www.heraldlive.co.za Open in urlscan Pro
2a00:1450:4001:812::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.weekendpost.co.za/
Effective URL:
https://www.heraldlive.co.za/weekend-post/your-weekend/
Submission: On December 02 via api (December 2nd 2024, 11:02:58 pm UTC) from US — Scanned from GB

Summary HTTP 114 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 38 domains to perform 114 HTTP transactions. The main IP is 2a00:1450:4001:812::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.heraldlive.co.za.
TLS certificate: Issued by WR3 on November 21st 2024. Valid for: 3 months.

This is the only time www.heraldlive.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:7e00:e00... 2a01:7e00:e000:3f7::	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
32	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	172.67.212.172 172.67.212.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:ce00:17:2922:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c77... 2a02:6ea0:c77e::4	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
4	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
2	172.67.181.105 172.67.181.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
4 8	2607:ae80:192... 2607:ae80:192:1::177	26558 (FREEWHEEL) (FREEWHEEL)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2	34.251.13.38 34.251.13.38	16509 (AMAZON-02) (AMAZON-02)
1	41.76.214.250 41.76.214.250	37611 (Afrihost) (Afrihost)
3	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2	212.36.83.216 212.36.83.216	15699 (AS_ADAM A...) (AS_ADAM Adam EcoTech)
5	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam EcoTech)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	89.149.193.100 89.149.193.100	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.213.68.253 52.213.68.253	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.157.6.233 37.157.6.233	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	18.184.206.66 18.184.206.66	16509 (AMAZON-02) (AMAZON-02)
4 4	46.228.174.117 46.228.174.117	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	35.214.202.49 35.214.202.49	19527 (GOOGLE-2) (GOOGLE-2)
1	51.89.9.253 51.89.9.253	16276 (OVH OVH SAS) (OVH OVH SAS)
1	3.64.75.146 3.64.75.146	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.39 185.167.164.39	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	2600:9000:205... 2600:9000:2057:3400:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	44.199.159.192 44.199.159.192	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:276... 2600:9000:2761:4a00:19:c363:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.69.181.172 3.69.181.172	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	98.82.156.207 98.82.156.207	14618 (AMAZON-AES) (AMAZON-AES)
114	43

1 2a01:7e00:e000:3f7:: (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.weekendpost.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.heraldlive.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.212.172 (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:ce00:17:2922:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c77e::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.181.105 (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:ae80:192:1::177 (United States) 4 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.13.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com

ad2.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.76.214.250 (South Africa)

ASN37611 (Afrihost, ZA)
PTR: tla.dedicated.co.za

banner.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.36.83.216 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam EcoTech, S.A, ES)
PTR: w4.vdmy.dtic.es

ad.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.36.83.245 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam EcoTech, S.A, ES)
PTR: lb1.vdmy.dtic.es

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.193.100 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.68.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-68-253.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.202.49 (Groningen, Netherlands) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 49.202.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.75.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-75-146.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.39 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

adx2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3400:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.159.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-159-192.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2761:4a00:19:c363:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.181.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-172.eu-central-1.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.82.156.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-207.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	heraldlive.co.za www.heraldlive.co.za	932 KB
10	stickyadstv.com 4 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 619 cdn.stickyadstv.com — Cisco Umbrella Rank: 14631	134 KB
10	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 43894 vpaid.vidoomy.com — Cisco Umbrella Rank: 5380 ad.vidoomy.com — Cisco Umbrella Rank: 40268 a.vidoomy.com — Cisco Umbrella Rank: 4592	299 KB
7	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 45	828 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	304 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 region1.analytics.google.com — Cisco Umbrella Rank: 4108	127 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
5	vic-m.co static.vic-m.co — Cisco Umbrella Rank: 585488 ad2.vic-m.co — Cisco Umbrella Rank: 490178 banner.vic-m.co — Cisco Umbrella Rank: 843204	23 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	186 KB
4	gstatic.com fonts.gstatic.com	157 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	151 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 513	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1505 adx2.adform.net — Cisco Umbrella Rank: 15292	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 717	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	weatherwidget.io weatherwidget.io — Cisco Umbrella Rank: 32082	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	8 KB
2	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 8494	4 KB
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 337	479 B
1	fwmrm.net 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 5476	326 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1656	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1941	15 KB
1	rubiconproject.com optimized-by.rubiconproject.com — Cisco Umbrella Rank: 11078	640 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712	88 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 890	249 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246	486 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 959	434 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 530	58 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 552	266 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 961	358 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 775	45 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 684	42 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4906	63 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	6 KB
1	weekendpost.co.za 1 redirects www.weekendpost.co.za	587 B
114	38

	Domain	Requested by
32	www.heraldlive.co.za	www.heraldlive.co.za
8	ads.stickyadstv.com	4 redirects www.heraldlive.co.za vpaid.vidoomy.com cdn.stickyadstv.com
7	lh3.googleusercontent.com	www.heraldlive.co.za
6	www.googletagmanager.com	www.heraldlive.co.za www.googletagmanager.com
5	a.vidoomy.com	www.heraldlive.co.za
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net vpaid.vidoomy.com
4	fonts.gstatic.com	fonts.googleapis.com www.heraldlive.co.za
4	connect.facebook.net	www.heraldlive.co.za connect.facebook.net
3	sync.1rx.io	3 redirects
3	www.google-analytics.com	static.vic-m.co www.google-analytics.com
2	cdn.stickyadstv.com	vpaid.vidoomy.com cdn.stickyadstv.com
2	ib.adnxs.com	2 redirects
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ad.vidoomy.com	vpaid.vidoomy.com
2	ad2.vic-m.co	static.vic-m.co
2	region1.google-analytics.com	www.googletagmanager.com vpaid.vidoomy.com
2	www.facebook.com	www.heraldlive.co.za
2	vpaid.vidoomy.com	ads.vidoomy.com vpaid.vidoomy.com
2	weatherwidget.io	www.heraldlive.co.za weatherwidget.io
2	fonts.googleapis.com	www.heraldlive.co.za
2	static.vic-m.co	www.heraldlive.co.za
2	applets.ebxcdn.com	www.heraldlive.co.za applets.ebxcdn.com
2	securepubads.g.doubleclick.net	www.heraldlive.co.za securepubads.g.doubleclick.net
1	s.amazon-adsystem.com
1	cm.g.doubleclick.net
1	1f2e7.v.fwmrm.net
1	ping.chartbeat.net
1	static.chartbeat.com	www.heraldlive.co.za
1	adx2.adform.net	vpaid.vidoomy.com
1	optimized-by.rubiconproject.com	vpaid.vidoomy.com
1	onetag-sys.com	www.heraldlive.co.za
1	csync.loopme.me	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	match.sharethrough.com	www.heraldlive.co.za
1	rtb.openx.net	www.heraldlive.co.za
1	cm.adform.net	www.heraldlive.co.za
1	sync.crwdcntrl.net	1 redirects
1	ssbsync.smartadserver.com	www.heraldlive.co.za
1	image8.pubmatic.com	www.heraldlive.co.za
1	banner.vic-m.co	static.vic-m.co
1	www.google.co.uk	www.heraldlive.co.za
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	x.bidswitch.net	www.heraldlive.co.za
1	cdnjs.cloudflare.com	static.vic-m.co
1	ads.vidoomy.com	www.heraldlive.co.za
1	www.weekendpost.co.za	1 redirects
114	50

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.timeslive.co.za
www.sowetanlive.co.za
www.businesslive.co.za
www.dispatchlive.co.za
www.wantedonline.co.za
www.sahomeowner.co.za
businessmediamags.co.za
arenaevents.africa
forecast7.com
www.careersarena.co.za

Subject Issuer	Validity	Valid
www.heraldlive.co.za WR3	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ebxcdn.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.vic-m.co Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-19` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-11` - `2024-12-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
weatherwidget.io WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-23`	3 months	crt.sh
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-09` - `2025-02-08`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.co.uk WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ad2.vic-m.co ZeroSSL RSA Domain Secure Site CA	`2024-10-23` - `2025-01-21`	3 months	crt.sh
banner.vic-m.co R10	`2024-09-17` - `2024-12-16`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-27` - `2025-06-18`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.heraldlive.co.za/weekend-post/your-weekend/
Frame ID: 0CC045623480180179CC503EAB408A06
Requests: 127 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: E768681EA08559F257D241EDAA7E5166
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-JNNJWFKJ2E&gacid=241028607.1733180572&gtm=45je4bk0v869910990z878478613za200zb78478613&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1017833315
Frame ID: 3A5E075D17614E7238698BF3B703DD25
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B32D57BCC03F955D89D3AD0BEC0CFA45
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your Weekend | The Weekend Post

Page URL History Show full URLs

http://www.weekendpost.co.za/ HTTP 307
https://www.weekendpost.co.za/ HTTP 301
https://www.heraldlive.co.za/weekend-post/your-weekend/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

114
Requests

91 %
HTTPS

34 %
IPv6

38
Domains

50
Subdomains

43
IPs

10
Countries

3199 kB
Transfer

7400 kB
Size

29
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HeraldLIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/HeraldNMB

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldlive

Search URL Search Domain Scan URL

URL: https://www.timeslive.co.za/

Search URL Search Domain Scan URL

URL: https://www.timeslive.co.za/sunday-times/

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/bd/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/fm/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/bt/

Search URL Search Domain Scan URL

URL: https://www.dispatchlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.wantedonline.co.za/

Search URL Search Domain Scan URL

URL: https://www.sahomeowner.co.za/

Search URL Search Domain Scan URL

URL: https://businessmediamags.co.za/

Search URL Search Domain Scan URL

URL: https://arenaevents.africa/

Search URL Search Domain Scan URL

URL: https://forecast7.com/en/n33d7125d52/port-elizabeth/
Title: PORT ELIZABETH WEATHER

Search URL Search Domain Scan URL

URL: https://www.careersarena.co.za/
Title: Careers and Tenders

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.weekendpost.co.za/ HTTP 307
https://www.weekendpost.co.za/ HTTP 301
https://www.heraldlive.co.za/weekend-post/your-weekend/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=5e44483ae8284a72ec351c61f8db8e23&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 108

https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent={GDPRCS}}&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=0&gdpr_consent={GDPRCS}}&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553

Request Chain 112

https://sync.1rx.io/usersync2/rmpssp?sub=vidoomy HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=vidoomy&zcc=1&cb=1733180572991 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-56aaac88-8702-4b01-a10c-cea511c9e354-003&rndcb=1711906170 HTTP 302
https://sync.1rx.io/usersync/turn/3208381042193968232?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-56aaac88-8702-4b01-a10c-cea511c9e354-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dnexxen%26uid%3DRX-56aaac88-8702-4b01-a10c-cea511c9e354-003 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=nexxen&uid=RX-56aaac88-8702-4b01-a10c-cea511c9e354-003

Request Chain 113

https://ib.adnxs.com/getuid?https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dxandr%26uid%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253Dxandr%2526uid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=xandr&uid=1360781637867871121&gdpr=0&gdpr_consent=

Request Chain 114

https://csync.loopme.me/?pubid=13984&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DLM%26uid%3D%7Bviewer_token%7D HTTP 307
https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=6f62239b-30a4-4cf7-8d5e-b1905119b268&gdpr_consent=null&gdpr=0

Request Chain 126

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null&gpp_string=null&gpp_sid=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5e44483ae8284a72ec351c61f8db8e23&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3dnull&gdpr=1&gdpr_consent=null

Request Chain 129

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWU0NDQ4M2FlODI4NGE3MmVjMzUxYzYxZjhkYjhlMjM=&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

Request Chain 130

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5e44483ae8284a72ec351c61f8db8e23&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

114 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldlive.co.za/weekend-post/your-weekend/
Redirect Chain

http://www.weekendpost.co.za/
https://www.weekendpost.co.za/
https://www.heraldlive.co.za/weekend-post/your-weekend/

145 KB
30 KB

1766ms
667ms

Document
text/html

2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

618996c505954ddf1e32659a3afe8f41d23805a0a3293e6bca391845b5426ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 30450
content-type: text/html; charset=utf-8
date: Mon, 02 Dec 2024 23:02:51 GMT
expires: Mon, 02 Dec 2024 23:02:51 GMT
server: Google Frontend
vary: Accept-Encoding
x-cloud-trace-context: a21826663c610f83296c081f9e5ae5ff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=utf-8
date: Mon, 02 Dec 2024 23:02:50 GMT
location: https://www.heraldlive.co.za/weekend-post/your-weekend/
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 124ms
50ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

888bfef41cdf038e57e17aa985c12716de0567efcef93d466be4ad5d25042422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: br
etag: 243 / 20059 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:02:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33776
x-xss-protection: 0
server: cafe

GET
H3 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
1 KB 81ms
36ms Script
application/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

x-amzn-remapped-content-length: 464
content-encoding: zstd
cf-cache-status: HIT
age: 56
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uScZAfB%2FPwkUTlcsdPNCNksfiyEdyStCr1dF%2BjIEEQyODuR%2FbBPp0Hc6WkKwAgRVsoSDHnCPCmFIjiF36jvolfNlNCxGg0XcjAh336odeULct7qgArkQeGGjSP6ffQVzbTl%2BG6w%3D"}],"group":"cf-nel","max_age":604800}
x-amzn-requestid: 4c56b9a2-7f73-4c5b-bd27-ed20b3c6aa6c
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22755&min_rtt=22551&rtt_var=8602&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4153&recv_bytes=4255&delivery_rate=133757&cwnd=12000&unsent_bytes=0&cid=41b1c31bf2280305&ts=49&x=1", cfHdrFlush;dur=0
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript
last-modified: Wed Aug 30 13:25:09 GMT 2023
vary: Accept-Encoding
cache-control: public, max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-apigw-id: CL5eAFWtDoEEd8g=
x-amzn-trace-id: Root=1-674e3c59-414e3cb21a9efc1f3b9c2e23;Parent=4458a0af45b75c06;Sampled=0;Lineage=1:7936cbcf:0
cf-ray: 8ebef26f6bb776f3-LHR
server: cloudflare

GET
H2 200 vicinity-head-tag-v1.js Show response
static.vic-m.co/ads/ 45 KB
16 KB 173ms
42ms Script
application/javascript 2600:9000:225e:ce00:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6dd6c22a7e0325d6ba11b72b40c9cf38d8354d3ba105d3e62ee83760624f3968

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

x-amz-cf-pop: FRA60-P4
content-encoding: gzip
etag: W/"c77ccd188d1aaed94a5306ec2b0b759d"
age: 61085
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 1kzazqbvPs_64_WD4v6U0xnKxLQG7T61jABwlK7WHt_JlFWKmx29tQ==
date: Mon, 02 Dec 2024 06:04:48 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Fri, 08 Nov 2024 09:42:49 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 heraldlive_21134.js Show response
ads.vidoomy.com/ 4 KB
2 KB 205ms
34ms Script
application/javascript 2a02:6ea0:c77e::4
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/heraldlive_21134.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c77e::4 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 57de341ecef2edd535f820fc951e7cfad1c0528783cf904749fee40fdd028ff0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: max-age=3600
tp-cache: hit
content-encoding: gzip
age: 2999
accept-ranges: bytes
content-length: 1740
date: Mon, 02 Dec 2024 22:12:52 GMT
content-type: application/javascript
vary: , Accept-Encoding

GET
H2 200 priority.8fdbc388bbe60cc187fd.bundle.js Show response
www.heraldlive.co.za/build/chunks/ 2 KB
1 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/priority.8fdbc388bbe60cc187fd.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d9d497e23759cdce70441d7d63e9dde8fa1896a2d170e087679e7ecc11d4dc3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 3867
expires: Tue, 02 Dec 2025 21:58:25 GMT
content-length: 1081
date: Mon, 02 Dec 2024 21:58:25 GMT
x-cloud-trace-context: b8c6b8d024ceae1d639365b973b55f73
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 priority.8fdbc388bbe60cc187fd.bundle.css
www.heraldlive.co.za/build/chunks/ 366 B
352 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/priority.8fdbc388bbe60cc187fd.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 4952
expires: Tue, 02 Dec 2025 21:40:20 GMT
content-length: 198
date: Mon, 02 Dec 2024 21:40:20 GMT
x-cloud-trace-context: beb9dc333e25f49d57e28e6a5d2eb161
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 entry.1d78a30861bf8a587dcf.bundle.css
www.heraldlive.co.za/build/chunks/ 108 KB
24 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5431547b23171a3b3c52a2174174766613986f509de90ab235c81f808bec92f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 37887
expires: Tue, 02 Dec 2025 12:31:25 GMT
content-length: 24806
date: Mon, 02 Dec 2024 12:31:25 GMT
x-cloud-trace-context: 04a1cb82880acef0130032a55a124c1f
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 section.fbb51e8329990b8008b1.bundle.css
www.heraldlive.co.za/build/chunks/pages/ 131 KB
21 KB 90ms
89ms Stylesheet
text/css 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/pages/section.fbb51e8329990b8008b1.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 75aecc451658f90995fea2265231e24e1a810b0c3fc051b41cfb92f07fe8623f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 3015
expires: Tue, 02 Dec 2025 22:12:37 GMT
content-length: 21747
date: Mon, 02 Dec 2024 22:12:37 GMT
x-cloud-trace-context: 1f9f420ed7065688ef0143370f3c299c
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 127ms
45ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

618a8c9bfb7f0cfa622826e5349fa6195e24ae49f2194907b9aea0c89c1cc0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:02:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 23:02:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 arena.png
www.heraldlive.co.za/static/icons/ 33 KB
33 KB 76ms
76ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/arena.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 09c1718f98f43e0d4991844650eefac1459a39b3817fa8e09960425e0e3055ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 6423
expires: Tue, 03 Dec 2024 21:15:49 GMT
content-length: 33449
date: Mon, 02 Dec 2024 21:15:49 GMT
x-cloud-trace-context: 5b67ac52cb69b7ed7990b0ff3b528ffe
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 times-live.png
www.heraldlive.co.za/static/icons/ 14 KB
14 KB 67ms
66ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/times-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6e1fa095b32380cfc9012d96ac2284c414e1b69800f6449e11bb626955c07e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 4030
expires: Tue, 03 Dec 2024 21:55:42 GMT
content-length: 13958
date: Mon, 02 Dec 2024 21:55:42 GMT
x-cloud-trace-context: 108686e8bdf3626b98368dae6a9e7d98
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sunday-times.png
www.heraldlive.co.za/static/icons/ 24 KB
24 KB 59ms
56ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/sunday-times.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b453b6018cfeddfee67cd3ab2776a134adfd94ac4424daffa84c0c1abf7b5260

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 4927
expires: Tue, 03 Dec 2024 21:40:45 GMT
content-length: 24558
date: Mon, 02 Dec 2024 21:40:45 GMT
x-cloud-trace-context: 75eed1699502d7def4b31a816e1e800c
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sowetan-live.png
www.heraldlive.co.za/static/icons/ 37 KB
37 KB 54ms
51ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/sowetan-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6b6e5522e848eb470dc2648937f28971b5e29c0e566a7c6535a64573c609573d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 3430
expires: Tue, 03 Dec 2024 22:05:42 GMT
content-length: 37862
date: Mon, 02 Dec 2024 22:05:42 GMT
x-cloud-trace-context: 3b8bb3966b7e9f7ff1d62578e5834251
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-live.png
www.heraldlive.co.za/static/icons/ 13 KB
14 KB 50ms
47ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0dcab0765de8b009361f988cd6784591a5e2c4b4445db4403d30596f3f6e632c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 3495
expires: Tue, 03 Dec 2024 22:04:37 GMT
content-length: 13696
date: Mon, 02 Dec 2024 22:04:37 GMT
x-cloud-trace-context: 6e8cd56063c94c887a2f9e6d0531e14b
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-day.png
www.heraldlive.co.za/static/icons/ 28 KB
28 KB 74ms
71ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-day.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5b5c6e60a261a3d0238081763b2b4231df7e43eec6c66aaa26c3c60751f317bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 6437
expires: Tue, 03 Dec 2024 21:15:35 GMT
content-length: 28725
date: Mon, 02 Dec 2024 21:15:35 GMT
x-cloud-trace-context: 51cbb8a98e2e9ac1cfee0fee7439ff8a
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 financial-mail.png
www.heraldlive.co.za/static/icons/ 11 KB
11 KB 122ms
120ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/financial-mail.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cfe033fc215b52a0b6786b131136351189311622962539948bbff8302da8a21e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 36449
expires: Tue, 03 Dec 2024 12:55:23 GMT
content-length: 11606
date: Mon, 02 Dec 2024 12:55:23 GMT
x-cloud-trace-context: 4a095046cfbd1d1129ead6cd33362115
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-times.png
www.heraldlive.co.za/static/icons/ 23 KB
23 KB 121ms
119ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-times.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 06b3b1cf2707a488df2615229eaa8492aea59d069a5f59efdc4a5466951f872b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 18900
expires: Tue, 03 Dec 2024 17:47:52 GMT
content-length: 23831
date: Mon, 02 Dec 2024 17:47:52 GMT
x-cloud-trace-context: 9b13e00975df15e7f3133dd682fcf4d3
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 herald-live.png
www.heraldlive.co.za/static/icons/ 21 KB
21 KB 76ms
74ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/herald-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c2691e637c13ff272bf70ccd8c1179a695ee478bf87e7ec2ff5adbdccf263af9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 33855
expires: Tue, 03 Dec 2024 13:38:37 GMT
content-length: 21399
date: Mon, 02 Dec 2024 13:38:37 GMT
x-cloud-trace-context: d740cc9202a614e27a5e0667cb2ab711
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 dispatch-live.png
www.heraldlive.co.za/static/icons/ 15 KB
15 KB 48ms
46ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/dispatch-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9345403cb61c38daf44f314ee25f2f62370b2c360fd7b9b9c5ad24eba2293a19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 14227
expires: Tue, 03 Dec 2024 19:05:45 GMT
content-length: 15708
date: Mon, 02 Dec 2024 19:05:45 GMT
x-cloud-trace-context: 2371786e5dd7c0cd9fec96430470195f
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 wanted.png
www.heraldlive.co.za/static/icons/ 45 KB
45 KB 123ms
121ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/wanted.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3010192f9bb5fe1da34421599bf624e8c31dbb089efbf02f30e65aa445f920d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 86163
expires: Mon, 02 Dec 2024 23:06:49 GMT
content-length: 45984
date: Sun, 01 Dec 2024 23:06:49 GMT
x-cloud-trace-context: 320ce6d2d1d56c143e3508f24883245d
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sa-home-owner.png
www.heraldlive.co.za/static/icons/ 28 KB
28 KB 158ms
156ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/sa-home-owner.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8b8d5614a35711901db89c7f421d9822b6d9885ee1836fd6ceec2cad3a6af254

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 17717
expires: Tue, 03 Dec 2024 18:07:35 GMT
content-length: 28727
date: Mon, 02 Dec 2024 18:07:35 GMT
x-cloud-trace-context: 4a88218f75f11a406f3c0cc7ab681c6f
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-media-mags.png
www.heraldlive.co.za/static/icons/ 27 KB
27 KB 159ms
157ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-media-mags.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7b4bf3f11858ab9b179c27c5c503f5e9696a155fa8a822aff952ac039f702cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 3945
expires: Tue, 03 Dec 2024 21:57:07 GMT
content-length: 27350
date: Mon, 02 Dec 2024 21:57:07 GMT
x-cloud-trace-context: c4db184a5443eb379d2f58e8bee1d9e6
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 arena-events.png
www.heraldlive.co.za/static/icons/ 21 KB
21 KB 159ms
157ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/arena-events.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3055e41635b42441d8ab1d8ae4d93b8eae5e0e0cfe6b1e1e5b062452e55bbe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 13290
expires: Tue, 03 Dec 2024 19:21:22 GMT
content-length: 21494
date: Mon, 02 Dec 2024 19:21:22 GMT
x-cloud-trace-context: d7cc9174a7d8a650dcfa8482fbcde6a0
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 271 KB
93 KB 137ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35b9b45b8eb9db287adc1a0c221a597b8cf28e7d3d0043b03b5c294a9b058f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 02 Dec 2024 23:02:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94260
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 79ms
41ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-2dx8Lu5X' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2dx8Lu5X' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: lD0VZWpRqMdSG4MCDRsL342W/mvcVDqEZ++GygXrAqwmT5ulwmI2z+T2ne97ygNVQWsN/aax9iPrbnKkNgjrdw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 TheWeekendPostLogo.png
www.heraldlive.co.za/publication/custom/static/logos/ 27 KB
27 KB 161ms
159ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/TheWeekendPostLogo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
expires: Tue, 03 Dec 2024 23:02:52 GMT
date: Mon, 02 Dec 2024 23:02:52 GMT
x-cloud-trace-context: a21826663c610f83296c081f9e5ae5ff
vary: Accept-Encoding
server: Google Frontend
content-type: image/png

GET
H2 200 vicinity-v13.js Show response
static.vic-m.co/ads/ 18 KB
6 KB 181ms
52ms Script
application/javascript 2600:9000:225e:ce00:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-v13.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ebd4167f95a059d52b0b64b69ec1348baf783010f6523be548121398b4ada21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
etag: W/"976804446480c78f557db2ec50f46673"
age: 59269
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 8nkUjAB-AYgpe1K_K0Gj7P4rZ7EzeOhKettFLuM0ogl6uebpyjJ_zg==
date: Mon, 02 Dec 2024 06:35:04 GMT
content-type: application/javascript
last-modified: Thu, 25 Nov 2021 14:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
vary: accept-encoding

GET
H2 200 double-your-local-cta2.jpg
www.heraldlive.co.za/publication/custom/static/banners/ 16 KB
16 KB 159ms
158ms Image
image/jpeg 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/banners/double-your-local-cta2.jpg
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9c9bdcc717e753521f67cf3eefd50add639cbbd024ac575f9896a2a1f7b4a4d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 3015
expires: Tue, 03 Dec 2024 22:12:37 GMT
content-length: 16595
date: Mon, 02 Dec 2024 22:12:37 GMT
x-cloud-trace-context: 47563aa1ce6d27a1d8379ed77af0d530
content-type: image/jpeg
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 arena-holdings.logo.png
www.heraldlive.co.za/publication/custom/static/logos/ 17 KB
17 KB 160ms
159ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/arena-holdings.logo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 40539
expires: Tue, 03 Dec 2024 11:47:13 GMT
content-length: 17624
date: Mon, 02 Dec 2024 11:47:13 GMT
x-cloud-trace-context: d1abb9c59c83894a934dcd46bd17263e
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 entry.1d78a30861bf8a587dcf.bundle.js Show response
www.heraldlive.co.za/build/chunks/ 324 KB
116 KB 66ms
63ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: eddb3139397a78451c33afe7156325b73f0efddbaf0cef9a08d8a0bf5022bb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 6425
expires: Tue, 02 Dec 2025 21:15:47 GMT
content-length: 118900
date: Mon, 02 Dec 2024 21:15:47 GMT
x-cloud-trace-context: 28e879ce254207c703e9b9ec40b85384
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 section.fbb51e8329990b8008b1.bundle.js Show response
www.heraldlive.co.za/build/chunks/pages/ 566 KB
167 KB 123ms
120ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/pages/section.fbb51e8329990b8008b1.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 26e8efdda099c4b3e1bd32a3c86df04a1e9f1c0d215d3b308b070661b83333c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 507
expires: Tue, 02 Dec 2025 22:54:25 GMT
content-length: 171223
date: Mon, 02 Dec 2024 22:54:25 GMT
x-cloud-trace-context: cf88803842d34178af78c6952c5d2f9a
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.heraldlive.co.za/ 2 KB
2 KB 63ms
38ms XHR
text/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.heraldlive.co.za/scripts.js
Requested by: Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727251dbc6460e0cbb0e5d32df456d55620083dc35d4238e08c3b39c282bec31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cf-cache-status: HIT
etag: i5P9UYN0zJo9Clo4YESeNw==
age: 753
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAUgKog6DbVd7OuFyzVgo%2FL4dL1t%2FOMViYadFOxPHzRQpcjyax5zKdRPxqMCvqs%2F4V6g4Ncv9nM6OK%2FNItiQ2GKBQDQKh39nTAHGpwFExILU9AjKFLL6NuBUP3e2kHddOJ4ur8o%3D"}],"group":"cf-nel","max_age":604800}
x-amzn-requestid: 27b5910d-8d4e-41be-bd4c-0ac0219e2132
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22988&min_rtt=22985&rtt_var=8625&sent=8&recv=6&lost=0&retrans=0&sent_bytes=2110&recv_bytes=4109&delivery_rate=61142&cwnd=12000&unsent_bytes=0&cid=4938fd8c6ae77ea9&ts=34&x=1", cfHdrFlush;dur=0
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/javascript
last-modified: Wed, 10 Jan 2024 12:58:56 GMT
vary: Accept-Encoding
cache-control: public, max-age=7200, stale-if-error=300, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-apigw-id: CL3y1E-YjoEEb8g=
x-amzn-trace-id: Root=1-674e39ab-6376f8387d08e14a6d2c0221;Parent=1a8f2364cebd58e0;Sampled=0;Lineage=1:388d0713:0
cf-ray: 8ebef26fcf9d4185-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1572
server: cloudflare

GET
H2 200 Herald-LIVE.png
www.heraldlive.co.za/publication/custom/static/logos/ 4 KB
4 KB 112ms
112ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/Herald-LIVE.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a4fc478877ae31d55a00ccd0a0aba78740623e34400b5417ef38b5ee2456e439

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.css

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
expires: Tue, 03 Dec 2024 23:02:52 GMT
date: Mon, 02 Dec 2024 23:02:52 GMT
x-cloud-trace-context: a21826663c610f83296c081f9e5ae5ff
vary: Accept-Encoding
server: Google Frontend
content-type: image/png

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef75f6a856a2f070c51d231b6d47a150dfe847c4e96de88b826f83a941e468c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 419 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28f84a5da577a1727b91c00ad1e8b55edd66a2fc114badc00ee8bc6c6d64b213

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ac0a59e92b15d8f33f485724aa0d32d27fc2ea606cf222639cbfb4209400c04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce776db6760cfd1841280906b65e29af5764c1245be7249e2aed4127ce1906e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b31f8d1c1d19165c14013ab3136508215508d830de43d2f99787b1450cd1ce5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c167008fdcefbcc45c3ddfbf32e1ed00793ffb7ba092d38197506cf147dd3ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 426 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e99632141913dc53583b474042f988d3e31b2749b1c52b25a950fcb82b22c208

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c5660cab0afda99715dfa914c8156056d8babc184c31db4f07759db0a539aeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4dd85165b81e84e58b4f4f095b7fabee758184c6837e8a92c1ba96330c9d311

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd039902ea03a32c485a4ebae41a5a21055224460ef558c2532382959c2afbe2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 504 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e248de9c873d3c3a47b17457426144c61ba2d78f3f37d88614c2d68d6a321cd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 446 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b24b4648287741c730d3f509c40424f2ec166d99ba3d58d6cae744700f7120a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 508 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c0d4466278c336e1945bf447dfc4c72b02b667ac32ba9226a00976542b92184

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1008 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c33cd7bde953773f327fe8d5c118cb135a519aee66921ac8777610ac91385be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1574dcdf79afca1f83491527c5d1364fb9c1bf7ab96062f416225a0772295d82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 428 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab85fe0279f5ef643d3aeffb948e7132440bed2fafdbd5c228477fec1d1c2c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa851bade9a78d0aaccb7ed160e31dbde4975ee80674783452b90e1661695d08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f0d6adfac1d5eca4826e695251eb2384f1d465c71cb6c43f130a71c4feffba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0fd89cb5114e08bd4b4baa1badd07cc45aab7fc3e085cc174c7632c221a84e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 452 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8dcddcd1a1635f010ad594ed16d58d9c6261e89a2f111295f9a752deed838b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
H2 200 fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
www.heraldlive.co.za/build/publication/fonts/ 75 KB
76 KB 91ms
90ms Font
font/woff2 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/publication/fonts/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.heraldlive.co.za
Referer: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.css

Response headers

cache-control: public, max-age=31536000
etag: "pxzb8A"
age: 6128
expires: Tue, 02 Dec 2025 21:20:44 GMT
content-length: 77160
date: Mon, 02 Dec 2024 21:20:44 GMT
x-cloud-trace-context: 45c2f1ec068f765675c7836ac5499c7f
content-type: font/woff2
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 184ms
40ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.heraldlive.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 548479
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 180ms
37ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.heraldlive.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 462225
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 14:39:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 14:39:07 GMT
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51404
x-xss-protection: 0
server: sffe

GET
H3 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
2 KB 83ms
41ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d9d0124-a4e"
age: 13217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQIs8bYjmTePK1CSP0fR8CUqPltfZk0ti7Q2tELS8bt%2BJ1qv0d2RsPj24ID4sRiyg1vGJtMVmk75wKjqKF8urUQMyKBef4tDDDN2IrTJC4ef%2F4BSvZ6anq5ZbddmXstcO6XD"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26626&min_rtt=26620&rtt_var=9987&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4109&recv_bytes=4258&delivery_rate=110463&cwnd=12000&unsent_bytes=0&cid=ac02ae0dfee3f7d3&ts=50&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebef27049154141-LHR
server: cloudflare

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 187ms
55ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

109736135dc84f02f379825bd2b48998e17068eaf1f085df5f52e80537a4257d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.heraldlive.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 349344
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 22:00:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 22:00:28 GMT
last-modified: Wed, 01 May 2024 20:31:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22744
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 41ms
41ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 9965
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 20:16:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 02 Dec 2024 20:16:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 2837651136267650 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 126ms
125ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2837651136267650?v=2.9.176&r=stable&domain=www.heraldlive.co.za&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

49656a6c0be6007c1bff73a94c898e8fd486b19ba0f48fa591db1e51daf9b1b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-kTy7KDeZ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-kTy7KDeZ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=10, c=78, mss=1232, tbw=84953, tp=82, tpl=10, uplat=88, ullat=0
pragma: public
x-fb-debug: mRxF4UfCosqpc6gIG+nY3yGDazKRt42AYjgFP2ZGdiCmLmJKQAx8Ya48dBoxxrKa3dufDMGgqjMtTCYbjzEZ/w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
age: 4753
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:43:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 21:43:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
6 KB 63ms
36ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03faa-43d5"
age: 2149285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xw0hXcEvT9gezpF%2B0ra8yvNJ%2BldJMhALjDs4d4NYHfYnZ2RG6mOOftrTi%2BD0o%2BRmPVvyVGGBSrCEQLepRmYIZ9KnAaMiLwtDrrEym5uOibreGWyQM4qLPTbe5rg%2ByEoj6FK3ZecH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 23:02:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:38 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ebef270fa17bd76-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4996
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 36ms
36ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

0e20b5b6acaa44980bbf1d4ecbe2a4a7d18c562bd3fd2646ccc8eb05345425ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-md5: 6hYU+CYrY+WB5ZOen822DQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "e0252a01fab9de28e109daec2062edb5"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:16:16 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 13ffffe4ac6df73c96d686361a284ee2
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=10, c=77, mss=1232, tbw=82745, tp=78, tpl=10, uplat=1, ullat=-1
x-fb-debug: 7cF9P54goddtK+s8cJ9w51PF066W6BEhDSITve7STqBMZaSc1ri1Wv/wq9lnfmnJVeCF7nNXCpzn73B719uzUA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 vidoomy-player.js Show response
vpaid.vidoomy.com/player/latest/ 427 KB
120 KB 169ms
34ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by: Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/heraldlive_21134.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: feb360b9e47e08db969a22f7cf89f646b08eaf08e43eff6867c1d95332ceb4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
etag: W/"9a38f75dc81d66581166cb5af81ce332"
x-77-cache: HIT
x-amz-storage-class: STANDARD
date: Mon, 02 Dec 2024 23:02:52 GMT
x-rgw-object-type: Normal
content-type: application/javascript
last-modified: Mon, 02 Dec 2024 11:16:44 GMT
x-77-nzt-ray: 15b3c711bc30f4a49c3c4e674c9c681c
vary: Accept-Encoding
x-77-nzt: EwwBqZb/tgH3fKUAAAwBJRPCNAG3AQAAAAgBWbu8pgAA
x-amz-meta-s3cmd-attrs: atime:1733138203/ctime:1733138203/gid:116/gname:jenkins-exec/md5:9a38f75dc81d66581166cb5af81ce332/mode:33188/mtime:1733138203/uid:116/uname:jenkins-exec
access-control-allow-credentials: true
x-amz-request-id: tx00000db0d6afc2fa393ab-00674d971e-782b221-prg
x-77-pop: frankfurtDE
x-77-age: 42364
server: CDN77-Turbo

GET
H2 200 _mUsqMMEgVVm8Uin40gVW1uz8LtQDEd52Z-4B1BcVcTWAKw3X24iv43qEas2hgzU2gVo0GqeX3_1iIUDs6iZNLNhQvMqJ93LqZ4trpiyc1c=w460
lh3.googleusercontent.com/ 157 KB
157 KB 406ms
313ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_mUsqMMEgVVm8Uin40gVW1uz8LtQDEd52Z-4B1BcVcTWAKw3X24iv43qEas2hgzU2gVo0GqeX3_1iIUDs6iZNLNhQvMqJ93LqZ4trpiyc1c=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e78b3d1174879ec3bc6c7ba1c830a3a5182fd2ecc790f7470ffacdecd3360f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160553
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.png"

GET
H2 200 QgdpqyWO1cSgsdXyfUjDwIoraVgFaxQEDNP_Jx8UoKULOmM2C6PVpC6emON5HeOz0zwadWIuTw9IIR1JolvMz4V1mwcIeHf2wpWqT00PjjPKrQ=w460
lh3.googleusercontent.com/ 178 KB
178 KB 460ms
367ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/QgdpqyWO1cSgsdXyfUjDwIoraVgFaxQEDNP_Jx8UoKULOmM2C6PVpC6emON5HeOz0zwadWIuTw9IIR1JolvMz4V1mwcIeHf2wpWqT00PjjPKrQ=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5c369577056a2a6af3b0ee3b66d2575a424fbca4bd1ba69ae40c64ab7851fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182409
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.png"

GET
H2 200 fznVWMGv_6GrSw77yn1jkYgukMTNUP5GvYO8zUx3slOSX65BkfrhJ-bwuTQqnGjQ7D6zqitD_rxyFbLBYcQAI3h2FVr6eVhli6P5v1iL9c6k=w460
lh3.googleusercontent.com/ 66 KB
66 KB 358ms
265ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fznVWMGv_6GrSw77yn1jkYgukMTNUP5GvYO8zUx3slOSX65BkfrhJ-bwuTQqnGjQ7D6zqitD_rxyFbLBYcQAI3h2FVr6eVhli6P5v1iL9c6k=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b75db09a5d7635817f39f89829190ff05ace3708b08ad1bb03d765caa43c24fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67359
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.jpg"

GET
H2 200 TyQewpsXXbh6yzchNreUgjL62-zrcC5r83BojlYV3Nk9Z22ezsbRdboZLNpLEjQ0u1HPFrq2MqmN7UPEL5uIE331l78KmvEfhPMjq0w3fMN8=w460
lh3.googleusercontent.com/ 61 KB
61 KB 490ms
398ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TyQewpsXXbh6yzchNreUgjL62-zrcC5r83BojlYV3Nk9Z22ezsbRdboZLNpLEjQ0u1HPFrq2MqmN7UPEL5uIE331l78KmvEfhPMjq0w3fMN8=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8a7f8a4f0dc7383c9b74d5700fb0bceff126a0a7bd58316151bb769f746565e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62031
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.jpg"

GET
H2 200 HeNyn7bkoc3vg3qR4-0kwb19DWT_SpnEDID65VKLoCCh9GAhXb17VUvoUGXce44XidVq8iKLR0loZHFlTIMYZ9DtYVwZdTbbSXJhqhmE0zwM=w460
lh3.googleusercontent.com/ 303 KB
303 KB 665ms
572ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HeNyn7bkoc3vg3qR4-0kwb19DWT_SpnEDID65VKLoCCh9GAhXb17VUvoUGXce44XidVq8iKLR0loZHFlTIMYZ9DtYVwZdTbbSXJhqhmE0zwM=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f04e147fe554c3690764426dc276dcc67d7d1e497bb03c4e6b0b3d4631c8be8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309837
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.png"

GET
H2 200 Ow3b69l-Xw-NbXo2csHyhDPoPeEei86Qua-dqhoVB2W1lgnk-Vf50HQJ_SgOU-MFzQU4g7QVmlQ8vhMcIfJUHWA_4Zz47UUgSI-bfYqjdHZw=w460
lh3.googleusercontent.com/ 40 KB
40 KB 457ms
364ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Ow3b69l-Xw-NbXo2csHyhDPoPeEei86Qua-dqhoVB2W1lgnk-Vf50HQJ_SgOU-MFzQU4g7QVmlQ8vhMcIfJUHWA_4Zz47UUgSI-bfYqjdHZw=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d95e1abf1b719ee4878735c90c7be8c23c1d9a7d6b10ccd115eb45aa018861dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41247
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.jpg"

GET
H2 200 jvE6qOgYs9JnyG2CI9fx9W-f9qBj_9eK2dWB1JFrn_7eU9BhciDYQpNpe3ZKYjjTyPtzk9t6NCTtR8soMls3FpKXPmr5OTsnu6hd_y41nyg-=w225
lh3.googleusercontent.com/ 23 KB
23 KB 196ms
195ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jvE6qOgYs9JnyG2CI9fx9W-f9qBj_9eK2dWB1JFrn_7eU9BhciDYQpNpe3ZKYjjTyPtzk9t6NCTtR8soMls3FpKXPmr5OTsnu6hd_y41nyg-=w225

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2f710e11a1aaa018339300dda3b3c8242d750378ca39a1e19df6148d3c8f328e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 23:02:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23501
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.jpg"

GET
H2 200 5.f12aac413596fe1aa54a.bundle.css
www.heraldlive.co.za/build/publication/ 29 KB
6 KB 45ms
45ms Stylesheet
text/css 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/publication/5.f12aac413596fe1aa54a.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6929bd28b251e2f2422e60ea53fe985df8c7810a7292d762160f7310966e8e8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 4893
expires: Tue, 02 Dec 2025 21:41:19 GMT
content-length: 6051
date: Mon, 02 Dec 2024 21:41:19 GMT
x-cloud-trace-context: c827673303d414e8bc1bf68f921cdec3
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 oo~d9aca0d0.f12aac413596fe1aa54a.bundle.js Show response
www.heraldlive.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/ 196 KB
63 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/oo~d9aca0d0.f12aac413596fe1aa54a.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 67751df0cd95c23ee77f9373949057a88d936658eeb43381dd33c0ea13b68e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 95552
expires: Mon, 01 Dec 2025 20:30:20 GMT
content-length: 64111
date: Sun, 01 Dec 2024 20:30:20 GMT
x-cloud-trace-context: df9b8984cdac9031b1bfbecedb2a0fa7
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 oovvuu-edit-dialog-index-js.0e033137595305200a72.bundle.js Show response
www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/ 48 KB
10 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.0e033137595305200a72.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f70676a9f819a4f001f4ebf27e678f965a1b07302728537529316c0d5ebb82df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 4992
expires: Tue, 02 Dec 2025 21:39:40 GMT
content-length: 9987
date: Mon, 02 Dec 2024 21:39:40 GMT
x-cloud-trace-context: 472ed0c3d3da12fcac202ba67e53e19b
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 entry.shell.js.8ac9b7eae80d81608dc8.bundle.js Show response
www.heraldlive.co.za/build/chunks/base/app/entry/ 18 KB
7 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js.8ac9b7eae80d81608dc8.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3b3a1ba152972ce5184e1f855295bea7053f6db3c5080c289e91e871265f7100

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 31323
expires: Tue, 02 Dec 2025 14:20:49 GMT
content-length: 7017
date: Mon, 02 Dec 2024 14:20:49 GMT
x-cloud-trace-context: 9ad0d4920537bc741781509e2aab7457
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sync
x.bidswitch.net/ 43 B
183 B 570ms
34ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=vidoomy
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: image/gif

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
498 B 189ms
32ms Image
image/gif 2607:ae80:192:1::177
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:192:1::177 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1733180572512001-364
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Date: Mon, 02 Dec 2024 23:02:52 GMT
Content-Type: image/gif
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
105 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c&gtm=45He4bk0v78478613za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

091b1f2e26847991778df535d38d1199968e6fd5b0df376b401f07489b7e6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 23:02:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107317
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
106 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BWERR8GS85&l=dataLayer&cx=c&gtm=45He4bk0v78478613za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0c224187eb73b7daba4307252ba6bf8b19b97b1b6a15864b3b449f9d99dd32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 23:02:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108672
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
weatherwidget.io/w/ Frame E768 0
0 61ms
35ms Document
text/html 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 2728
alt-svc: h3=":443"; ma=86400
cache-control: public; max-age=14400
cf-cache-status: HIT
cf-ray: 8ebef271890bf666-LHR
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Mon, 02 Dec 2024 23:02:52 GMT
last-modified: Mon, 02 Dec 2024 21:15:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tyTmU09voblYQyoFXEVbrifDZn7vkkJi0r3j0KYmp73Ac%2F9QEzoYvNzhR0c7x%2B4BseZow9eG3yIbVIYl5aVqtwLNXD4Drbr9ZHjDJOB%2FTEQv3fcc7QBhd%2Bn65INF3LgcrRff"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22484&min_rtt=22454&rtt_var=8479&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4132&recv_bytes=4386&delivery_rate=131047&cwnd=12000&unsent_bytes=0&cid=ac86815a448da811&ts=37&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 22877425870 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 146ms
62ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22877425870?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d25de29ba70f128b8dec1d7f6fdc25026a36d64bdec9241d89990dc65095e504

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4b4gmdxzL-wZ6-NECoQf3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2HjteVZHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQzzl9mXQDERRJXWBuAmOHrFVYOIBbi4Zjzc8cuNoEbBxf8YVTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTQ0tNQzMIwvMAAAMHVGhg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4b4gmdxzL-wZ6-NECoQf3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 254 KB
75 KB 40ms
39ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b5659d48b36caa5b37858f357c90eb6a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

d5fbc8c856219d2e8c64c8bab7cfb6561a4c47586d24c30d9cb4c4a08e7162a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.heraldlive.co.za
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-md5: 9uo1XJSlhal03Iu/6UfIDQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "11989cf84a3d11fa788860af98a3ff9d"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 22:05:53 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 3717461ae17108197d000ae8be3c3d76
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=1, ullat=-1
x-fb-debug: d8EYWK6j06ZllhBdIN7hEj3qdqxjeWsFceKgXHhLrulB7C1MldW8m84GYMBi34qRTaZI/t66wACoYzoPB7FClA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76581
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 81ms
36ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&rl=&if=false&ts=1733180572464&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1733180572463.290364473401734703&ler=empty&cdl=API_unavailable&it=1733180572268&coo=false&rqm=GET

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 197ms
197ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&rl=&if=false&ts=1733180572464&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1733180572463.290364473401734703&ler=empty&cdl=API_unavailable&it=1733180572268&coo=false&rqm=FGET

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443953874982034457"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: S6Foh/Ya1lmQ6qjmOmYPfen3f7J751azbCMBmW6nZhZbjdmJ94OB+g+BAJdE1Za7q+W5jDIYPaG0I23elxwyMg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443953874982034457", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4841, tp=13, tpl=0, uplat=160, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
425 B 43ms
42ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1577321794&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&ul=en-gb&de=UTF-8&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAEKAB~&jid=882369071&gjid=1516490849&cid=241028607.1733180572&tid=UA-2619645-1&_gid=1898401380.1733180572&_r=1&_slc=1&gtm=45He4bk0n81T2RR9NNv78478613za200&cd1=&cd2=no&cd3=&cd4=n%2Fa&cd5=&cd6=no&cd7=&cd8=Section&cd9=no&cd10=&cd11=&cd12=your-weekend&cd13=weekend%20%2C%20what%20to%20do%20in%20pe%20on%20the%20weekend%2C%20eastern%20province%20herald%20sports%2C%20port%20elizabeth%20news%20paper%2C%20ep%20herald%2C%20eastern%20cape%20news%20headlines%2C%20the%20ep%20herald%20online%2C%20port%20elizabeth%20herald%20classifieds%20social%2C%20lifestyle%2C%20my%20herald%2CCompetitions&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=1733180572018&cd27=0&cd28=&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2003011176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.heraldlive.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 106ms
34ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JNNJWFKJ2E&gtm=45je4bk0v869910990z878478613za200zb78478613&_p=1733180572018&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=241028607.1733180572&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1733180572&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&en=page_view&_fv=1&_ss=1&ep.uid=&ep.publish_date=&tfd=3239
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c&gtm=45He4bk0v78478613za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.heraldlive.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
558 B 116ms
38ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JNNJWFKJ2E&cid=241028607.1733180572&gtm=45je4bk0v869910990z878478613za200zb78478613&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c&gtm=45He4bk0v78478613za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.heraldlive.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 3A5E 0
0 119ms
47ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-JNNJWFKJ2E&gacid=241028607.1733180572&gtm=45je4bk0v869910990z878478613za200zb78478613&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1017833315

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c&gtm=45He4bk0v78478613za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 23:02:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 42ms
42ms Image
text/plain 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-JNNJWFKJ2E&v=3&t=t&pid=846336307&dl=www.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&tdp=G-JNNJWFKJ2E;69910990;1;6;0&frm=0&rtg=8478613&slo=4&hlo=11&lst=1&pcid=8478613&z=0
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 100ms
48ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JNNJWFKJ2E&cid=241028607.1733180572&gtm=45je4bk0v869910990z878478613za200zb78478613&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=250244923

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 23:02:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 99ms
33ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BWERR8GS85&gtm=45je4bk0v9115178239z878478613za200zb78478613&_p=1733180572018&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=241028607.1733180572&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733180572&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&en=page_view&_fv=1&_ss=1&ep.UID=&tfd=3273
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BWERR8GS85&l=dataLayer&cx=c&gtm=45He4bk0v78478613za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.heraldlive.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/plain
server: Golfe2

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 57ms
57ms Image
text/plain 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-BWERR8GS85&v=3&t=t&pid=1263028496&dl=www.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&tdp=G-BWERR8GS85;115178239;1;6;0&frm=0&rtg=8478613&slo=4&hlo=11&lst=1&pcid=8478613&z=0
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 204
No Content gtm.php Show response
ad2.vic-m.co/adserver/delivery/ 0
176 B 128ms
35ms Script
text/html 34.251.13.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.vic-m.co/adserver/delivery/gtm.php?t=02%2F12%2F2024%2C%2023%3A02%3A52&z=2228&m=geoip_cookie&l=&r=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&c=0.997&v=b47e352e-46fa-42e8-b7f7-2b9e2667f51b&w=1600&h=1200&e=22815d8d31fde5a046bc3952f9df1c4f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Date: Mon, 02 Dec 2024 23:02:52 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.1.33
Server: nginx/1.18.0
Connection: keep-alive

GET
H/1.1 200
OK spcnew2.php Show response
ad2.vic-m.co/adserver/delivery/ 1 B
463 B 122ms
53ms Script
text/html 34.251.13.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.vic-m.co/adserver/delivery/spcnew2.php?zones=banner_12415875%3D2228%7C&nz=1&r=6711992&w=1600&h=1200&o=landscape&vicinity_id=b47e352e-46fa-42e8-b7f7-2b9e2667f51b&vicm2&timezone=0&cid=undefined&url=https://www.heraldlive.co.za/weekend-post/your-weekend/&l=&click_macro=&acceptedLocReq=0&referer=https%3A//www.heraldlive.co.za/weekend-post/your-weekend/
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.1.33
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Transfer-Encoding: chunked
Date: Mon, 02 Dec 2024 23:02:52 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.1.33
Server: nginx/1.18.0
Connection: keep-alive

GET
H/1.1 204
No Content gtm.php Show response
banner.vic-m.co/adserver/delivery/ 0
176 B 592ms
190ms Script
text/html 41.76.214.250
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.vic-m.co/adserver/delivery/gtm.php?t=02%2F12%2F2024%2C%2023%3A02%3A52&z=2228&m=&l=&r=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&c=0.997&v=b47e352e-46fa-42e8-b7f7-2b9e2667f51b&w=1600&h=1200&e=22815d8d31fde5a046bc3952f9df1c4f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.76.214.250 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: tla.dedicated.co.za
Software: nginx/1.16.1 / PHP/7.3.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Date: Mon, 02 Dec 2024 23:08:27 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.3.27
Server: nginx/1.16.1
Connection: keep-alive

GET
H2 200 entry.shell.js.d84033ef75480495167c.bundle.js Show response
www.heraldlive.co.za/build/chunks/custom/app/entry/ 4 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/custom/app/entry/entry.shell.js.d84033ef75480495167c.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.1d78a30861bf8a587dcf.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b6c689076467711fb4fcb67d9968b5a72ab5a8318cc6f2ea424f233ada05fbe4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "pxzb8A"
age: 3716
expires: Tue, 02 Dec 2025 22:00:56 GMT
content-length: 1270
date: Mon, 02 Dec 2024 22:00:56 GMT
x-cloud-trace-context: a247bdfd08f68e3b56497c6fd911fd75
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 AGSKWxXZ9mKsnbCGeY7uFsuMpL5nGPk_cLcorGKW9t7AF1rF4BvLjUHn0NNoqPmuUsyWz06jPipqLTYuIAIMmzIgCQDch5OP53Ga0BT0dE4w6a8BSGzuqDNV9iU20F_UXclnm1XZO9bhaw== Show response
fundingchoicesmessages.google.com/f/ 403 KB
62 KB 88ms
87ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXZ9mKsnbCGeY7uFsuMpL5nGPk_cLcorGKW9t7AF1rF4BvLjUHn0NNoqPmuUsyWz06jPipqLTYuIAIMmzIgCQDch5OP53Ga0BT0dE4w6a8BSGzuqDNV9iU20F_UXclnm1XZO9bhaw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMTgwNTcyLDY0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVyYWxkbGl2ZS5jby56YS93ZWVrZW5kLXBvc3QveW91ci13ZWVrZW5kLyIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksImVuLUdCIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzSFORgpwppU4pNanfOLuV662NJWg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4ae21776e1314c78bac58d813ba1b8e78e2f4aae0712b6b27a2519896cc6678

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tVKjh-DrQXvvpm24cBJPUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4CY4esVVg4gFuLhmPNzxy42gROfjl9gUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAAAHJEGE"
content-security-policy: script-src 'report-sample' 'nonce-tVKjh-DrQXvvpm24cBJPUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 55ms
55ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMySJ3Vs4hP8bSZrgzzG57rubOERxA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 23:02:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 23:02:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 37ms
36ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.heraldlive.co.za
Referer: https://www.heraldlive.co.za/

Response headers

age: 524682
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 21:18:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 21:18:10 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxVOXckyr9dxMd8il6z23WuMkrJXPBB3y4FJKIRRsZhsmLI4ffeJaukM79_XYQzUZidUEZSLeeO8evfmtWjZEGnnbmLTr1RJYYErhUMkuQt-O_tYQbKTVIzbZXhgmaP_-K7n_P0W2w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
47ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOXckyr9dxMd8il6z23WuMkrJXPBB3y4FJKIRRsZhsmLI4ffeJaukM79_XYQzUZidUEZSLeeO8evfmtWjZEGnnbmLTr1RJYYErhUMkuQt-O_tYQbKTVIzbZXhgmaP_-K7n_P0W2w==

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NB_Pc7jXdWUci7vdGiU49w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoCxAxfr7ByALEQD8ecnzt2sQmcuDNlNrOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAACybJnU"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NB_Pc7jXdWUci7vdGiU49w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.heraldlive.co.za
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOXckyr9dxMd8il6z23WuMkrJXPBB3y4FJKIRRsZhsmLI4ffeJaukM79_XYQzUZidUEZSLeeO8evfmtWjZEGnnbmLTr1RJYYErhUMkuQt-O_tYQbKTVIzbZXhgmaP_-K7n_P0W2w==

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2-7KeAykIe1KYPYFXST7rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoCxAxfr7ByALEQD8ecnzt2sQl8mPJ2NrOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAADrcJqk"
content-security-policy: script-src 'report-sample' 'nonce-2-7KeAykIe1KYPYFXST7rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.heraldlive.co.za
content-length: 0
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 prebid-vidoomy_pbjs.js Show response
vpaid.vidoomy.com/prebid/ 450 KB
168 KB 37ms
37ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/prebid/prebid-vidoomy_pbjs.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4d2357859f632f4cc799e7622c96413f50ed0c2584e5cd1bbe7bed0c6d0b08a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: gzip
etag: W/"9c9bdb51df7b0a5f1972c5060c90f352"
x-77-cache: HIT
x-amz-storage-class: STANDARD
date: Mon, 02 Dec 2024 23:02:52 GMT
x-rgw-object-type: Normal
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 09:40:58 GMT
x-77-nzt-ray: 15b3c711bc30f4a49c3c4e670011a634
vary: Accept-Encoding
x-77-nzt: EwwBqZb/tgH3laQIAAgBisclxAEBCAFZu7ymAAA
x-amz-meta-s3cmd-attrs: atime:1732613966/ctime:1732613966/gid:1000/gname:federicoi/md5:9c9bdb51df7b0a5f1972c5060c90f352/mode:33204/mtime:1732613966/uid:1000/uname:federicoi
access-control-allow-credentials: true
x-amz-request-id: tx00000afe748933300f51c-0067459807-782b221-prg
x-77-pop: frankfurtDE
x-77-age: 566421
server: CDN77-Turbo

OPTIONS
H/1.1 200
OK get
ad.vidoomy.com/api/adserver/ad/ Frame 0
0 294ms
58ms Preflight 212.36.83.216
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWhlcmFsZGxpdmUuY28uemEmZm9ybWF0PTEmdT1kMGViOWYyYS01ZDk0LTQ1NGEtODVlZC1iN2FhYjBkNzg5ZmUmem9uZUlkPTI4NDczJmxvb3A9MCZjU3RyaW5nU3RhdHVzPW5vdC15ZXQtb2J0YWluZWQmcGFnZVVybD1odHRwcyUzQSUyRiUyRnd3dy5oZXJhbGRsaXZlLmNvLnphJTJGd2Vla2VuZC1wb3N0JTJGeW91ci13ZWVrZW5kJTJGJnB2ZXJzaW9uPTMuMjkuMSZ1aWQ9Jmk9ZmFsc2UmdGltZUVsYXBzZWQ9MC0xLjk5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Request-Method: GET
Origin: https://www.heraldlive.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Content-Length: 0
Date: Mon, 02 Dec 2024 23:02:53 GMT
Server: nginx

GET
H/1.1 200
OK get Show response
ad.vidoomy.com/api/adserver/ad/ 5 KB
6 KB 232ms
62ms XHR
text/plain 212.36.83.216
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWhlcmFsZGxpdmUuY28uemEmZm9ybWF0PTEmdT1kMGViOWYyYS01ZDk0LTQ1NGEtODVlZC1iN2FhYjBkNzg5ZmUmem9uZUlkPTI4NDczJmxvb3A9MCZjU3RyaW5nU3RhdHVzPW5vdC15ZXQtb2J0YWluZWQmcGFnZVVybD1odHRwcyUzQSUyRiUyRnd3dy5oZXJhbGRsaXZlLmNvLnphJTJGd2Vla2VuZC1wb3N0JTJGeW91ci13ZWVrZW5kJTJGJnB2ZXJzaW9uPTMuMjkuMSZ1aWQ9Jmk9ZmFsc2UmdGltZUVsYXBzZWQ9MC0xLjk5
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash: a062c43a5acb1979239c65dc2ed18e802a28596996fbd011b5b4be20ea083385

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
vidoomy-brandlift: W10=
Content-Transfer-Encoding: base64

Response headers

Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Transfer-Encoding: base64
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Content-Length: 5308
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: text/plain; charset=utf-8
Server: nginx
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=0&_fw_gdpr_consent=
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=5e44483ae8284a72ec351c61f8db8e23&_fw_gdpr=0&_fw_gdpr_consent=

43 B
646 B

634ms
60ms

Image
image/gif

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=5e44483ae8284a72ec351c61f8db8e23&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 43
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: image/gif
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

Cache-Control: no-cache
Location: https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=5e44483ae8284a72ec351c61f8db8e23&_fw_gdpr=0&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1733180572680085-355
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 02 Dec 2024 23:02:52 GMT
Server: nginx

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 122ms
29ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=165144&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dpubmatic%26uid%3D%23PMUID
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

date: Mon, 02 Dec 2024 23:02:51 GMT
content-length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ 0
45 B 249ms
30ms Image
text/plain 89.149.193.100
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=161&gdpr={GDPR}}&gdpr_consent={GDPRCS}}
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.100 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

date: Mon, 02 Dec 2024 23:02:52 GMT
content-length: 0

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent={GDPRCS}}&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=0&gdpr_consent={GDPRCS}}&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553

43 B
670 B

299ms
54ms

Image
image/gif

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 43
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: image/gif
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

strict-transport-security: max-age=31536000
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=5af10caa-4946-4a08-b125-914fa2f79c31-674e3c9c-5553
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Mon, 02 Dec 2024 23:02:53 GMT
server: Jetty(11.0.13)

GET
H2 200 cookie
cm.adform.net/ 35 B
484 B 184ms
48ms Image
image/gif 37.157.6.233
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dadf%26uid%3D%24UID
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Mon, 02 Dec 2024 23:02:53 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
266 B 87ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dopenx%26uid%3D%24%7BUID%7D
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: private, max-age=0, no-cache, must-revalidate
pragma: no-cache
x-forwarded-for: 5.187.21.100
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 02 Dec 2024 23:02:52 GMT
content-type: image/gif
vary: Origin

GET
H2 204 v1
match.sharethrough.com/universal/ 0
58 B 167ms
41ms Image
text/plain 18.184.206.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/universal/v1?supply_id=YITCrBqH

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=vidoomy
https://sync.1rx.io/usersync2/rmpssp?sub=vidoomy&zcc=1&cb=1733180572991
https://ad.turn.com/r/cs?pid=45&id=RX-56aaac88-8702-4b01-a10c-cea511c9e354-003&rndcb=1711906170
https://sync.1rx.io/usersync/turn/3208381042193968232?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-56aaac88-8702-4b01-a10c-cea511c9e354-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dnexxen%26uid%3DRX-56aaac88-8702-4b01-a10c...
https://a.vidoomy.com/api/rtbserver/cookie?i=nexxen&uid=RX-56aaac88-8702-4b01-a10c-cea511c9e354-003

43 B
758 B

71ms
53ms

Image
image/gif

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=nexxen&uid=RX-56aaac88-8702-4b01-a10c-cea511c9e354-003
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 43
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: image/gif
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=nexxen&uid=RX-56aaac88-8702-4b01-a10c-cea511c9e354-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Mon, 02 Dec 2024 23:02:53 GMT
etag: RX56aaac8887024b01a10ccea511c9e354003
content-type: text/html

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dxandr%26uid%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253Dxandr%2526uid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D
https://a.vidoomy.com/api/rtbserver/cookie?i=xandr&uid=1360781637867871121&gdpr=0&gdpr_consent=

43 B
630 B

507ms
54ms

Image
image/gif

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=xandr&uid=1360781637867871121&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 43
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: image/gif
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

cache-control: no-store, no-cache, private
location: https://a.vidoomy.com/api/rtbserver/cookie?i=xandr&uid=1360781637867871121&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.187.21.100; 5.187.21.100; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 189de6c1-41a1-4491-bef8-42153685f8b8
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 02 Dec 2024 23:02:53 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://csync.loopme.me/?pubid=13984&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DLM%26uid%3D%7Bviewer_token%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=6f62239b-30a4-4cf7-8d5e-b1905119b268&gdpr_consent=null&gdpr=0

43 B
650 B

477ms
53ms

Image
image/gif

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=6f62239b-30a4-4cf7-8d5e-b1905119b268&gdpr_consent=null&gdpr=0
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 43
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: image/gif
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=6f62239b-30a4-4cf7-8d5e-b1905119b268&gdpr_consent=null&gdpr=0
content-length: 0
date: Mon, 02 Dec 2024 23:02:53 GMT
server: _

GET
H2 204 /
onetag-sys.com/usync/ 0
88 B 128ms
41ms Image
text/plain 51.89.9.253
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?pubId=8e1b1cddf4eb779&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 41ms
41ms Image
text/plain 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-BWERR8GS85&v=3&t=t&pid=1263028496&dl=www.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&tdp=G-BWERR8GS85;115178239;1;6;0&tdc=G-BWERR8GS85*G-JNNJWFKJ2E&z=0
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Mon, 02 Dec 2024 23:02:53 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200 33890511 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 934 B
1 KB 135ms
37ms XHR
application/xml 2607:ae80:192:1::177
FREEWHEEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/33890511?playerSize=350x197&protocolVersion=4.2&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&gdpr=0&gdpr_consent=&_fw_content_language=EN&_fw_content_length=210&_fw_site_category=IAB11&us_privacy=&_fw_content_category=IAB1&protocolVersion=4.2
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:192:1::177 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 527fc054bcbcdde753224a593e205842187ade58849b611d2ac8312169cb783f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1733180573421042-337
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Date: Mon, 02 Dec 2024 23:02:53 GMT
Content-Type: application/xml;charset=ISO-8859-1
Server: nginx

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
640 B 289ms
113ms XHR
application/xml 3.64.75.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.75.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-75-146.eu-central-1.compute.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.heraldlive.co.za
content-length: 28
date: Mon, 02 Dec 2024 23:02:53 GMT
content-type: application/xml
vary: Accept-Encoding
server: nginx/1.27.2
x-http2-stream-id: 3203

GET
H2 200 / Show response
adx2.adform.net/adx/ 160 B
732 B 370ms
122ms XHR
text/xml 185.167.164.39
ADFORM Adform A/S

General

Check archive.org

Show headers Download Go to

Full URL

https://adx2.adform.net/adx/?mid=1059782&t=2&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&w=350&h=197

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

d6c3e0f4f8533e47221612354bde6bc71605720a6bcc5f2a10a53bf4665f1930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,OPTIONS
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 02 Dec 2024 23:02:53 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: https://www.heraldlive.co.za
server: nginx

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 146ms
39ms Script
application/x-javascript 2600:9000:2057:3400:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3400:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"665fad8c-9895"
age: 84633
cross-origin-resource-policy: cross-origin
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
expires: Mon, 02 Dec 2024 23:32:20 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1NMBmcg-hC6islSavIXfH0VcDV6Y5DdWAJHUuzFTV2NujVfSSe6HAg==
date: Sun, 01 Dec 2024 23:32:20 GMT
content-type: application/x-javascript
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 37ms
37ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1577321794&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&ul=en-gb&de=UTF-8&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25%25&_u=aEDAAEABAAAAACAEKAB~&jid=&gjid=&cid=241028607.1733180572&tid=UA-2619645-1&_gid=1898401380.1733180572&gtm=45He4bk0n81T2RR9NNv78478613za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tcfd=10000&z=1646424104

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

age: 83057
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 23:58:36 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 favicon.png
www.heraldlive.co.za/ 1 KB
1 KB 44ms
43ms Other
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 81d8d9f2329bf52d0031656d3afd16cc38cdc896a9b2dd57554270b287305318

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: public, max-age=86400
etag: "pxzb8A"
age: 48374
expires: Tue, 03 Dec 2024 09:36:39 GMT
content-length: 1087
date: Mon, 02 Dec 2024 09:36:39 GMT
x-cloud-trace-context: 97bb1fac7d49c1a8bfadca814cc77aa4
content-type: image/png
server: Google Frontend

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 307ms
100ms Image
image/gif 44.199.159.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldlive.co.za&p=%2Fweekend-post%2Fyour-weekend%2F&u=B0e4RCVxu1LBqviQt&d=heraldlive.co.za&g=54086&g0=weekend-post-your-weekend&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4519&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&b=4367&t=BYsMNB6OAr_CXXMmOD3_g9aBNw57C&V=147&i=Your%20Weekend%20%7C%20The%20Weekend%20Post&tz=0&_acct=anon&sn=1&sv=D3_QMoFGMneC-A3JR84SaZB1392d&sr=external&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.199.159.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-159-192.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Mon, 02 Dec 2024 23:02:54 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame B32D 449 KB
104 KB 203ms
43ms Script
application/x-javascript 2600:9000:2761:4a00:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:4a00:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f2534f9aeaab0c94dae1215624858b67bd88ac40e6abe45d5fb534c3277ed004

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

content-encoding: br
etag: W/"66fa5222-70418"
expires: Tue, 03 Dec 2024 01:25:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1tHnmh3r0RIdsc5wJBUgf62L_Huk6jsueMDDCuJI-SgGjZoJ_inECg==
date: Mon, 02 Dec 2024 01:25:52 GMT
content-type: application/x-javascript
last-modified: Mon, 30 Sep 2024 07:24:18 GMT
vary: Accept-Encoding
x-cache-status: EXPIRED
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P8
server: CloudFront

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame B32D 25 KB
25 KB 115ms
42ms XHR
application/octet-stream 2600:9000:2761:4a00:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1733180574395
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:4a00:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

etag: "66fa5222-6400"
expires: Tue, 03 Dec 2024 00:39:11 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: zI6JxchDNoh0EP7CP1KLtlG3xwVC8hUQxthOvWqrbsPdecGG_Nq55g==
date: Mon, 02 Dec 2024 00:39:11 GMT
content-type: application/octet-stream
last-modified: Mon, 30 Sep 2024 07:24:18 GMT
x-cache-status: MISS
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.heraldlive.co.za
content-length: 25600
x-amz-cf-pop: FRA60-P8
server: CloudFront

GET
H/1.1

200
OK

u
1f2e7.v.fwmrm.net/ad/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null&gpp_string=null&gpp_sid=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5e44483ae8284a72ec351c61f8db8e23&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...

0
326 B

229ms
42ms

Image
text/html

3.69.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5e44483ae8284a72ec351c61f8db8e23&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3dnull&gdpr=1&gdpr_consent=null
Protocol: HTTP/1.1
Server: 3.69.181.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Cache-Control: no-store
Pragma: no-cache
Connection: keep-alive
Expires: 0
X-Fw-Request-Id: umv0c9d_1733180574592511979
Content-Length: 0
Keep-Alive: timeout=300
Date: Mon, 02 Dec 2024 23:02:54 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Type: text/html

Redirect headers

Cache-Control: no-cache
Location: https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5e44483ae8284a72ec351c61f8db8e23&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3dnull&gdpr=1&gdpr_consent=null
Pragma: no-cache
x-sticky-vk: 1733180574306053-409
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 02 Dec 2024 23:02:54 GMT
Server: nginx

GET
H/1.1 200 / Show response
ads.stickyadstv.com/additional-scripts/ Frame B32D 299 B
609 B 63ms
33ms XHR
text/xml 2607:ae80:192:1::177
FREEWHEEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=33890511&loc=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&gpp_string=null&gpp_sid=null
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:192:1::177 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 5712f37730c67b2e68e6c31d91cff957178336d99aff208ada0422bdbe81be2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/xml, text/xml
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1733180574270088-335
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Date: Mon, 02 Dec 2024 23:02:54 GMT
Server: nginx

GET
H/1.1 200 swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B32D 67 B
0 225ms
167ms XHR
application/xml 2607:ae80:192:1::177
FREEWHEEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=33890511&_fw_content_language=EN&_fw_content_length=210&_fw_site_category=IAB11&us_privacy=&playerSize=350x197&protocolVersion=2.0&gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&gdpr=0&_fw_content_category=IAB1&vav=a9c974ba49bc990e2ccd64a3c8ef454b&vaviv=23562086589d68b79513fe9cbc010af9&reqType=AdsSetup&mustangVersion=1.12.11.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:192:1::177 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/xml, text/xml
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1733180574324074-340
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Date: Mon, 02 Dec 2024 23:02:54 GMT
Content-Type: application/xml;charset=UTF-8
Server: nginx

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWU0NDQ4M2FlODI4NGE3MmVjMzUxYzYxZjhkYjhlMjM=&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

170 B
409 B

136ms
51ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWU0NDQ4M2FlODI4NGE3MmVjMzUxYzYxZjhkYjhlMjM=&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 02 Dec 2024 23:02:54 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWU0NDQ4M2FlODI4NGE3MmVjMzUxYzYxZjhkYjhlMjM=&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1733180574448020-355
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 02 Dec 2024 23:02:54 GMT
Server: nginx

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=5e44483ae8284a72ec351c61f8db8e23&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

43 B
479 B

300ms
99ms

Image
image/gif

98.82.156.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5e44483ae8284a72ec351c61f8db8e23&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-156-207.compute-1.amazonaws.com

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: YPZ4C0WZWFMZZ34K3N44
Content-Length: 43
Date: Mon, 02 Dec 2024 23:02:54 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

Redirect headers

Cache-Control: no-cache
Location: https://s.amazon-adsystem.com/ecm3?id=5e44483ae8284a72ec351c61f8db8e23&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1733180574386043-406
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 02 Dec 2024 23:02:54 GMT
Server: nginx

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
57 B 34ms
34ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BWERR8GS85&gtm=45je4bk0v9115178239z878478613za200zb78478613&_p=1733180572018&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=241028607.1733180572&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1733180572&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&en=SubsStatus&ep.UID=&ep.Subscriber=no&_et=2&tfd=8275
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.heraldlive.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 23:02:57 GMT
content-type: text/plain
server: Golfe2

POST tag
ad.vidoomy.com/api/adserver/tracking/ 0
0

OPTIONS tag
ad.vidoomy.com/api/adserver/tracking/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.vidoomy.com
URL: https://ad.vidoomy.com/api/adserver/tracking/tag?data=ZG9tYWluPWhlcmFsZGxpdmUuY28uemEmZm9ybWF0PTEmdT1kMGViOWYyYS01ZDk0LTQ1NGEtODVlZC1iN2FhYjBkNzg5ZmUmem9uZUlkPTI4NDczJnB2ZXJzaW9uPTMuMjkuMSZ1aWQ9

Domain: ad.vidoomy.com
URL: https://ad.vidoomy.com/api/adserver/tracking/tag?data=ZG9tYWluPWhlcmFsZGxpdmUuY28uemEmZm9ybWF0PTEmdT1kMGViOWYyYS01ZDk0LTQ1NGEtODVlZC1iN2FhYjBkNzg5ZmUmem9uZUlkPTI4NDczJnB2ZXJzaW9uPTMuMjkuMSZ1aWQ9

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heraldlive.co.za/weekend-post/your-weekend	1970-01-21 11:02:20	Name: vicinity_id Value: b47e352e-46fa-42e8-b7f7-2b9e2667f51b__1793180512538
www.heraldlive.co.za/	1969-12-31 23:59:59	Name: session Value: eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkbGl2ZS5jby56YS93ZWVrZW5kLXBvc3QveW91ci13ZWVrZW5kLyJ9\|1733180571\|962f767ce866979f2f911f3ce8ae5fd30c805dc4
.heraldlive.co.za/	1970-01-21 03:35:56	Name: _fbp Value: fb.2.1733180572463.290364473401734703
.heraldlive.co.za/	1970-01-21 01:27:46	Name: _gid Value: GA1.3.1898401380.1733180572
.heraldlive.co.za/	1970-01-21 01:26:20	Name: _gat_UA-2619645-1 Value: 1
.heraldlive.co.za/	1970-01-21 11:02:20	Name: _ga_JNNJWFKJ2E Value: GS1.1.1733180572.1.0.1733180572.60.0.0
.ads.stickyadstv.com/	1970-01-21 02:09:32	Name: UID Value: 5e44483ae8284a72ec351c61f8db8e23
.heraldlive.co.za/	1970-01-21 11:02:20	Name: _ga_BWERR8GS85 Value: GS1.1.1733180572.1.0.1733180572.0.0.0
.doubleclick.net/	1970-01-21 01:26:21	Name: test_cookie Value: CheckForPermission
.sitescout.com/	1970-01-21 10:11:56	Name: ssi Value: 5af10caa-4946-4a08-b125-914fa2f79c31#1733180572964
.sitescout.com/	1970-01-21 02:09:32	Name: _ssuma Value: eyIzOSI6MTczMzE4MDU3Mjk5OCwiNyI6MTczMzE4MDU3Mjk5OH0
.adform.net/	1970-01-21 02:52:44	Name: uid Value: 7258380659942007294
.adnxs.com/	1970-01-21 03:35:56	Name: XANDR_PANID Value: 9tu6h9lXdJkfY89ZuGCvxvKsHcS40JvXGVbaGBB2iF4J-8Dt_K_4W3typ96mhpctGK5TPx1cQ4-75GEH41cJuLb6BopA3YQd66HNAVp5L5I.
.adnxs.com/	1970-01-21 11:02:20	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:35:56	Name: uuid2 Value: 1360781637867871121
.csync.loopme.me/	1970-01-21 03:35:56	Name: viewer_token Value: 6f62239b-30a4-4cf7-8d5e-b1905119b268
.turn.com/	1970-01-21 05:45:32	Name: uid Value: 3208381042193968232
.tapad.com/	1970-01-21 02:52:44	Name: TapAd_TS Value: 1733180573261
.tapad.com/	1970-01-21 02:52:44	Name: TapAd_DID Value: 53710d75-b735-4f1f-8738-08b6e5ecd1ec
.tapad.com/	1970-01-21 02:52:44	Name: TapAd_3WAY_SYNCS Value:
.1rx.io/	1970-01-21 10:11:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-56aaac88-8702-4b01-a10c-cea511c9e354-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/	1970-01-21 10:11:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-56aaac88-8702-4b01-a10c-cea511c9e354-003%22%7D
.vidoomy.com/	1970-01-21 10:11:56	Name: vidoomy-uids Value: eyJ1aWRzIjp7InhhbmRyIjp7InVpZCI6IjEzNjA3ODE2Mzc4Njc4NzExMjEiLCJleHBpcmVzIjoxNzM1NzcyNTczfX19
.heraldlive.co.za/	1970-01-21 11:02:20	Name: _ga Value: GA1.3.241028607.1733180572
.heraldlive.co.za/	1970-01-21 10:55:08	Name: _cb Value: B0e4RCVxu1LBqviQt
.heraldlive.co.za/	1970-01-21 10:55:08	Name: _chartbeat2 Value: .1733180573778.1733180573778.1.D3_QMoFGMneC-A3JR84SaZB1392d.1
.heraldlive.co.za/	1970-01-21 01:26:22	Name: _cb_svref Value: external
.ads.stickyadstv.com/	1970-01-21 01:46:30	Name: uid-bp-30833 Value: 1
.ads.stickyadstv.com/	1970-01-21 02:52:44	Name: uid-bp-159 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.vidoomy.com
ad.turn.com
ad.vidoomy.com
ad2.vic-m.co
ads.stickyadstv.com
ads.vidoomy.com
adx2.adform.net
applets.ebxcdn.com
banner.vic-m.co
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
csync.loopme.me
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ib.adnxs.com
image8.pubmatic.com
lh3.googleusercontent.com
match.sharethrough.com
onetag-sys.com
optimized-by.rubiconproject.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.chartbeat.com
static.vic-m.co
stats.g.doubleclick.net
sync.1rx.io
sync.crwdcntrl.net
sync.targeting.unrulymedia.com
td.doubleclick.net
vpaid.vidoomy.com
weatherwidget.io
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.googletagmanager.com
www.heraldlive.co.za
www.weekendpost.co.za
x.bidswitch.net
ad.vidoomy.com
104.17.24.14
142.250.184.226
142.250.184.238
142.250.185.98
142.250.74.195
157.240.251.9
157.240.252.35
172.217.18.3
172.67.181.105
172.67.212.172
18.184.206.66
185.167.164.39
185.89.210.141
198.47.127.18
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
212.36.83.216
212.36.83.245
216.58.206.40
2600:9000:2057:3400:18:1fcd:354:4b41
2600:9000:225e:ce00:17:2922:12c0:93a1
2600:9000:2761:4a00:19:c363:bec0:93a1
2607:ae80:192:1::177
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2013
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9a
2a01:7e00:e000:3f7::
2a02:6ea0:c700::112
2a02:6ea0:c77e::4
3.64.75.146
3.69.181.172
34.111.113.62
34.251.13.38
34.36.216.150
35.186.253.211
35.214.136.108
35.214.202.49
37.157.6.233
41.76.214.250
44.199.159.192
46.228.174.117
51.89.9.253
52.213.68.253
89.149.193.100
98.82.156.207
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06b3b1cf2707a488df2615229eaa8492aea59d069a5f59efdc4a5466951f872b
091b1f2e26847991778df535d38d1199968e6fd5b0df376b401f07489b7e6438
09c1718f98f43e0d4991844650eefac1459a39b3817fa8e09960425e0e3055ae
0ac0a59e92b15d8f33f485724aa0d32d27fc2ea606cf222639cbfb4209400c04
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5660cab0afda99715dfa914c8156056d8babc184c31db4f07759db0a539aeb
0dcab0765de8b009361f988cd6784591a5e2c4b4445db4403d30596f3f6e632c
0e20b5b6acaa44980bbf1d4ecbe2a4a7d18c562bd3fd2646ccc8eb05345425ac
109736135dc84f02f379825bd2b48998e17068eaf1f085df5f52e80537a4257d
1574dcdf79afca1f83491527c5d1364fb9c1bf7ab96062f416225a0772295d82
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26e8efdda099c4b3e1bd32a3c86df04a1e9f1c0d215d3b308b070661b83333c8
28f84a5da577a1727b91c00ad1e8b55edd66a2fc114badc00ee8bc6c6d64b213
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0d4466278c336e1945bf447dfc4c72b02b667ac32ba9226a00976542b92184
2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa
2f710e11a1aaa018339300dda3b3c8242d750378ca39a1e19df6148d3c8f328e
3010192f9bb5fe1da34421599bf624e8c31dbb089efbf02f30e65aa445f920d5
35b9b45b8eb9db287adc1a0c221a597b8cf28e7d3d0043b03b5c294a9b058f90
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3b3a1ba152972ce5184e1f855295bea7053f6db3c5080c289e91e871265f7100
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
49656a6c0be6007c1bff73a94c898e8fd486b19ba0f48fa591db1e51daf9b1b1
4d2357859f632f4cc799e7622c96413f50ed0c2584e5cd1bbe7bed0c6d0b08a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
527fc054bcbcdde753224a593e205842187ade58849b611d2ac8312169cb783f
5431547b23171a3b3c52a2174174766613986f509de90ab235c81f808bec92f8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5712f37730c67b2e68e6c31d91cff957178336d99aff208ada0422bdbe81be2e
57de341ecef2edd535f820fc951e7cfad1c0528783cf904749fee40fdd028ff0
59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a
5b5c6e60a261a3d0238081763b2b4231df7e43eec6c66aaa26c3c60751f317bd
5c167008fdcefbcc45c3ddfbf32e1ed00793ffb7ba092d38197506cf147dd3ac
5c33cd7bde953773f327fe8d5c118cb135a519aee66921ac8777610ac91385be
618996c505954ddf1e32659a3afe8f41d23805a0a3293e6bca391845b5426ca8
618a8c9bfb7f0cfa622826e5349fa6195e24ae49f2194907b9aea0c89c1cc0d3
67751df0cd95c23ee77f9373949057a88d936658eeb43381dd33c0ea13b68e75
6929bd28b251e2f2422e60ea53fe985df8c7810a7292d762160f7310966e8e8a
6b6e5522e848eb470dc2648937f28971b5e29c0e566a7c6535a64573c609573d
6dd6c22a7e0325d6ba11b72b40c9cf38d8354d3ba105d3e62ee83760624f3968
6e1fa095b32380cfc9012d96ac2284c414e1b69800f6449e11bb626955c07e3e
727251dbc6460e0cbb0e5d32df456d55620083dc35d4238e08c3b39c282bec31
75aecc451658f90995fea2265231e24e1a810b0c3fc051b41cfb92f07fe8623f
7b4bf3f11858ab9b179c27c5c503f5e9696a155fa8a822aff952ac039f702cf1
81d8d9f2329bf52d0031656d3afd16cc38cdc896a9b2dd57554270b287305318
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
888bfef41cdf038e57e17aa985c12716de0567efcef93d466be4ad5d25042422
8a7f8a4f0dc7383c9b74d5700fb0bceff126a0a7bd58316151bb769f746565e0
8b24b4648287741c730d3f509c40424f2ec166d99ba3d58d6cae744700f7120a
8b31f8d1c1d19165c14013ab3136508215508d830de43d2f99787b1450cd1ce5
8b8d5614a35711901db89c7f421d9822b6d9885ee1836fd6ceec2cad3a6af254
9345403cb61c38daf44f314ee25f2f62370b2c360fd7b9b9c5ad24eba2293a19
9c9bdcc717e753521f67cf3eefd50add639cbbd024ac575f9896a2a1f7b4a4d1
9e78b3d1174879ec3bc6c7ba1c830a3a5182fd2ecc790f7470ffacdecd3360f6
9ebd4167f95a059d52b0b64b69ec1348baf783010f6523be548121398b4ada21
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a062c43a5acb1979239c65dc2ed18e802a28596996fbd011b5b4be20ea083385
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fd89cb5114e08bd4b4baa1badd07cc45aab7fc3e085cc174c7632c221a84e2
a4fc478877ae31d55a00ccd0a0aba78740623e34400b5417ef38b5ee2456e439
a5c369577056a2a6af3b0ee3b66d2575a424fbca4bd1ba69ae40c64ab7851fe2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa851bade9a78d0aaccb7ed160e31dbde4975ee80674783452b90e1661695d08
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
b453b6018cfeddfee67cd3ab2776a134adfd94ac4424daffa84c0c1abf7b5260
b4dd85165b81e84e58b4f4f095b7fabee758184c6837e8a92c1ba96330c9d311
b6c689076467711fb4fcb67d9968b5a72ab5a8318cc6f2ea424f233ada05fbe4
b75db09a5d7635817f39f89829190ff05ace3708b08ad1bb03d765caa43c24fe
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2691e637c13ff272bf70ccd8c1179a695ee478bf87e7ec2ff5adbdccf263af9
ce776db6760cfd1841280906b65e29af5764c1245be7249e2aed4127ce1906e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe033fc215b52a0b6786b131136351189311622962539948bbff8302da8a21e
d25de29ba70f128b8dec1d7f6fdc25026a36d64bdec9241d89990dc65095e504
d4ae21776e1314c78bac58d813ba1b8e78e2f4aae0712b6b27a2519896cc6678
d5fbc8c856219d2e8c64c8bab7cfb6561a4c47586d24c30d9cb4c4a08e7162a0
d6c3e0f4f8533e47221612354bde6bc71605720a6bcc5f2a10a53bf4665f1930
d95e1abf1b719ee4878735c90c7be8c23c1d9a7d6b10ccd115eb45aa018861dd
d9d497e23759cdce70441d7d63e9dde8fa1896a2d170e087679e7ecc11d4dc3c
db8dcddcd1a1635f010ad594ed16d58d9c6261e89a2f111295f9a752deed838b
dd039902ea03a32c485a4ebae41a5a21055224460ef558c2532382959c2afbe2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e248de9c873d3c3a47b17457426144c61ba2d78f3f37d88614c2d68d6a321cd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
e4f0d6adfac1d5eca4826e695251eb2384f1d465c71cb6c43f130a71c4feffba
e99632141913dc53583b474042f988d3e31b2749b1c52b25a950fcb82b22c208
eab85fe0279f5ef643d3aeffb948e7132440bed2fafdbd5c228477fec1d1c2c9
eddb3139397a78451c33afe7156325b73f0efddbaf0cef9a08d8a0bf5022bb4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75f6a856a2f070c51d231b6d47a150dfe847c4e96de88b826f83a941e468c1
f04e147fe554c3690764426dc276dcc67d7d1e497bb03c4e6b0b3d4631c8be8a
f0c224187eb73b7daba4307252ba6bf8b19b97b1b6a15864b3b449f9d99dd32c
f2534f9aeaab0c94dae1215624858b67bd88ac40e6abe45d5fb534c3277ed004
f3055e41635b42441d8ab1d8ae4d93b8eae5e0e0cfe6b1e1e5b062452e55bbe6
f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90
f70676a9f819a4f001f4ebf27e678f965a1b07302728537529316c0d5ebb82df
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
feb360b9e47e08db969a22f7cf89f646b08eaf08e43eff6867c1d95332ceb4f6

www.heraldlive.co.za Open in urlscan Pro 2a00:1450:4001:812::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

91 %HTTPS

34 %IPv6

38 Domains

50 Subdomains

43 IPs

10 Countries

3199 kBTransfer

7400 kBSize

29 Cookies

17 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldlive.co.za Open in urlscan Pro
2a00:1450:4001:812::2013 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

91 %
HTTPS

34 %
IPv6

38
Domains

50
Subdomains

43
IPs

10
Countries

3199 kB
Transfer

7400 kB
Size

29
Cookies

114 HTTP transactions
21 data transactions