660bd987/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ef61714ef72e4a1400cd1f132ceef68e567680a7786d9d4e70c6ce5d83acd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-request-id: fc3f4a65-a0c9-4d54-911f-ea681803129f
content-encoding: br
cf-cache-status: HIT
etag: W/"68ef61714ef72e4a1400cd1f132ceef6"
age: 335
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 22:51:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.034655
priority: u=3,i=?0
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8e5ba90a98c48c84-EWR
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10965653580/ 5 KB
2 KB 80ms
30ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10965653580/?random=1732139475636&cv=11&fst=1732139475636&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10965653580&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba3f98b949f4971df27a8de607764745e6f3b2d9e1cdfb6620117b5df56e701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2332
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10965653580
td.doubleclick.net/td/rul/ Frame A1B2 0
0 66ms
32ms Document
text/html 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10965653580?random=1732139475636&cv=11&fst=1732139475636&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10965653580&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:51:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10965653580/ 5 KB
3 KB 58ms
33ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10965653580/?random=1732139475667&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10965653580&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

eec584e0ff37255d27521b6282aa616b581773929bb2fa967023492cee3f1b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2657
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10965653580
td.doubleclick.net/td/rul/ Frame 57EA 0
0 62ms
33ms Document
text/html 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10965653580?random=1732139475667&cv=11&fst=1732139475667&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10965653580&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:51:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Oxygen-Regular.h-825ad91f7f5e5c720bbdff992ea9b55a.woff2
www.tvn-2.com/tvn/fonts/ 16 KB
16 KB 41ms
40ms Font
application/octet-stream 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/fonts/Oxygen-Regular.h-825ad91f7f5e5c720bbdff992ea9b55a.woff2
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tvn-2.com
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: HIT
etag: "6722b5d2-3fdc"
age: 1763591
access-control-allow-methods: GET, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: s8zlX9tRchnkGFrwnLZESixNE_xFES3DFN-KX4x7Hji58UZda4rv_Q==
date: Thu, 31 Oct 2024 11:58:04 GMT
content-type: application/octet-stream
last-modified: Wed, 30 Oct 2024 22:40:18 GMT
vary: , X-Device, X-Forwarded-Proto
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
access-control-allow-origin: *
cpc-age: 15130
content-length: 16348
x-amz-cf-pop: MIA3-P2

GET
H2 200 Oxygen-Bold.h-f2e415d7093089b7663c0fea3441b346.woff2
www.tvn-2.com/tvn/fonts/ 16 KB
16 KB 42ms
41ms Font
application/octet-stream 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/fonts/Oxygen-Bold.h-f2e415d7093089b7663c0fea3441b346.woff2
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tvn-2.com
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: HIT
etag: "67067375-3f2c"
age: 1763591
access-control-allow-methods: GET, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: gD4p4f-NJEjT1ILflXvd-ee-WndnHZiNbs1xtDdilKNtnQYNmXS--w==
date: Thu, 31 Oct 2024 11:58:04 GMT
content-type: application/octet-stream
last-modified: Wed, 09 Oct 2024 12:13:41 GMT
vary: , X-Device, X-Forwarded-Proto
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
access-control-allow-origin: *
cpc-age: 4457
content-length: 16172
x-amz-cf-pop: MIA3-P2

GET
H2 200 Raleway-Bold.h-bc3c769b66664fe6f48b0e35e7a4a70e.woff2
www.tvn-2.com/tvn/fonts/ 21 KB
21 KB 43ms
41ms Font
application/octet-stream 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/tvn/fonts/Raleway-Bold.h-bc3c769b66664fe6f48b0e35e7a4a70e.woff2
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tvn-2.com
Referer: https://www.tvn-2.com/plus

Response headers

tp-cache: hit
cpc-cache: HIT
etag: "6722b5d2-53c0"
age: 1763591
access-control-allow-methods: GET, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: s_7LqzAbIjuVb-1zS-FAHoU0kq5hGwnkqDixoRIdEuxYu-ralkznXQ==
date: Thu, 31 Oct 2024 11:58:04 GMT
content-type: application/octet-stream
last-modified: Wed, 30 Oct 2024 22:40:18 GMT
vary: , X-Device, X-Forwarded-Proto
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
access-control-allow-origin: *
cpc-age: 15130
content-length: 21440
x-amz-cf-pop: MIA3-P2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
420 B 27ms
26ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1147262048&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=931331799&gjid=1886157318&cid=1724274854.1732139476&tid=UA-35978065-1&_gid=313709059.1732139476&_r=1&_slc=1&gtm=45He4bj0n81PX3BFSXv77379006za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1627117365

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.tvn-2.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
71 B 28ms
28ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1147262048&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=277234345&gjid=1851992486&cid=1724274854.1732139476&tid=UA-10103699-1&_gid=313709059.1732139476&_r=1&_slc=1&gtm=45He4bj0n81PX3BFSXv77379006za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=44191614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.tvn-2.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 modules.86621fa4aeada5bcf025.js Show response
script.hotjar.com/ 222 KB
55 KB 88ms
16ms Script
application/javascript 3.167.56.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.86621fa4aeada5bcf025.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1694276.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-55.iad61.r.cloudfront.net

Software

Resource Hash

feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "ff8702986a1c41356391628a5f5d6f03"
age: 27548
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: IC1x7Qa6dqk7aggDdUbZPZ4iVh7Y3ikd9KxygM8csC14-RiktIibfQ==
date: Wed, 20 Nov 2024 14:12:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Nov 2024 14:11:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 ee577eca64c62b377915121bc88081d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56243
x-amz-cf-pop: IAD61-P5

GET
H2 401 profile Show response
www.tvn-2.com/api/front/user/ 90 B
459 B 83ms
81ms XHR
application/json 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/api/front/user/profile
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/tvn/vendor.h-f0498dae5b3204a3acbb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: c4d8fe765552663af4be125ba9a9db43d8c960a16a217897b7ac441d509e571d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.tvn-2.com/plus

Response headers

cache-control: max-age=0, no-cache, private
tp-cache: miss
cpc-cache: MISS
content-encoding: gzip
age: 0
cpc-age: 0
x-cache: Error from cloudfront
x-amz-cf-id: ByOxEJZGsp1Uv6mlF7JlwUSb9u3QU_aVKYYUNoQGo7jNnNN4EQtOjA==
date: Wed, 20 Nov 2024 21:51:15 GMT
content-length: 114
content-type: application/json
x-amz-cf-pop: MIA3-P2
vary: , X-Device, X-Forwarded-Proto, Accept-Encoding

GET
H2 200 14a49111-b2d2-48ac-b94f-464ca87c2a83_source-aspect-ratio_default_0.jpg
static.tvn-2.com/clip/ 330 KB
0 1ms
1ms Image
image/jpeg 2a02:6ea0:e210::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tvn-2.com/clip/14a49111-b2d2-48ac-b94f-464ca87c2a83_source-aspect-ratio_default_0.jpg
Requested by: Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e210::4 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 4d1a2133d90e217344b35c4b2b15b1e8256904e2078658d9bf0a66126ece8440

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

tp-cache: hit
cpc-cache: MISS
age: 96336
access-control-allow-methods: GET, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: 3U2xEscjWiAYq2MeZLMnRtfevgJQzvUPIJmsfAgr9K3EIQPt7_YagQ==
date: Tue, 19 Nov 2024 19:05:39 GMT
content-type: image/jpeg
vary: , X-Device, X-Forwarded-Proto
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: max-age=31536000, public, s-maxage=31536000
accept-ranges: bytes
access-control-allow-origin: *
cpc-age: 0
content-length: 338294
x-amz-cf-pop: IAD55-P2

GET
H3 200 739189350496692 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/739189350496692?v=2.9.176&r=stable&domain=www.tvn-2.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b501a54f141c1242a7f313ab5d32b8c02a37c39ce0c69ff53a6d175d84b1693

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-b8HIeTAS' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-b8HIeTAS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=73, mss=1232, tbw=70876, tp=67, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 0JvRgqL8xGsLLYZl7AW5q9+J/k1o1lFygAzJ0NXojeC/P5RY+vJNCxX+dnWHCUNwG9+fpTZwVc3nFU/8YvqDoA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14956
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
analytics.google.com/g/ 0
0 68ms
27ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2LE1FE1C9N&gtm=45je4bj0v892819104z877379006za200zb77379006&_p=1732139475343&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1724274854.1732139476&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732139475&sct=1&seg=0&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&dt=&en=page_view&_fv=1&_ss=1&tfd=1890
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2LE1FE1C9N&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.tvn-2.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
553 B 62ms
23ms Ping
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2LE1FE1C9N&cid=1724274854.1732139476&gtm=45je4bj0v892819104z877379006za200zb77379006&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2LE1FE1C9N&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.tvn-2.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 3F8C 0
0 34ms
33ms Document
text/html 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-2LE1FE1C9N&gacid=1724274854.1732139476&gtm=45je4bj0v892819104z877379006za200zb77379006&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=55114955

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2LE1FE1C9N&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:51:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 24ms
23ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PX3BFSX&v=3&t=t&pid=1863092889&cv=348&rv=4bj0&tc=80&tag_exp=101925629~102067555~102067808~102077855~102081485&es=1&e=*&eid=1&u=AAAAAAAIAAAAAACA&ut=Ag&h=Ag&hf=0__html.0__html.0__html.0__html.0__html.0__html.0__html&ht=p__html.p__html.p__html.p__html.p__html.p__html.p__html&tr=1gclidw.1googtag.1ua.1ua.1paused.1paused.1hjtc.1paused.1paused.1paused.1sp.1awct.1paused.1paused.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1cl.1tg.1tg.1html.1html.1html.1html.1html.1html.1html.5gclidw.5googtag.6paused.6paused.6paused.6paused.6paused.6paused.6paused.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5cl.5tg.5tg.5html.5html.5html.5html.5html.5hjtc&ti=1gclidw.2googtag.1ua.1ua.2paused.2paused.2hjtc.2paused.2paused.2paused.1sp.1awct.2paused.2paused.2cl.2cl.2cl.2cl.2cl.2cl.2cl.2cl.2lcl.2lcl.2lcl.2lcl.2lcl.2lcl.2lcl.2cl.1tg.1tg.2html.2html.2html.2html.2html.2html.2html.1gclidw.2googtag.2paused.2paused.2paused.2paused.2paused.2paused.2paused.2cl.2cl.2cl.2cl.2cl.2cl.2cl.2cl.2lcl.2lcl.2lcl.2lcl.2lcl.2lcl.2lcl.2cl.1tg.1tg.2html.2html.2html.2html.2html.2hjtc&z=0

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 24ms
23ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 23ms
22ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:15 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 71ms
36ms Fetch
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cafb17835c120aed8b9e206503f5d8d844ade8efd11c6a8fe4b46ad1f44c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
etag: 1954387211380785339
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 21:51:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53285
x-xss-protection: 0
server: cafe

GET
H2 200 UKJD0M3L.js Show response
cdn.insurads.com/bootstrap/ 8 KB
4 KB 155ms
26ms Script
application/x-javascript 2400:52e0:1a00::1207:2
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/UKJD0M3L.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software: BunnyCDN-IL1-1207 /
Resource Hash: 935a512592543882c530548a15eaa2fa05394c2cbd880d5f61aa1a77abc430fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "ccea5666bfe3e15a6a660a657089838c"
date: Wed, 20 Nov 2024 21:51:16 GMT
last-modified: Mon, 17 Jun 2024 09:33:53 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: UDD3fU+Qmvfl3IRniWzECmUPOO0u/E+O4ec1bmjaKtCbujO4JnamIh5O8IO/jHI+LajQDEeb+uI=
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2024 11:13:13
cache-control: max-age=86400, s-maxage=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cdn-requestid: ca5df0e8498df5e72f5df638e0e207c2
cdn-pullzone: 55316
cdn-proxyver: 1.04
x-amz-request-id: 2A1QR92E7ZBSQA5R
cdn-edgestorageid: 941
server: BunnyCDN-IL1-1207
cdn-requestcountrycode: US
x-amz-server-side-encryption: AES256

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 24ms
24ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?ctid=GTM-PX3BFSX&t=s&si=479&m=0&iss=4&sid=8421123313190061&cc=1&tl=242&hc=1&cl=0&pid=233774467&bc=1

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/10965653580/ 42 B
64 B 29ms
28ms Image
image/gif 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10965653580/?random=1732139475636&cv=11&fst=1732136400000&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7daD1b94nBO5G4W_xeD7GKHr2L3EVDiA&random=3036042258&rmt_tld=0&ipr=y

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.com/pagead/1p-conversion/10965653580/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10965653580/?random=1386805308&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l...
https://www.google.com/pagead/1p-conversion/10965653580/?random=1386805308&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101...

42 B
64 B

33ms
33ms

Image
image/gif

2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/10965653580/?random=1386805308&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIzNCasfLriQMVTgiICR2zjgsXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy50dm4tMi5jb20vQlRDaEFJZ0s3MnVRWVEwYnp3dExydWlkcFJFaXNBSHQ0Sm9kSkxEY1ZEWU42eUZTbV9sUy1kcWVJM01UNWZyR19FVUY5SDFyNXlaUlBlUUFGLUpwMWE&is_vtc=1&cid=CAQSKQCa7L7dhTmivAIuafRBzm41woOLMzphJgMDJ3A88yyFYCDMYTCu3dIL&eitems=ChAIgK72uQYQmOOe_P6C3sR8Eh0AVyOIN924MbkNL3ZAUI5p91_d_409TZ4uXc9lRw&random=40591781

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/10965653580/?random=1386805308&cv=11&fst=1732139475667&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z877379006za201zb77379006&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tvn-2.com%2Fplus&label=Lq_ZCO6g2tMDEMyw6uwo&hn=www.googleadservices.com&frm=0&value=0&npa=0&pscdl=noapi&auid=1061126267.1732139476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIzNCasfLriQMVTgiICR2zjgsXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy50dm4tMi5jb20vQlRDaEFJZ0s3MnVRWVEwYnp3dExydWlkcFJFaXNBSHQ0Sm9kSkxEY1ZEWU42eUZTbV9sUy1kcWVJM01UNWZyR19FVUY5SDFyNXlaUlBlUUFGLUpwMWE&is_vtc=1&cid=CAQSKQCa7L7dhTmivAIuafRBzm41woOLMzphJgMDJ3A88yyFYCDMYTCu3dIL&eitems=ChAIgK72uQYQmOOe_P6C3sR8Eh0AVyOIN924MbkNL3ZAUI5p91_d_409TZ4uXc9lRw&random=40591781
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 88ms
14ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=739189350496692&ev=PageView&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&rl=&if=false&ts=1732139476061&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1732139476058.9855622996334086&cs_est=true&ler=empty&cdl=API_unavailable&it=1732139475847&coo=false&rqm=GET

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4505, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 224ms
151ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=739189350496692&ev=PageView&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&rl=&if=false&ts=1732139476061&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1732139476058.9855622996334086&cs_est=true&ler=empty&cdl=API_unavailable&it=1732139475847&coo=false&rqm=FGET

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439482402474324336"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PUHeQccj4eFfr1KdZpA5OTYxK9JacWH9mv1yygRQZwTXtMrZXaszxpSf8OiRu/uBTpU6jbsITh0i5mwY7EQqyw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439482402474324336", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4873, tp=13, tpl=0, uplat=137, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 89 B
882 B 368ms
81ms Fetch
application/json 57.128.96.95
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7183
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.95 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy07.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.tvn-2.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.tvn-2.com
content-length: 99
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 id.json Show response
loader.unblockia.com/c/tvn-2.com/ 11 B
471 B 132ms
15ms Fetch
application/octet-stream 2600:9000:201e:6800:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.unblockia.com/c/tvn-2.com/id.json
Requested by: Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:6800:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44336cf65ba2c63584a16ae3b8658f22d1ab24bd1ac3f9e041e8e9df427aea3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

access-control-expose-headers: *
x-amz-version-id: xV1gX9xibO_egNG.m2LgVB7Ixpq5vOPW
etag: "0df93ec0607d126d58a46e4d94bb6e6b"
age: 17402
x-cache: Hit from cloudfront
x-amz-cf-id: tkI9XgKiZwuXt3DI5IX1hIKj0Kvz97mz1lWRxy8c7pocFtLzd7tl4g==
date: Wed, 20 Nov 2024 17:01:43 GMT
content-type: application/octet-stream
vary: accept-encoding
last-modified: Wed, 21 Aug 2024 11:06:39 GMT
via: 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11
x-amz-cf-pop: IAD89-C3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 49ms
49ms Stylesheet
text/css 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
age: 1191
expires: Fri, 20 Dec 2024 21:51:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: text/css
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 google
cf-ray: 8e5ba90dcdc48c84-EWR
server: cloudflare

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/dad55a49-e950-406d-a478-67f4660bd987/ 184 B
783 B 72ms
71ms Fetch
application/json 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/dad55a49-e950-406d-a478-67f4660bd987/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a3b1245292244e1f518e7565d1864f099393a50113881d0bb7f9c182000193

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-request-id: 3ac6d9dc-ee24-41b5-b53d-5035079b74e0
content-encoding: br
cf-cache-status: HIT
etag: W/"f2a3b1245292244e1f518e7565d1864f"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.100641
priority: u=1,i
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8e5ba90e2cfb41e1-EWR
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 init Show response
services.insurads.com/ 42 B
279 B 122ms
14ms Script
application/javascript 52.20.248.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/init?appId=UKJD0M3L&h=https%3A%2F%2Fwww.tvn-2.com%2Fplus&tcfc=1&t=1732139476231
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/UKJD0M3L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.248.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-248-244.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b4d587cecda63acc6a4c5574619791f557d0b59e0676453fbba7b347e0bc4bd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-nocache: true
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/javascript;charset=UTF-8
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 /
t.unblockia.com/ 0
270 B 280ms
83ms Ping
application/json 2600:9000:201e:1e00:10:be65:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.unblockia.com/?sid=1813&o=3&b=1&p=1&t=4
Requested by: Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:1e00:10:be65:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

access-control-expose-headers: *
via: 1.1 98e30e5953336545df428a8f5923a288.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: jklQW9i8DI58Kg2_Ol16jCsBvWMi4BNo_5TeI2JjhoonTYoYh5hU6w==
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/json
x-amz-cf-pop: IAD89-C3
server: nginx/1.20.0

GET
H3 200 dbc3b994-8df9-461f-982b-ad5d06bb5aaa
img.onesignal.com/permanent/ 11 KB
11 KB 26ms
25ms Image
application/octet-stream 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/dbc3b994-8df9-461f-982b-ad5d06bb5aaa

Requested by

Host: www.tvn-2.com
URL: https://www.tvn-2.com/plus

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e13185d671b37ef8ec32f721e5e9adf8c4485aa50dc5c0f82484cbc8c4cda27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=JJIHSg==, md5=y1GFvHDVfH5NWBq4rZz3DQ==
cf-cache-status: HIT
etag: "-CIWU7ZOQlP0CEAE="
age: 523
x-goog-stored-content-encoding: identity
expires: Sat, 21 Dec 2024 21:51:16 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 10814
x-goog-meta-cache-control: public, maxage=604800
date: Wed, 20 Nov 2024 21:51:16 GMT
x-goog-meta-x-goog-source-etag: "cb5185bc70d57c7e4d581ab8ad9cf70d"
content-type: application/octet-stream
last-modified: Tue, 14 Feb 2023 04:00:52 GMT
vary: Origin, Accept-Encoding
x-guploader-uploadid: ACJd0NrPXb6l8B2EEaADMyzzzMJYF70de4C6jz6lfzrhfHJWSHMUJZMe9vxITRj34b3Hi9tQ8FoRJ5dTog
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2678400
pragma: no-cache
x-goog-storage-class: STANDARD
cf-ray: 8e5ba90e9b810ce9-EWR
x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
accept-ranges: bytes
x-goog-generation: 1676347252099589
content-length: 10814
server: cloudflare

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 133ms
16ms Script
text/javascript 23.222.197.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX3BFSX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-197-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: ZXCAxvIFp/hTJGay5XGhUgmm758aI6fql1zTmFb3ubSf0GezCdYIkOblaG5jt7gYLgpiflow9Y4=
cache-control: private, max-age=3600
content-encoding: br
etag: "d86492df4bad2a485597bfa437c78ad2"
x-amz-version-id: IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
x-amz-request-id: Z5XHEXBSVCWMG3Z0
accept-ranges: bytes
content-length: 3393
date: Wed, 20 Nov 2024 21:51:16 GMT
last-modified: Wed, 28 Feb 2024 14:26:38 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 25ms
24ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1295065179&rv=4bj0&tag_exp=101925629~102067555~102067808~102077855~102081485&u=AAAAAAAIAAAAACA&ut=Ag&h=Ag&gtm=45je4bj0v892819104za200zb77379006&ccid=92819104&cid=G-2LE1FE1C9N&l=L1339.S76.B65.E494.I1705.EC11.TC16.HTC0~gtm.init.S0.V0.E196.TS5ogt1pdatav2.TI4.TE3.TS5ccdgalast.TI6.TE0.TS5ccdautoredact.TI7.TE0.TS5ccdconversionmarking.TI8.TE0.TS5ccdemvideo.TI9.TE0.TS5ccdemsitesearch.TI10.TE0.TS5ccdemscroll.TI11.TE0.TS5ccdempageview.TI12.TE0.TS5ccdemoutboundclick.TI13.TE0.TS5ccdemdownload.TI14.TE0.TS5ccdgaregscope.TI15.TE1.TS5ogtgooglesignals.TI16.TE0.TS5ccdgaadslink.TI17.TE0.TS5setproductsettings.TI18.TE0.TS5ccdgafirst.TI19.TE0~gtm.js.S0.V0.E183.TS5gct.TI1.TE0~gtm.dom.S0.V0.E56~gtm.scrollDepth.S0.V0.E89~gtm.scrollDepth.S0.V0.E88~gtm.scrollDepth.S0.V0.E87~gtm.scrollDepth.S0.V0.E85~gtm.scrollDepth.S0.V0.E85~gtm.scrollDepth.S0.V0.E78~gtm.load.S0.V0.E0~gtm.init_consent.S1.V1.E104~GA585.639

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 favicon.ico
www.tvn-2.com/ 17 KB
17 KB 41ms
41ms Other
image/x-icon 2a02:6ea0:cc2c:1::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvn-2.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cc2c:1::4 Miami, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: e0564dc360ec6dfabd30c3427f4555720c6421cf6738bfc00b5d24a2a5d66828

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/plus

Response headers

x-cache: Miss from cloudfront
cache-control: max-age=60,s-maxage=60
tp-cache: hit
cpc-cache: HIT
etag: "673e5596-423e"
age: 130
accept-ranges: bytes
cpc-age: 18
content-length: 16958
x-amz-cf-id: zs5V3ZnsckGxtUlAZxuk9uRwLAf12xCycS-czYIe7dIEa-9nxPW_XA==
date: Wed, 20 Nov 2024 21:49:05 GMT
content-type: image/x-icon
last-modified: Wed, 20 Nov 2024 21:33:10 GMT
vary: , X-Device, X-Forwarded-Proto
x-amz-cf-pop: MIA3-P2

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
468 B 85ms
84ms Fetch
application/json 57.128.96.95
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7183
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.95 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy07.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.tvn-2.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.tvn-2.com
content-length: 42
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 56 B
422 B 74ms
25ms Fetch
text/plain 23.222.201.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_8128&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=90769f5&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.201.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-201-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c7354df2e8b1d833a01554a0e0a521d2e3601c3a462c57b76a950b102d321080

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Observe-Browsing-Topics: ?1
Expires: Wed, 20 Nov 2024 21:51:16 GMT
Access-Control-Allow-Origin: https://www.tvn-2.com
Content-Length: 56
Date: Wed, 20 Nov 2024 21:51:16 GMT
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK player2.js Show response
streann-static.s3.amazonaws.com/inside-ad-ima-2/ 51 KB
0 0ms
0ms Script
application/javascript 16.182.75.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Requested by: Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.75.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c13153e8d8f9baac9227c7bcd5cdcacfb09f4ef4b8d128ea26009ca80bed9431

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: 31UfCqLOlTnUX1iXg0XFcH8Z/Nhytt7yO2R1ehO7DrU3Dc/RHYd+Ln56DVN0ZubILG4MhDZD5Sk=
ETag: "0b3d760e7647f0b59a30efec7c0560a3"
x-amz-version-id: VHFlefJPd01633fO9b4WFX2Ff3WwPku7
x-amz-request-id: MH3X80691NTRZH0G
Accept-Ranges: bytes
Content-Length: 52697
Date: Wed, 20 Nov 2024 21:51:16 GMT
Last-Modified: Wed, 06 Mar 2024 14:10:43 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
33 KB 66ms
33ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf253d718375cd8ecfe2bd8bb163cd6866322d12e5f23e66ca3447f45c6a9675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
etag: 236 / 20047 / 31089085 / config-hash: 17646080756019932047
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 21:51:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33966
x-xss-protection: 0
server: cafe

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 424 KB
145 KB 53ms
17ms Script
text/javascript 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 21:51:16 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148132
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/ 489 KB
152 KB 17ms
16ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc28ce7cf7d24de07982a7e29b9521e011be231f1bf011b06a7a30811ae22dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
etag: 8976680079670756433
age: 16916
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 17:09:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 17:09:20 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155188
x-xss-protection: 0
server: cafe

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
272 B 26ms
25ms XHR
application/json 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.tvn-2.com%2Fplus

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93836401a946093326277e41b6a9dfea65597a16da3804a51380d25065d3ad22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 21:51:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 247
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK player.html Show response
streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/ 4 KB
4 KB 60ms
32ms XHR
text/html 16.182.75.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/player.html
Requested by: Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.75.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f3ed9aaa3d8431307b502f1eedcdc90f9c9ae76e71da861fa34070e1d651fe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 3000
ETag: "03e6886b10378ca6706b94423d36cfd9"
x-amz-version-id: RXXllrKKfsA9RUFNYtodY3xKlnaOTJ8c
Access-Control-Allow-Methods: GET, HEAD
x-amz-request-id: NVR9DSGEJPQ69C61
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3666
Date: Wed, 20 Nov 2024 21:51:17 GMT
Last-Modified: Wed, 06 Mar 2024 14:10:43 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
Content-Type: text/html
x-amz-id-2: eNU6JFNhhtOhb3rYk+eAarEeTdJIaZOc368b2wy3xPuLVyuw5TnL6MlRtLl10/rACv3kn0G97i4=

GET
H2 200 2259226 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 82ms
42ms Script
application/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/2259226?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07e6844c123e1502e78c5d73a8a26e8d998d2ad4385710449b6dfdd909130285

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9hHuK6WIDHv9cQG0E2Bz_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNaQYjhx6zbTBSCW-PqSSQ2IndJnsAYAcevNc6yTgdho7XlWByBO-neetQCI3bUusvoDsaHCJVZ7IHYsusTqCcSqPZdYjYH4_rpLrM-BeMb5y6wLgLhI4gprAxDfbrrC-hiIGb5eYeUAYiEejiubf-5kE5hx-kMDs5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoaGhpZ6BYXyBAQDobE10"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9hHuK6WIDHv9cQG0E2Bz_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK style.css
streann-static.s3.amazonaws.com/inside-ad-ima-2/ 4 KB
4 KB 31ms
30ms Stylesheet
text/css 16.182.75.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/style.css
Requested by: Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.75.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fad0095f0edf6f96f01ea6b7ecb8e65feed89739b90d864d6a72d096d9481654

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: LDHQlRXX+aXd2SHz5QPpxHQOdBecguLoFVqXyqSTtJ+V2WJ3Whznl2VS4V6ohpCdpiwfrcxYvzM=
ETag: "d345169e5be5d05ee92c224dbb811a90"
x-amz-version-id: qFQQXBK8H9QNN5BQokT6gohQC8kMiRnE
x-amz-request-id: NVR2VCFEEJQ777Y5
Accept-Ranges: bytes
Content-Length: 4115
Date: Wed, 20 Nov 2024 21:51:17 GMT
Last-Modified: Wed, 06 Mar 2024 14:10:43 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK ads.js Show response
streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/ 27 KB
27 KB 64ms
35ms Script
application/javascript 16.182.75.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/ads.js
Requested by: Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.75.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 028c84c93748a4d3d3f04d3a48752043f4d9f37945131883eb2d18be25ffb268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: UADhR0Drg0VeEXc2Kctmhv//OsXGfE0EWyHL53CdF9bd2yEB09Vzpj4o3M5XoBMIDV501Sr6K7c=
ETag: "daf78e3ff98bb422184479eac996a431"
x-amz-version-id: pvK6U_PsfKM5SBIL_sTG9hAlFcdQE.Ha
x-amz-request-id: NVR5MJ3Y3NQFZVQ1
Accept-Ranges: bytes
Content-Length: 27161
Date: Wed, 20 Nov 2024 21:51:17 GMT
Last-Modified: Wed, 06 Mar 2024 14:10:43 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK streann-logo.png
streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/ 4 KB
4 KB 63ms
33ms Image
image/png 16.182.75.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/streann-logo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.75.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5180cbed62dd396b55a4f8b3813327b62f11394f4c53d342523035823bb14aa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: e5FXcm2JGcSMFfEuoj8M4qUzOsZb8sPwExJqB3e3r4hzWxJ2y5AXPVQqHcMb1oSRQfaZw6g+O8I=
ETag: "21bd457184fd5a75567f4848f3cf0b76"
x-amz-version-id: Hziywa.v3SuI3cN9.YxlUFqxQVNlZFXX
x-amz-request-id: NVR1S00QMKXVEENM
Accept-Ranges: bytes
Content-Length: 4058
Date: Wed, 20 Nov 2024 21:51:17 GMT
Last-Modified: Tue, 14 May 2024 16:42:34 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 8B1A 0
0 45ms
16ms Document
text/html 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 165570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 23:51:46 GMT
expires: Tue, 18 Nov 2025 23:51:46 GMT
last-modified: Mon, 18 Nov 2024 23:48:39 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 57ms
16ms Script
text/javascript 2607:f8b0:4004:c06::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 21:51:16 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 campaign-web-v2 Show response
fapi.streann.com/web/services/public/ 720 B
1 KB 150ms
9ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fapi.streann.com/web/services/public/campaign-web-v2?domain=https://www.tvn-2.com&cornerAds=true&resellerId=5b749eab2cdc3a9d7757d2c5

Requested by

Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ad/ads.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

2131601e22a2f561c284b5045d1e6bd42d69dc6213770b1abdd0979ee9a09f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
age: 4465
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
expires: 0
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/json;charset=utf-8
x-served-by: cache-iad-kiad7000111-IAD, cache-lga21944-LGA
x-cache-hits: 56, 0
x-frame-options: DENY
access-control-allow-headers: Authorization, Content-Type, Pragma, x-app-name, x-app-platform, x-app-version, x-os-version, x-webhook-id, x-langCode
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-timer: S1732139477.999128,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
super: Streann! OPTIONS v75
content-length: 509
x-xss-protection: 1; mode=block
server: nginx/1.16.1

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD28 45 KB
15 KB 20ms
18ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 2528
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 22:09:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:09:08 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
777 B 82ms
80ms Fetch
application/json 57.128.96.95
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7183
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.95 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy07.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.tvn-2.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.tvn-2.com
content-length: 2
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 25ms
25ms Image
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 21:51:16 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 AGSKWxXlG56sOpuMavSZMVXjxu5cNvAbo9Wzhr2yPKl1fMgCMw4qwk9e8BLp_6pvGtp28EANn4F0djKT4gnsn4V2GOVoOgGhlDSFFDuoLJi4W2GiLshPdhdV35Lijw5cXunk_g8Bnqc9Kw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 50ms
46ms Script
application/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXlG56sOpuMavSZMVXjxu5cNvAbo9Wzhr2yPKl1fMgCMw4qwk9e8BLp_6pvGtp28EANn4F0djKT4gnsn4V2GOVoOgGhlDSFFDuoLJi4W2GiLshPdhdV35Lijw5cXunk_g8Bnqc9Kw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTM5NDc2LDkyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudHZuLTIuY29tL3BsdXMiLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21e3706eda49626606d3732f9510a97bac4894654bb45a41fee2283265ad4ccc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jl944HIZ6cx23x3A73XcHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNOQYjh56zbTRSCW-PqSSQ2IndJnsAYAcevNc6yTgdho7XlWByBO-neetQCI3bUusvoDsaHCJVZ7IHYsusTqCcSqPZdYjYH4_rpLrM-BeMb5y6wLgLhI4gprAxDfbrrC-hiIGb5eYeUAYiEejiubf-5kE5hwZ80JZiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQ0NDSz0Dw_gCAwDipk12"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jl944HIZ6cx23x3A73XcHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame A85C 0
0 47ms
15ms Document
text/html 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:08:39 GMT
expires: Wed, 20 Nov 2024 21:58:39 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 111ms
23ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-amz-id-2: 8C3HeN/2sdR7xhD5JppSkyGDakCH8nftCMy8/8kb1Kd0YsRVA8U10zD6jUIDHTOhFrB01Q7gVrI=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a7da20199e9cb2cd9232f608481d0778"
age: 1511
x-amz-request-id: 9FVVVDEAD9SH8CVW
cf-ray: 8e5ba9136c5043fb-EWR
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 87ms
10ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 2484578
x-goog-stored-content-encoding: gzip
expires: Thu, 23 Oct 2025 03:41:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 23 Oct 2024 03:41:39 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AHmUCY3y7WxB11uvp_WitCVDVOY3-QHGIotC2inygCTajehuOskyfReWRK9ylRwk1UXNdSuzddgUd5qULw
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 139ms
35ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7174-43df"
age: 51950
cf-ray: 8e5ba9138a62437b-EWR
expires: Sat, 23 Nov 2024 21:51:17 GMT
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 169ms
98ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 7b155a95a5cc73a87f196aae4a356f01

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 90ms
27ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Nov 2024 21:51:17 GMT
access-control-allow-origin: *
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 18ms
15ms Script
text/javascript 3.167.69.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-77.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 44811
via: 1.1 cdc92f37130d0a9615a188e5b74a6fb0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: zx7JwFnBI4n4YHvWQz6fY1dDRiw1hEPihpTwzLXZC2t96GMOfqE6lg==
date: Wed, 20 Nov 2024 09:24:26 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
614 B 76ms
24ms XHR
application/json 52.71.74.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.74.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-74-139.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0ce61d16edafd98cb838c59fbb2ae5d1d901961b02e8553b0af9c47ecf8747d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.tvn-2.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.tvn-2.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.63.60
server: Jetty(9.4.38.v20210224)

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
229 B 352ms
99ms XHR
text/plain 162.19.138.118
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.tvn-2.com
date: Wed, 20 Nov 2024 21:51:16 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 4254 0
0 0ms
0ms Document
text/html 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 165570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 23:51:46 GMT
expires: Tue, 18 Nov 2025 23:51:46 GMT
last-modified: Mon, 18 Nov 2024 23:48:39 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 78C3 45 KB
0 0ms
0ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 2528
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 22:09:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:09:08 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H3 200 afcads. Show response
fundingchoicesmessages.google.com/f/AGSKWxWko7FBeE-UXh_q76ptWensxa2yk4cx-q-BAgYGyvMiau22_6I0LkooBkRfDRVmaGMVcUAnzTl8w-C3jGb224WxIHbfTcqXw-hjSy-OJPMoWmNWiDc7cxlY7UrvGzIFPZPSDpun5vcpBqPgh3w90Qv538p6r... 54 B
109 B 38ms
37ms Script
application/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWko7FBeE-UXh_q76ptWensxa2yk4cx-q-BAgYGyvMiau22_6I0LkooBkRfDRVmaGMVcUAnzTl8w-C3jGb224WxIHbfTcqXw-hjSy-OJPMoWmNWiDc7cxlY7UrvGzIFPZPSDpun5vcpBqPgh3w90Qv538p6r5S5Gmw9NZ64cds6-8x7299c95QmQi6M/_/ad24.png_afd_ads._580x100./ad_serve./afcads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc98cd89bd2a10dadc01f47c187886b157530bf489567bf240384600d4b507d8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wOAcYUE4p9tyfmvttTpoig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiN21LrL6A7GhwiVWeyB2LLrE6gnEqj2XWI2B-P66S6zPgXjG-cusC4C4SOIKawMQ3266wvoYiBm-XmHlAGIhHo6rm3_uZBNYMevDfCYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0NDQ0s9A8P4AgMAap9IWg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wOAcYUE4p9tyfmvttTpoig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 251 KB
79 KB 17ms
17ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e49c23480a4201c1ceda93745f113687ac437311eb8d8c48e46dfe50311092e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
etag: 15940481303248106213
age: 3067
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 22:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 21:00:10 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 80845
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
34ms XHR
text/html 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hQl_YuAYZ1OphqgStnC8WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uG4uvnnTjaBHT3HVzIpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0NLPQPT-AIDAE5eKSk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hQl_YuAYZ1OphqgStnC8WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.tvn-2.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
33ms XHR
text/html 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6niOCMLK8dE2oZl2br2_Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uG4uvnnTjaBBTf7tzApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0NLPQPT-AIDAE74KS0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6niOCMLK8dE2oZl2br2_Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.tvn-2.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
35ms XHR
text/html 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n0MeMyeisr9WQOZy_sDZBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uG4uvnnTjaBG8cf7mRScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoaWegam8QUGAHPWKaw"
content-security-policy: script-src 'report-sample' 'nonce-n0MeMyeisr9WQOZy_sDZBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.tvn-2.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGB-5T7OGxJBKnUo6qvXAJzb-y_LQLBHWYe7qHyOsfskjmAa_LoBANwaIFym3n4urM3lr1vSvFzZnKuk6ZnxkaCZxnyv0wRWvzL33IER0HcdKB9bGiMcMTD8uV9D-LKa1KdMknYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pqu3xAhKZaeYL5KVkJYnIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uG4uvnnTjaBCd--72VScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoaWegam8QUGAHZaKbM"
content-security-policy: script-src 'report-sample' 'nonce-pqu3xAhKZaeYL5KVkJYnIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.tvn-2.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXMSYODvR0cgnqQtP9IRkiGdAsIuERTLudshIKByM6PgMLUrRWHoKRziP2GkRk-Ven_KLHS16sD38uxAOKmBQqCOJYfmhnmTp35IQA0-PAD0zB3WoLxZHRjolWAotbsJWGhHI_PYg== Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 62ms
62ms Script
application/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXMSYODvR0cgnqQtP9IRkiGdAsIuERTLudshIKByM6PgMLUrRWHoKRziP2GkRk-Ven_KLHS16sD38uxAOKmBQqCOJYfmhnmTp35IQA0-PAD0zB3WoLxZHRjolWAotbsJWGhHI_PYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTM5NDc3LDYzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnR2bi0yLmNvbS9wbHVzIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eca1956200ebad4f8b1d8ed9765054f0bfc12688b3cfbd8e49ecb9817c7f6a2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xm1GiJRucO2MKCngH-6O9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNaQYjh56zbTRSCW-PqSSQ2IndJnsAYAcevNc6yTgdho7XlWByBO-neetQCI3bUusvoDsaHCJVZ7IHYsusTqCcSqPZdYjYH4_rpLrM-BeMb5y6wLgLhI4gprAxDfbrrC-hiIGb5eYeUAYiEejqubf-5kE3ix6fYxJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQ0NDSz0Dw_gCAwD8W03e"
content-security-policy: script-src 'report-sample' 'nonce-xm1GiJRucO2MKCngH-6O9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWG8PpJLS2EiI7Bk2QStsV03ZcJ_wcu7Q9tmt1qzdvFTStQJTcLCmh0ZMqwfO8aUvypm-kvw1DASJa2VjtwwagGPqrptCFn_afrE0Ws3o2D_saKkrIE3N2oYiC_DllXuxXjsCt0DQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 49ms
49ms Script
application/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWG8PpJLS2EiI7Bk2QStsV03ZcJ_wcu7Q9tmt1qzdvFTStQJTcLCmh0ZMqwfO8aUvypm-kvw1DASJa2VjtwwagGPqrptCFn_afrE0Ws3o2D_saKkrIE3N2oYiC_DllXuxXjsCt0DQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTM5NDc3LDcwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnR2bi0yLmNvbS9wbHVzIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46dae4b02376c3f76b48e20746111376c8e549b4587a3691935651cb120404a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C7gYVCa6gkG1VNJArQ43mQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNKQYjhx6zbTBSCW-PqSSQ2IndJnsAYAcevNc6yTgdho7XlWByBO-neetQCI3bUusvoDsaHCJVZ7IHYsusTqCcSqPZdYjYH4_rpLrM-BeMb5y6wLgLhI4gprAxDfbrrC-hiIGb5eYeUAYiEejqubf-5kE_jRt_kBk5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoaGhpZ6BYXyBAQD0M025"
content-security-policy: script-src 'report-sample' 'nonce-C7gYVCa6gkG1VNJArQ43mQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVLDXW0Rtzb59fCQlTRYo7wkKCM1dBgEoI4hiSPeJXeQF0PTDiQyOIswxCYOIbQuQdQxL6W0VEGtc3ECFD2x0_XXiwlL5bTc-Y1XJq6TwaIwj1rdAh11swVCngIBNxnR1Tzq50LzA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 43ms
43ms Script
application/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVLDXW0Rtzb59fCQlTRYo7wkKCM1dBgEoI4hiSPeJXeQF0PTDiQyOIswxCYOIbQuQdQxL6W0VEGtc3ECFD2x0_XXiwlL5bTc-Y1XJq6TwaIwj1rdAh11swVCngIBNxnR1Tzq50LzA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMTM5NDc3LDc2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZXMiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudHZuLTIuY29tL3BsdXMiLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

162b9bf63c1c8bb7d3925dae2d0846accc3e66eb510f7330b15661f078e95470

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UwzzkBQDn8wH_XoSe0-uMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiN21LrL6A7GhwiVWeyB2LLrE6gnEqj2XWI2B-P66S6zPgXjG-cusC4C4SOIKawMQ3266wvoYiBm-XmHlAGIhHo6rm3_uZBP4sWrrDyYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0NDQ0s9A8P4AgMAhdBI3w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-UwzzkBQDn8wH_XoSe0-uMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 51ms
28ms XHR
application/json 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411140201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6c85307f4e4bee34b29858270c95d6bbcce6610bd06525a9a1e71c0cf8c5d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12840
date: Wed, 20 Nov 2024 21:51:17 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 725 B
403 B 419ms
418ms Fetch
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3977943602226495&correlator=1509870715099072&eid=31089066%2C31089085%2C95347490&output=ldjh&gdfp_req=1&vrg=202411140201&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=22290518902%2Ctvn_noticias_web_corner_rectangle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=607409652&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D148211acb7495675%3AT%3D1732139477%3ART%3D1732139477%3AS%3DALNI_MbjUfreLqkRERxJsu201YEjXMjHEg&cdm=www.tvn-2.com&abxe=1&dt=1732139477823&adxs=1300&adys=890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tvn-2.com&loc=https%3A%2F%2Fwww.tvn-2.com%2Fplus&vis=1&psz=1600x0&msz=300x-1&fws=516&ohw=1600&td=1&egid=61720&tan=5b8f13f9-e7ee-44fd-b546-62676e7f355c&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732139475317&idt=1390&prev_scp=Streann%3Dtrue&adks=3820435146&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09eb77163fad79eadf421a4b8de0cc3e72c165b320b31e5846100ab070f1fc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 21:51:18 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.tvn-2.com
content-length: 373
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1EA2 0
0 124ms
18ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:51:17 GMT
expires: Wed, 20 Nov 2024 21:51:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxVbIMN9a4FlzuYO0XYnuaeUZaVjuAJuLPFF_wUn5g2ucciqfiiEgfTmZb17SXRrIeQFLMWyeq1drNNRDMYEWl7TGxa_wDaJ_gT2IdXwkoK6AthFsjCfaOcwaTaVUquyk5yYr1h89Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
33ms XHR
text/html 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVbIMN9a4FlzuYO0XYnuaeUZaVjuAJuLPFF_wUn5g2ucciqfiiEgfTmZb17SXRrIeQFLMWyeq1drNNRDMYEWl7TGxa_wDaJ_gT2IdXwkoK6AthFsjCfaOcwaTaVUquyk5yYr1h89Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-X200ciktOlWJlDx6KdFmMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.tvn-2.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uG4uvnnTjaBBYtfzmRWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoaWegam8QUGAFPlKTw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-X200ciktOlWJlDx6KdFmMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.tvn-2.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 52ms
18ms Script
text/javascript 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 21:51:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:17 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D5B5 0
0 44ms
14ms Document
text/html 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:27:10 GMT
expires: Wed, 20 Nov 2024 22:17:10 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6DE0 0
0 76ms
47ms Document
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NHyUpT4AHiSsLqgDEIAROA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NHyUpT4AHiSsLqgDEIAROA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:51:17 GMT
expires: Wed, 20 Nov 2024 21:51:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame E6E6 0
0 81ms
16ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.tvn-2.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tvn-2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 21:51:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 295881
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
187 B 346ms
346ms Fetch
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3977943602226495&correlator=1072076165736934&eid=31089066%2C31089085%2C95347490&output=ldjh&gdfp_req=1&vrg=202411140201&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=22290518902%2Ctvn_noticias_web_corner_rectangle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&didk=607409652&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D148211acb7495675%3AT%3D1732139477%3ART%3D1732139477%3AS%3DALNI_MbjUfreLqkRERxJsu201YEjXMjHEg&gpic=UID%3D00000f9a51c9a647%3AT%3D1732139477%3ART%3D1732139477%3AS%3DALNI_MaF22wdoJ6WL1NTrfmScsWAEXvTHA&cdm=www.tvn-2.com&abxe=1&dt=1732139479672&adxs=1300&adys=890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tvn-2.com&loc=https%3A%2F%2Fwww.tvn-2.com%2Fplus&vis=1&psz=1600x0&msz=300x-1&fws=516&ohw=1600&td=1&egid=61720&tan=5b8f13f9-e7ee-44fd-b546-62676e7f355d&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732139475317&idt=1390&prev_scp=Streann%3Dtrue&adks=3820435146&frm=20&eo_id_str=ID%3D1d4f0b8cd490b0c6%3AT%3D1732139477%3ART%3D1732139477%3AS%3DAA-AfjZecJCcb9XigSl0enytgR3F

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411140201/pubads_impl.js?cb=31089085

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc22f117f736e24f29d6b8cdb00534a29772139d1a025edcfed43cf2defdacaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 21:51:20 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.tvn-2.com
content-length: 157
x-xss-protection: 0
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 38ms
37ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2LE1FE1C9N&gtm=45je4bj0v892819104za200zb77379006&_p=1732139475343&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1724274854.1732139476&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732139475&sct=1&seg=0&dl=https%3A%2F%2Fwww.tvn-2.com%2Fplus&dt=&en=scroll&epn.percent_scrolled=90&_et=87&tfd=6979
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2LE1FE1C9N&l=dataLayer&cx=c&gtm=45He4bj0v77379006za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tvn-2.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.tvn-2.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 21:51:20 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411140201&jk=3977943602226495&bg=!oKOlo-zNAAaIaF9IqGg7ADQBe5WfOOJq9KsicutOG_RZP21xnRBeDeRgchd5djSxXAvN_O89bdLbGvXeathl0ndpyhRTAgAAAEFSAAAAAmgBB34ANmeOsEZmsnIWQa3ts4VDrYKbG5cR4Wow4xG8uBUww7GK-OTtksEuAXB5EGeENqTcBxS4FnuKPZkCkitcDdYgr37wOudJgfqOsD37lUhq6UGLqSc8bJrfrXQRbpKSk-Y9vnjKqlXz57cRTZuTIBhJiFOu0sgHxso-xiY_aCp8l_gYKpe8txJQCQW7b8tI4yS1HJE5VfFN9sVdnH_6MEaW5vtmYnHoO_QzdEidDHs2kVyzqmmrtFtGzzbjUhzr41jVsgSbCbcYnq5yWuRMKY1VAf7GCL_O6maac4pyvDKlulabxjTx5153Py7vrF1DayhywME-cp0D6H60YT0ysQmSwP6oLy1dn1Jlf9G70J-nfUzcWWPakHrzDmpxI_1O7mx35OKS4TgBDU9jxOODHfYK6Ki_7B5JNjy1Ds1Q1VSFJfnSyuLBd4PhR3tQ42TcC6Ox_NEtiInxr8WsJjTcdE45V4_Y2nKIFPZB9Ni1vggNXa260EpLOzhFGl4QjiPbWXmdTMx0EorlHD9PH_OTQlxDf6YKkEUVequxXGh2_7tDW2rD_HcNDLm_4pUKB5cKLnfAs2G8LSp-Hkz_3lc0Rk28LGWUR0iy10XWQwTM9qOvTLyHfiYQagZ29v2fsLhjracqXfjHyxwyXjSNQFiWY8fcrDWP9_lvPPFlPWTNUWsU4IQiuEL65rjmPByNTIXsRJ_MmyqSxsS2Fb283wzYcT6Xd-yEnc9RP1J4KGLjMaUeKJqaXmbLDctAtlb31kqXKpi7fr5X-jhcGHJjBfQJRXW1MmK2tvW4yQnpChSJK6g2xB3723NkhS4zVyuFAU6gwJIElzcfXfcIl5fh5keCYWtQ_9AJgd6nm7UW-oGc_RDoX7v_TmO7Is_SKng2SoUi8BSrta5Y8a8G8eBGmrzvLeGiJ36AmDNMKvvNhZhqAsYCFUWeogFeq_V-yG7J3aI

Verdicts & Comments Add Verdict or Comment

520 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-21 01:09:01	Name: __cf_bm Value: 2iJBkXf.l6KrVAKlylI567kpKgf7ULEsZW8tXpxytpM-1732139475-1.0.1.1-9qcv7DD35FZXFNPwcqFprG850ce5SeDHn7acBVr1AkS3K0CRnA5H10A6bahHFG6RLhJSggExK4IM7NBt_9lqLQ
.tvn-2.com/	1970-01-21 03:18:35	Name: _gcl_au Value: 1.1.1061126267.1732139476
.tvn-2.com/	1970-01-21 01:10:25	Name: _gid Value: GA1.2.313709059.1732139476
.tvn-2.com/	1970-01-21 01:08:59	Name: _gat_UA-35978065-1 Value: 1
.tvn-2.com/	1970-01-21 01:08:59	Name: _gat_UA-10103699-1 Value: 1
.tvn-2.com/	1970-01-21 10:44:59	Name: _ga Value: GA1.1.1724274854.1732139476
.doubleclick.net/	1970-01-21 10:44:59	Name: IDE Value: AHWqTUn62rXScLMj7ZBlf4V5bNV2muuSFrHHn0Wn6Ub4GMQ-XldwIjqyNz16VAoY
.tvn-2.com/	1970-01-21 10:44:59	Name: _ga_2LE1FE1C9N Value: GS1.1.1732139475.1.0.1732139475.60.0.0
.tvn-2.com/	1970-01-21 09:54:35	Name: _hjSessionUser_1694276 Value: eyJpZCI6IjdjZGEwZmE3LTBkYmEtNWM3Zi1iMTAyLWExMTk4Mjg5NjE1ZiIsImNyZWF0ZWQiOjE3MzIxMzk0NzYwNDEsImV4aXN0aW5nIjpmYWxzZX0=
.tvn-2.com/	1970-01-21 01:09:01	Name: _hjSession_1694276 Value: eyJpZCI6ImQ5ZTlkZTMzLTI4MWQtNGM3Zi04OWMzLTAwYWJjMjYzODBlMCIsImMiOjE3MzIxMzk0NzYwNDIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.tvn-2.com/	1970-01-21 03:18:35	Name: _fbp Value: fb.1.1732139476058.9855622996334086
.tvn-2.com/	1970-01-21 05:29:37	Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1732139476%2C%22currentVisitStarted%22%3A1732139476%2C%22sessionId%22%3A%2292bbb635-b02a-4532-b1c8-262bfae5dc65%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.tvn-2.com/plus%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3Anull%7D
.tvn-2.com/	1970-01-21 05:29:37	Name: ___nrbi Value: %7B%22firstVisit%22%3A1732139476%2C%22userId%22%3A%22ba06524b-6943-496c-8138-d10409569baf%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1732139476%2C%22timesVisited%22%3A1%7D
.tvn-2.com/	1970-01-21 05:29:37	Name: compass_uid Value: ba06524b-6943-496c-8138-d10409569baf
events.newsroom.bi/	1970-01-21 05:28:11	Name: 7183_u Value: ba06524b-6943-496c-8138-d10409569baf
events.newsroom.bi/	1969-12-31 23:59:59	Name: 7183_s Value: 92bbb635-b02a-4532-b1c8-262bfae5dc65
events.newsroom.bi/	1970-01-21 01:52:11	Name: 7183_lv Value: null
events.newsroom.bi/	1970-01-21 01:52:11	Name: 7183_ut Value: 0
www.tvn-2.com/	1970-01-21 09:54:35	Name: _tfpvi Value: NzUxNDcwNmUtMTQ5OC00N2RjLTljZTctZDRhNmM4YzE4MTM4IzItOA%3D%3D
.crwdcntrl.net/	1970-01-21 07:37:44	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 07:37:44	Name: _cc_id Value: 3087b248df597a5dd023cbd76866c2b0
.tvn-2.com/	1970-01-21 01:08:59	Name: lotame_domain_check Value: tvn-2.com
.tvn-2.com/	1970-01-21 07:37:47	Name: _cc_id Value: 3087b248df597a5dd023cbd76866c2b0
.tvn-2.com/	1970-01-21 01:10:25	Name: panoramaId_expiry Value: 1732225877026
.springserve.com/	1970-01-21 01:49:18	Name: ssid Value: 8657847b-24f3-468d-b1cb-5d1bfb2c1eb4
.springserve.com/	1970-01-21 01:49:18	Name: sst Value: 1732139477552
.tvn-2.com/	1970-01-21 10:30:35	Name: __gads Value: ID=148211acb7495675:T=1732139477:RT=1732139477:S=ALNI_MbjUfreLqkRERxJsu201YEjXMjHEg
.tvn-2.com/	1970-01-21 09:54:35	Name: FCNEC Value: %5B%5B%22AKsRol_ynnP9fTW3H-WC_4EpjU12suhCPHiLAWwxibbeaBFB04GzLd9cBbVADGsJM9rOhFRcJsiIvBz4qa2HbnWStwthuOhLshxVDmVQrv_Q8oCU68aF8byNv_GlUQ6N07Q4r3K89rTap2C7wP_NmcolHPhDvMxUpA%3D%3D%22%5D%5D
.criteo.com/	1970-01-21 10:30:35	Name: uid Value: 298763ce-b040-4f73-809d-aeb658fefde2
.criteo.com/	1970-01-21 10:30:35	Name: receive-cookie-deprecation Value: 1
.tvn-2.com/	1970-01-21 10:30:35	Name: __gpi Value: UID=00000f9a51c9a647:T=1732139477:RT=1732139477:S=ALNI_MaF22wdoJ6WL1NTrfmScsWAEXvTHA
.tvn-2.com/	1970-01-21 05:28:11	Name: __eoi Value: ID=1d4f0b8cd490b0c6:T=1732139477:RT=1732139477:S=AA-AfjZecJCcb9XigSl0enytgR3F
.tvn-2.com/	1970-01-21 10:30:35	Name: cto_bundle Value: 1jilQF9jS1dMNTV5YzZyZmlWajFiU3JsV3VJRGU3MjZwZzE5WjJqdDFnJTJCQW5Ockd1QTlCZG0xMTNvbVpmeXV5WiUyRkszNVl6NnhwWHklMkZRTnZJWkltUUg0YWJsaGJrcUJNZThON3RYcVpFU21qM1V0TUZOaGw4cVhqZnBha21ORGRJVHlqcmJKMCUyRmpTaE9CVUlSUzVUWEtLbjZuZyUzRCUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tvn-2.com/plus Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.tvn-2.com/api/front/user/profile Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
analytics.google.com
at.teads.tv
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.insurads.com
cdn.onesignal.com
cdn.unblockia.com
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
events.newsroom.bi
f8b61980235e199cff92d6e22a8b29be.safeframe.googlesyndication.com
fapi.streann.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
imasdk.googleapis.com
img.onesignal.com
invstatic101.creativecdn.com
loader.unblockia.com
oa.openxcdn.net
onesignal.com
pagead2.googlesyndication.com
s0.2mdn.net
script.hotjar.com
sdk.mrf.io
securepubads.g.doubleclick.net
services.insurads.com
static.criteo.net
static.hotjar.com
static.tvn-2.com
stats.g.doubleclick.net
streann-static.s3.amazonaws.com
t.unblockia.com
tags.crwdcntrl.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.tvn-2.com
www.tvn.plus
ep1.adtrafficquality.google
104.18.29.101
13.33.252.108
151.101.2.133
16.182.75.41
162.19.138.118
172.253.115.156
2001:4860:4802:32::181
2001:4860:4802:38::178
23.222.197.151
23.222.201.151
2400:52e0:1a00::1207:2
2600:9000:201e:1e00:10:be65:1fc0:93a1
2600:9000:201e:6800:12:abfb:9280:93a1
2600:9000:201e:d200:12:abfb:9280:93a1
2606:4700:10::6816:3556
2606:4700:3033::ac43:9fa2
2606:4700::6811:6fdf
2607:f8b0:4004:c06::66
2607:f8b0:4004:c06::94
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::67
2607:f8b0:4004:c1f::9c
2620:100:a00b::12
2620:100:a00b::4
2a02:6ea0:cc2c:1::4
2a02:6ea0:e210::4
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.167.56.55
3.167.69.77
3.33.251.168
34.102.146.192
34.96.70.87
52.20.248.244
52.71.74.139
57.128.96.95
028c84c93748a4d3d3f04d3a48752043f4d9f37945131883eb2d18be25ffb268
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
07e6844c123e1502e78c5d73a8a26e8d998d2ad4385710449b6dfdd909130285
09eb77163fad79eadf421a4b8de0cc3e72c165b320b31e5846100ab070f1fc59
0ce61d16edafd98cb838c59fbb2ae5d1d901961b02e8553b0af9c47ecf8747d9
162b9bf63c1c8bb7d3925dae2d0846accc3e66eb510f7330b15661f078e95470
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2131601e22a2f561c284b5045d1e6bd42d69dc6213770b1abdd0979ee9a09f8b
21e3706eda49626606d3732f9510a97bac4894654bb45a41fee2283265ad4ccc
2b501a54f141c1242a7f313ab5d32b8c02a37c39ce0c69ff53a6d175d84b1693
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
3f3ed9aaa3d8431307b502f1eedcdc90f9c9ae76e71da861fa34070e1d651fe8
40083b6ebd32925131753c10d5d8c9f23b20b90938371099fff7d7a24c587d7c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44336cf65ba2c63584a16ae3b8658f22d1ab24bd1ac3f9e041e8e9df427aea3b
46dae4b02376c3f76b48e20746111376c8e549b4587a3691935651cb120404a7
4d1a2133d90e217344b35c4b2b15b1e8256904e2078658d9bf0a66126ece8440
5180cbed62dd396b55a4f8b3813327b62f11394f4c53d342523035823bb14aa1
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916
6129767b9250caee4025e226c14f0ba94b33b19256c7a91067a89a2d799fa4bc
68ef61714ef72e4a1400cd1f132ceef68e567680a7786d9d4e70c6ce5d83acd4
77abf9306e3c04256dc07987af9b839d4f4ee1909d69752cfc124d4913f1dc0d
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
8b96b5430a12f5d1da29b950fe263b8afa5d9b2cdc78b3490fa1a015e13962cf
8ba3f98b949f4971df27a8de607764745e6f3b2d9e1cdfb6620117b5df56e701
8dc231b65510f6790491839c591fbe3174666aadfe0ebdfaebeab994c497a0d5
935a512592543882c530548a15eaa2fa05394c2cbd880d5f61aa1a77abc430fb
93836401a946093326277e41b6a9dfea65597a16da3804a51380d25065d3ad22
97000b727383a3a7c33c74aca1129fdceaf07ec5c61b213b6c99ffb4e27e61fc
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
9e13185d671b37ef8ec32f721e5e9adf8c4485aa50dc5c0f82484cbc8c4cda27
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a001500d61b1f8f58fccd240ea3792e03a132db857aa0124c23fa77518bc0ada
a4cafb17835c120aed8b9e206503f5d8d844ade8efd11c6a8fe4b46ad1f44c85
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab63c927c4fdec5c423982c2a588ceed2d2070222d091e0d3a61f2578497618e
b4d587cecda63acc6a4c5574619791f557d0b59e0676453fbba7b347e0bc4bd4
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
bc28ce7cf7d24de07982a7e29b9521e011be231f1bf011b06a7a30811ae22dd3
c069b1fdf4dee32b30c9b1f01a4dd15dac35a44a6b5d61e1edecad45a192c533
c13153e8d8f9baac9227c7bcd5cdcacfb09f4ef4b8d128ea26009ca80bed9431
c4d8fe765552663af4be125ba9a9db43d8c960a16a217897b7ac441d509e571d
c7354df2e8b1d833a01554a0e0a521d2e3601c3a462c57b76a950b102d321080
cf253d718375cd8ecfe2bd8bb163cd6866322d12e5f23e66ca3447f45c6a9675
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d7b04f73f3dd1ab125b0618518b3efbfcef36d58b363e93b7bce49654eb058ba
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc22f117f736e24f29d6b8cdb00534a29772139d1a025edcfed43cf2defdacaf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0564dc360ec6dfabd30c3427f4555720c6421cf6738bfc00b5d24a2a5d66828
e11fe4bfc7bcd7a261144ffe3b61e98f8a4b8ed2222749748dfc585ea9bd0d3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49c23480a4201c1ceda93745f113687ac437311eb8d8c48e46dfe50311092e7
e6c85307f4e4bee34b29858270c95d6bbcce6610bd06525a9a1e71c0cf8c5d39
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
eca1956200ebad4f8b1d8ed9765054f0bfc12688b3cfbd8e49ecb9817c7f6a2c
eec584e0ff37255d27521b6282aa616b581773929bb2fa967023492cee3f1b9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a3b1245292244e1f518e7565d1864f099393a50113881d0bb7f9c182000193
fad0095f0edf6f96f01ea6b7ecb8e65feed89739b90d864d6a72d096d9481654
fc98cd89bd2a10dadc01f47c187886b157530bf489567bf240384600d4b507d8
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.tvn-2.com Open in urlscan Pro 2a02:6ea0:cc2c:1::4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

98 %HTTPS

64 %IPv6

29 Domains

46 Subdomains

44 IPs

4 Countries

2248 kBTransfer

7007 kBSize

33 Cookies

10 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tvn-2.com Open in urlscan Pro
2a02:6ea0:cc2c:1::4 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

98 %
HTTPS

64 %
IPv6

29
Domains

46
Subdomains

44
IPs

4
Countries

2248 kB
Transfer

7007 kB
Size

33
Cookies

109 HTTP transactions
0 data transactions