urlscan.io logo urlscan.io
SecurityTrails logo

www.herald.co.zw Open in urlscan Pro
2606:4700:10::6816:3ef  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Submission: On December 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 8 countries across 48 domains to perform 557 HTTP transactions. The main IP is 2606:4700:10::6816:3ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.herald.co.zw. The Cisco Umbrella rank of the primary domain is 421148.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.
This is the only time www.herald.co.zw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 2606:4700:10:... 13335 (CLOUDFLAR...)
3 151.101.194.207 54113 (FASTLY)
20 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 199.232.196.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 2600:9000:223... 16509 (AMAZON-02)
9 151.101.128.134 54113 (FASTLY)
1 52.222.214.31 16509 (AMAZON-02)
6 199.232.192.64 54113 (FASTLY)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:212... 16509 (AMAZON-02)
6 88.221.168.201 16625 (AKAMAI-AS)
3 52.85.5.57 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
10 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 35.244.174.68 15169 (GOOGLE)
1 199.232.194.49 54113 (FASTLY)
1 18.157.100.67 16509 (AMAZON-02)
3 13.32.27.115 16509 (AMAZON-02)
28 51.89.9.253 16276 (OVH)
29 44.207.237.92 14618 (AMAZON-AES)
3 3 2600:1f18:730... 14618 (AMAZON-AES)
3 52.207.92.75 14618 (AMAZON-AES)
2 143.204.215.42 16509 (AMAZON-02)
6 13.32.99.59 16509 (AMAZON-02)
2 54.197.177.246 14618 (AMAZON-AES)
2 2 54.90.77.112 14618 (AMAZON-AES)
2 26 185.89.210.153 29990 (ASN-APPNEX)
1 69.166.1.10 27630 (AS-XFERNET)
1 1 213.19.147.45 26120 (RHYTHMONE)
2 100.24.192.38 14618 (AMAZON-AES)
1 193.122.174.27 31898 (ORACLE-BM...)
26 72.251.249.9 32475 (SINGLEHOP...)
1 18.156.0.31 16509 (AMAZON-02)
1 1 184.24.9.113 16625 (AKAMAI-AS)
4 104.125.24.254 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 82.145.213.8 39832 (NO-OPERA)
27 34.98.64.218 396982 (GOOGLE-CL...)
2 5 18.194.50.17 16509 (AMAZON-02)
1 185.64.189.115 62713 (AS-PUBMATIC)
48 35.157.246.167 16509 (AMAZON-02)
24 3.224.217.10 14618 (AMAZON-AES)
24 52.59.91.148 16509 (AMAZON-02)
24 2a02:2638:1::1a 44788 (ASN-CRITE...)
24 185.64.189.112 62713 (AS-PUBMATIC)
1 69.173.144.138 26667 (RUBICONPR...)
23 3.72.195.124 16509 (AMAZON-02)
3 6 2a02:2638:1::13 44788 (ASN-CRITE...)
3 2600:1901:0:8... 15169 (GOOGLE)
6 178.250.0.157 44788 (ASN-CRITE...)
3 162.19.138.117 16276 (OVH)
3 35.173.91.17 14618 (AMAZON-AES)
3 52.17.7.52 16509 (AMAZON-02)
3 35.71.131.137 16509 (AMAZON-02)
2 151.101.65.108 54113 (FASTLY)
1 1 34.236.140.33 14618 (AMAZON-AES)
2 2a02:2638::3 44788 (ASN-CRITE...)
557 70
38    2606:4700:10::6816:3ef (United States)

ASN13335 (CLOUDFLARENET, US)
www.herald.co.zw
3    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
live.mrf.io
bc.marfeelcache.com
20    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
heraldlive.disqus.com
referrer.disqus.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
8    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2600:9000:206f:dc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
27    2600:9000:223d:ce00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
9    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    52.222.214.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-31.fra56.r.cloudfront.net
widget.surveymonkey.com
6    199.232.192.64 (United States)

ASN54113 (FASTLY, US)
tempest.services.disqus.com
links.services.disqus.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:225e:a800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2600:9000:223c:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2600:9000:2127:6e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
6    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    52.85.5.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-5-57.sof50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
3    2600:9000:223d:1c00:d:6d12:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.disquscdn.com
10    2a02:26f0:480:580::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
player.aniview.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    199.232.194.49 (United States)

ASN54113 (FASTLY, US)
a.disquscdn.com
1    18.157.100.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-100-67.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
3    13.32.27.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-115.fra56.r.cloudfront.net
launchpad.privacymanager.io
28    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
29    44.207.237.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-237-92.compute-1.amazonaws.com
track1.aniview.com
3    2600:1f18:730:b140:4517:6949:e1a8:7c3d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
3    52.207.92.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-92-75.compute-1.amazonaws.com
rp4.liadm.com
2    143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net
cdn.viglink.com
6    13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net
geo.privacymanager.io
2    54.197.177.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-177-246.compute-1.amazonaws.com
go1.aniview.com
2    54.90.77.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-77-112.compute-1.amazonaws.com
ssp.disqus.com
26    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    100.24.192.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-192-38.compute-1.amazonaws.com
sync.aniview.com
1    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
26    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    184.24.9.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-113.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.125.24.254 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-125-24-254.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
27    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
disqus-d.openx.net
5    18.194.50.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
48    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
24    3.224.217.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-217-10.compute-1.amazonaws.com
hb.minutemedia-prebid.com
24    52.59.91.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
24    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
24    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
23    3.72.195.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
6    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
6    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
3    35.173.91.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-91-17.compute-1.amazonaws.com
idx.liadm.com
3    52.17.7.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    34.236.140.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-140-33.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
Apex Domain
Subdomains		 Transfer
49 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
3 KB
43 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 8204
player.aniview.com — Cisco Umbrella Rank: 1824
track1.aniview.com — Cisco Umbrella Rank: 1815
go1.aniview.com — Cisco Umbrella Rank: 4914
sync.aniview.com — Cisco Umbrella Rank: 2117
319 KB
38 herald.co.zw
www.herald.co.zw — Cisco Umbrella Rank: 421148
1 MB
36 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
mug.criteo.com — Cisco Umbrella Rank: 3032
9 KB
31 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 680
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
247 KB
31 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4795
s.disquscdn.com — Cisco Umbrella Rank: 31188
a.disquscdn.com — Cisco Umbrella Rank: 9538
2 MB
30 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 860
eus.rubiconproject.com — Cisco Umbrella Rank: 547
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 885
token.rubiconproject.com — Cisco Umbrella Rank: 551
32 KB
28 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
grid.bidswitch.net — Cisco Umbrella Rank: 853
7 KB
28 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
60 KB
28 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 727
17 KB
28 disqus.com
heraldlive.disqus.com
disqus.com — Cisco Umbrella Rank: 1026
tempest.services.disqus.com — Cisco Umbrella Rank: 14650
referrer.disqus.com — Cisco Umbrella Rank: 7009
links.services.disqus.com — Cisco Umbrella Rank: 13843
ssp.disqus.com — Cisco Umbrella Rank: 1224
177 KB
27 openx.net
u.openx.net — Cisco Umbrella Rank: 667
disqus-d.openx.net — Cisco Umbrella Rank: 30856
3 KB
26 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 604
10 KB
24 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3330
10 KB
20 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
2 MB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
static.doubleclick.net — Cisco Umbrella Rank: 199
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
604 KB
12 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 7221
launchpad.privacymanager.io — Cisco Umbrella Rank: 6427
geo.privacymanager.io — Cisco Umbrella Rank: 1606
36 KB
9 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1509
rp4.liadm.com — Cisco Umbrella Rank: 6905
idx.liadm.com — Cisco Umbrella Rank: 2367
5 KB
8 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 185
61 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
95 KB
4 quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 13289
cmp.quantcast.com — Cisco Umbrella Rank: 2977
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 15069
107 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
1 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1435
955 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 448
2 KB
3 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1720
453 B
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 536
api.rlcdn.com Failed
149 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
28 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
58 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 8912
794 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2916
46 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
43 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
6 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
166 KB
2 mrf.io
live.mrf.io — Cisco Umbrella Rank: 76727
5 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
592 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1713
413 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
501 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1297
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
243 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 826
498 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7952
501 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
641 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 915
10 KB
1 surveymonkey.com
widget.surveymonkey.com — Cisco Umbrella Rank: 16467
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
46 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
27 KB
1 marfeelcache.com
bc.marfeelcache.com — Cisco Umbrella Rank: 199506
4 KB
557 48
Domain Requested by
48 c2shb.pubgw.yahoo.com player.aniview.com
38 www.herald.co.zw www.herald.co.zw
cmp.quantcast.com
29 track1.aniview.com www.herald.co.zw
player.aniview.com
28 onetag-sys.com www.herald.co.zw
player.aniview.com
27 c.disquscdn.com heraldlive.disqus.com
disqus.com
c.disquscdn.com
26 ap.lijit.com player.aniview.com
26 ib.adnxs.com 2 redirects player.aniview.com
24 disqus-d.openx.net player.aniview.com
24 hbopenbid.pubmatic.com player.aniview.com
24 bidder.criteo.com player.aniview.com
24 prebid-server.rubiconproject.com player.aniview.com
24 hb.minutemedia-prebid.com player.aniview.com
23 grid.bidswitch.net player.aniview.com
20 www.youtube.com www.herald.co.zw
www.youtube.com
11 securepubads.g.doubleclick.net www.googletagservices.com
heraldlive.disqus.com
securepubads.g.doubleclick.net
9 player.aniview.com tg1.aniview.com
player.aniview.com
9 disqus.com heraldlive.disqus.com
c.disquscdn.com
8 jnn-pa.googleapis.com www.youtube.com
6 mug.criteo.com
6 gum.criteo.com 3 redirects
6 geo.privacymanager.io launchpad.privacymanager.io
6 ads.pubmatic.com heraldlive.disqus.com
player.aniview.com
6 referrer.disqus.com
5 x.bidswitch.net 2 redirects
5 googleads.g.doubleclick.net 2 redirects www.youtube.com
pagead2.googlesyndication.com
5 heraldlive.disqus.com www.herald.co.zw
heraldlive.disqus.com
4 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
4 www.gstatic.com www.youtube.com
www.gstatic.com
4 fonts.gstatic.com www.youtube.com
3 match.adsrvr.org ads.pubmatic.com
3 id.crwdcntrl.net ads.pubmatic.com
3 idx.liadm.com ads.pubmatic.com
3 id5-sync.com ads.pubmatic.com
3 lexicon.33across.com ads.pubmatic.com
3 u.openx.net player.aniview.com
3 links.services.disqus.com c.disquscdn.com
3 rp4.liadm.com www.herald.co.zw
3 rp.liadm.com 3 redirects
3 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
3 id.rlcdn.com heraldlive.disqus.com
3 s.disquscdn.com heraldlive.disqus.com
3 launchpad-wrapper.privacymanager.io heraldlive.disqus.com
3 tempest.services.disqus.com heraldlive.disqus.com
3 www.google.com www.youtube.com
2 static.criteo.net player.aniview.com
static.criteo.net
2 acdn.adnxs.com player.aniview.com
2 sync.aniview.com player.aniview.com
2 ssp.disqus.com 2 redirects
2 go1.aniview.com player.aniview.com
2 cdn.viglink.com
2 cmp.quantcast.com quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 quantcast.mgr.consensu.org www.herald.co.zw
quantcast.mgr.consensu.org
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 pagead2.googlesyndication.com www.herald.co.zw
pagead2.googlesyndication.com
2 live.mrf.io www.herald.co.zw
live.mrf.io
1 sync.srv.stackadapt.com 1 redirects
1 token.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 t.adx.opera.com player.aniview.com
1 bh.contextweb.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ups.analytics.yahoo.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 sync.1rx.io 1 redirects
1 sync.go.sonobi.com player.aniview.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 a.disquscdn.com
1 tg1.aniview.com heraldlive.disqus.com
1 www.google.de
1 rules.quantcount.com secure.quantserve.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 widget.surveymonkey.com www.herald.co.zw
1 www.googletagmanager.com www.herald.co.zw
1 www.googletagservices.com www.herald.co.zw
1 bc.marfeelcache.com www.herald.co.zw
0 api.rlcdn.com Failed ads.pubmatic.com
557 81
Subject Issuer Validity Valid
herald.co.zw
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
live.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
marfeelcache.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
cmp.quantcast.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
a.disquscdn.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
surveymonkey.com
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-04 -
2023-12-06		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.disquscdn.com
Amazon		 2022-05-11 -
2023-06-09		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-11-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
viglink.com
Amazon		 2022-10-13 -
2023-11-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Frame ID: 8718B6D46B3BABBFD6B0608A5932EEA7
Requests: 352 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8qz1CmZwxcc
Frame ID: B0910992E7283C576F1ABD5FD77D411A
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/e71ezSmiSyc
Frame ID: 00B7234B31DE18D4692CC79C7D36A03A
Requests: 22 HTTP requests in this frame

Frame: https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=778089c6c9ee9950
Frame ID: 187553CA12A5D16F5A1B659E5D24AAB9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 5151C4EF4AA3A21D1E69BBD8F22297AD
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
Frame ID: 9819006FDB1F4C426D01AB8A6DBE2FEB
Requests: 14 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=heraldlive&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys
Frame ID: 8467C683425EAE0FA7230BA806A372A1
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: 3EC75BF81CB1B9B2ECC07575768B9590
Requests: 29 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: 533759309195A7BDEF396E222C0153AC
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: 3E334C2A6043B0FADBAD58DF4CA64721
Requests: 17 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Frame ID: 0E396C7A36E8736655208E027C4ABF48
Requests: 11 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgC
Frame ID: D5FC107265859F92ABA539107B0B4124
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D1%26key%3D
Frame ID: 465558375A098471D8E485C50287E1AF
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=200&key=OPTOUT
Frame ID: 51D726E10233A12C5A4647D561A25917
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1670786018355-947897066707-009256-012-005528&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 710156770FE0D5C95CB7A86B17085AC5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D18%26key%3D%24UID
Frame ID: 95850C67B2E1BE2EACE50F367910F5C7
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: CEC8910E4FF26F606C28A9FA0DB65C22
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 95BA027C469D63128EADB0B8272F3D0B
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=10&pid=59c9148628a0612da3689288&key=3vJLQpLdq2FB&ev=1&us_privacy=1---&pid=562704
Frame ID: 1949546AC9FE0E1501B59C15E7D00972
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Frame ID: D900AA2CBC58ACA9F3CF582A4AA1D247
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D23%26key%3D
Frame ID: F2B47390B5E1B73CE7AE3C04947179A6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 339935EAA1A8E29D9EAEE66CBA1D6362
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: E115356C4290C8E09324014D7FC0DF6C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158685&us_privacy=1---
Frame ID: A093792100F53543EBD9BC26F0032A86
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C7FB91A52D5A03E341F418EB4CAD6ABE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158685&us_privacy=1---
Frame ID: 9FCA556FE5D35D809667867423DAC43C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670786019689&us_privacy=1---
Frame ID: D834088D70D915712AA11A5B44AB73E1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 591E09E34CC78D812CA3C61975EFF5AC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: E6D7723C7DBDE56C6D9E47301739CB12
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C3D2F89E8555B03F268DBC6889B4F17A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1---&informer=13428637
Frame ID: F480358E2CF8BC4E5250AAB0F42A362F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

10 most expensive toys for big boys | The Herald

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

557
Requests

98 %
HTTPS

40 %
IPv6

48
Domains

81
Subdomains

70
IPs

8
Countries

7110 kB
Transfer

16677 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 45
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 166
  • https://rp.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017590 HTTP 302
  • https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017590&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
Request Chain 171
  • https://rp.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017646 HTTP 302
  • https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017646&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
Request Chain 174
  • https://rp.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017680 HTTP 302
  • https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017680&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
Request Chain 215
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgB&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgB%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=8481611034023613484&r=Cg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgB&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgC
Request Chain 217
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=200&key=OPTOUT
Request Chain 221
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 222
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=10&pid=59c9148628a0612da3689288&key=3vJLQpLdq2FB&ev=1&us_privacy=1---&pid=562704
Request Chain 263
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=FAELKnxiTUhkN0drcDdYS0dzZXg5WUYrV1lIRjZZUG1uWktZWU5wR0RmbngvbjZNVGdLRFUxdEZCdTRzcmY3WWlSY2lmRTZXbktRNW83aGlXYTl4WGFVcnAvM3htdVJtV2lRT1h1ZVoxWndsZmJJSFA5M2VuVXZFb1VkUzR2eG04clpUNTRzMlREOFRwVkx4VCt0ckNpbk5WZEk3WERKalB2ZkdJdit4cWY3YVJ3dnR4Mnd3Z1dJUmF1OVdvV1RJcmZ6U1c1d1cvOUJ5Q1NnTkdUQzdwV0dkT3ZQeGphckVKSmVwSmx2ZVVkN1hhVC8vQU52OHRnMUZKc3UrRmxJTGFRSXppfA&cppv=2
Request Chain 271
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=085OiXw1Y3liZ0J0UGZHYnFYVFBUWkdJYUNTaHZBbFNKUkJRK2FIbEZwYTlTUGp0V0ZEOE42YWRBVmpKM0FrK1hUNEttZ3pQaG96aDlqYjNOUUF0WWdHUWtqWGxFZnZiVTBDSENHdzJJRnN6MjJzN1dvZXQvNW5NbjBtMDMzLy9Cc3k0eUo4c0xQdG9TeTdqTC9hNHVpcmhYMnFPN3NYNkNyd0RYZkt4b2JtL0dnNndDNEFIMDZwSXoxOWF6WEZCVW9ib2VLc2E4WTlMTE9MVjREYnFTdElpaWdOdTFhdmVZMnhIWmNwcTBwcWhFdmtQU3VCT0NFeTFnZThJTVNNc1hMd1pxfA&cppv=2
Request Chain 278
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=UFcCSXx5dUs4d2JIYTBCckorNkhpL2J3cGZQY2g5Vng4TnV0TTJ6MG1JK1NUY2c0elh2L3VpL3pmalZSck5Lc2htQ3NDd1NJRGwyN0FaV2xISzRCNkxIcDZ6bG5CdHV0OFZWc1VOUVhZeFlSODRqR0RsNmtrNGVMQjIyYWhQRW1kenJJYmI1TVExNE5lS0ZsTUhURU13cjNRTWp4am4xOGIvQWZtOFlNbG1KeDB4cjh3MVo1WUJsamE1a3cvd0NyWGVCR1dHeHZ1Z0FIR1dwWS8rQVJ1YmcvWldPNWNUVzJVMjhMTERGb0RrUEpMWXJDRUVYa2FVd01aNWd6OElVVzFUblYyfA&cppv=2
Request Chain 331
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=cQL1QkDGTQFmMJ5lVT5-2cEbDhw&user_group=1&ssp=themediagrid

557 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.herald.co.zw/10-most-expensive-toys-for-big-boys/ 		92 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a88e8ec4dd3f6621a982afcd8ef96e41a658f3b3fb5a0af2e442a41ad9ba4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
778089c6c9ee9950-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Dec 2022 19:13:34 GMT
link
<https://www.herald.co.zw/wp-json/>; rel="https://api.w.org/", <https://www.herald.co.zw/?p=11357>; rel=shortlink
server
cloudflare
vary
user-agent,Accept-Encoding
x-pingback
https://www.herald.co.zw/xmlrpc.php
gardac-sync.js
live.mrf.io/statics/marfeel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.mrf.io/statics/marfeel/gardac-sync.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5be3ffa74348aa48ef6b3bb96c257ffa46fc137dbc3c0e473eedf2f11803f8f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
via
1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
89c39e2a0dc8439c9a4a30c4e2edee13
x-amz-cf-pop
YUL62-C2
x-mrs-cache
MISS
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
M-HH
x-mrf-rendered
1670310860755
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
0de4a07034064aadacff3e8a68311546
x-mrs-age
0
content-length
3764
x-mshield-cache-status
MISS
x-served-by
mshield-b-02, haproxy2, cache-yul12827-YUL, cache-hhn-etou8220047-HHN
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1670786014.429684,VS0,VE0
etag
W/"0ce200f8177e647174529f5d048a1a5eb"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
xfJ-dkQWzrH6Y_IoBW9NcLe3TlfgcL1s5gRwVciSIS4K_FgI7EDzgw==
x-cache-hits
51, 11
sirius.min.css
www.herald.co.zw/wp-content/themes/sirius/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/css/sirius.min.css
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fcb3079cb44b316e0b00aa6e6f94f43b6f44cd1dc47a0f9ae7d9c0a57b3b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Mar 2019 09:28:42 GMT
server
cloudflare
age
1002
etag
W/"8e68-584fbf266e924-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
cf-ray
778089cdd8129950-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5be3ffa74348aa48ef6b3bb96c257ffa46fc137dbc3c0e473eedf2f11803f8f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
via
1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
616161a3e25747f19972c31ee0716ea3
x-amz-cf-pop
YUL62-C2
x-mrs-cache
MISS
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
M-HH
x-mrf-rendered
1670310860755
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
0de4a07034064aadacff3e8a68311546
x-mrs-age
0
content-length
3764
x-mshield-cache-status
MISS
x-served-by
mshield-b-02, haproxy2, cache-yul12827-YUL, cache-hhn-etou8220076-HHN
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1670786014.418382,VS0,VE0
etag
W/"0ce200f8177e647174529f5d048a1a5eb"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
xfJ-dkQWzrH6Y_IoBW9NcLe3TlfgcL1s5gRwVciSIS4K_FgI7EDzgw==
x-cache-hits
51, 8
herald_logo.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2017/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2017/11/herald_logo.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbe2702bfe6db30bcfd2ae6030e8c65ca767693fc3cb972c08fe11647c83836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Dec 2017 07:39:26 GMT
server
cloudflare
cf-polished
origSize=5104, status=webp_bigger
etag
"13f0-55f4277cda780"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089ce2cad928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4980
main.d.js
live.mrf.io/www.herald.co.zw/ 		13 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.mrf.io/www.herald.co.zw/main.d.js
Requested by
Host: live.mrf.io
URL: https://live.mrf.io/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
86395758b98f4bb9995afcdbb197fc14
x-amz-cf-pop
YUL62-C2
x-mrs-cache
REFRESHING
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
R-HS
x-mrf-rendered
1670742055876
x-mrs-age
0
x-b3-traceid-primal
b838294d6a0343eb8f265829a097e46b
content-length
13
x-mshield-cache-status
REFRESHING
x-served-by
mshield-b-02, haproxy3, cache-yul12832-YUL, cache-hhn-etou8220047-HHN
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1670786014.440892,VS0,VE3
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
CKVWYlWads9YAqtPjyZ_Ne9gIPR94KcCtRlt1K1SFywUIMFqtTpZQw==
x-cache-hits
2, 1
preloader_small.gif
www.herald.co.zw/wp-content/themes/sirius/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/img/preloader_small.gif
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/css/sirius.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5537b8e22d98409891207b8fcdc960a93ac332726529bc8b49a0d161354c0aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/wp-content/themes/sirius/css/sirius.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Tue, 26 Mar 2019 09:28:45 GMT
server
cloudflare
cf-polished
origSize=5754, status=webp_bigger
etag
"167a-584fbf29962f4"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089ce5cfe928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4859
email-decode.min.js
www.herald.co.zw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Dec 2022 17:55:37 GMT
server
cloudflare
etag
W/"638a3c19-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
778089cf0e32928d-FRA
expires
Tue, 13 Dec 2022 19:13:34 GMT
AGRICULTURE-JOURNAL-SEPTEMBER-2022-1.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/10/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/10/AGRICULTURE-JOURNAL-SEPTEMBER-2022-1.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e68199e07cf56e9e05fd0188dbfd7e020685dc2861c04177eed58ee605ebf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 05 Oct 2022 12:55:28 GMT
server
cloudflare
cf-polished
origSize=298593, status=webp_bigger
etag
"48e61-5ea4917549dd9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089cf0e38928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285366
sirius_logo.png
www.herald.co.zw/wp-content/themes/sirius/img/ 		584 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/img/sirius_logo.png
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5752d4a50658cddeceb586dccb5713bb9cf91efc2976d79f2a47248c010f192e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Tue, 26 Mar 2019 09:28:45 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=1961
etag
"7a9-584fbf2993415"
vary
Accept
content-type
image/webp
cache-control
max-age=300
content-disposition
inline; filename="sirius_logo.webp"
accept-ranges
bytes
cf-ray
778089cf0e3e928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
584
sirius_icons.css
www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/ 		3 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.css
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d39508164d7015990a918eb8f035aa7040f943a834f028f843046855991fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 26 Mar 2019 09:28:49 GMT
server
cloudflare
age
2927
cf-polished
origSize=3722
etag
W/"e8a-584fbf2ded81f-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
cf-ray
778089cf2e6d928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
slick.css
www.herald.co.zw/wp-content/themes/sirius/js/slick/ 		1 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/slick/slick.css
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 26 Mar 2019 09:28:48 GMT
server
cloudflare
age
2926
cf-polished
origSize=1776
etag
W/"6f0-584fbf2c78766-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
cf-ray
778089cf2e70928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lightgallery.min.css
www.herald.co.zw/wp-content/themes/sirius/js/lg/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/lg/css/lightgallery.min.css
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Mar 2019 09:29:31 GMT
server
cloudflare
age
2926
etag
W/"4fea-584fbf5544bff-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
cf-ray
778089cf2e75928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lg-transitions.min.css
www.herald.co.zw/wp-content/themes/sirius/js/lg/css/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/lg/css/lg-transitions.min.css
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fb6f79d7a4ab0226ce9634cc960a4430c488459219c956d350868b39f20783

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Mar 2019 09:29:31 GMT
server
cloudflare
age
2926
etag
W/"98c4-584fbf5545b9f-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
cf-ray
778089cf2e7a928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rocket-loader.min.js
www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Dec 2022 17:55:37 GMT
server
cloudflare
etag
W/"638a3c19-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
778089cf2e7e928d-FRA
expires
Tue, 13 Dec 2022 19:13:34 GMT
8qz1CmZwxcc
www.youtube.com/embed/ Frame B091 		68 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/8qz1CmZwxcc
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02657b7eec9c3836c93c328d9dc23bada4b701b815409f62033815c0f2234eee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 19:13:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
e71ezSmiSyc
www.youtube.com/embed/ Frame 00B7 		69 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/e71ezSmiSyc
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3074be6ff5e0f232dd1080c058925917f2d7c67f1a103c67b56bdbfd43d66863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 19:13:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
www.herald.co.zw/fonts.gstatic.com/s/merriweathersans/v22/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58

Request headers

Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Origin
https://www.herald.co.zw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 19:03:36 GMT
server
cloudflare
age
300937
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778089cf4ebf928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35520
expires
Tue, 05 Dec 2023 22:56:21 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
www.herald.co.zw/fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Request headers

Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Origin
https://www.herald.co.zw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
cloudflare
age
300937
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778089cf5ed7928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20028
expires
Fri, 08 Dec 2023 03:47:51 GMT
www-player.css
www.youtube.com/s/player/72d3c60a/ Frame B091 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37989d66d7da422105656007fd8aa14684e4c9ec4cb93ca4912e4c5221040c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 13:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49862
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 11 Dec 2023 13:19:32 GMT
www-embed-player.js
www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/ Frame B091 		314 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c52e805c1b69dda11a886e212b418bc215aaec0df4369a90ee63264b83e7832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 07:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
127218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99392
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Dec 2023 07:53:16 GMT
base.js
www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/ Frame B091 		2 MB
582 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc30d3115fa31557e01b293919640cdf5de0717613b890e3a3a0aec3ffc73572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
344218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
595824
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:36:36 GMT
fetch-polyfill.js
www.youtube.com/s/player/72d3c60a/fetch-polyfill.vflset/ Frame B091 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
95960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Dec 2023 16:34:14 GMT
www-player.css
www.youtube.com/s/player/72d3c60a/ Frame 00B7 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37989d66d7da422105656007fd8aa14684e4c9ec4cb93ca4912e4c5221040c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 13:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49862
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 11 Dec 2023 13:19:32 GMT
www-embed-player.js
www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/ Frame 00B7 		314 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c52e805c1b69dda11a886e212b418bc215aaec0df4369a90ee63264b83e7832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 07:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
127218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99392
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Dec 2023 07:53:16 GMT
base.js
www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/ Frame 00B7 		2 MB
582 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc30d3115fa31557e01b293919640cdf5de0717613b890e3a3a0aec3ffc73572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
344218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
595824
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:36:36 GMT
fetch-polyfill.js
www.youtube.com/s/player/72d3c60a/fetch-polyfill.vflset/ Frame 00B7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
95960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Dec 2023 16:34:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B091 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
age
431527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 19:21:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B091 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 18:59:48 GMT
x-content-type-options
nosniff
age
432826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Dec 2023 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00B7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
age
431527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 19:21:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00B7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 18:59:48 GMT
x-content-type-options
nosniff
age
432826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Dec 2023 18:59:48 GMT
sirius_icons.ttf
www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/ 		15 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.ttf?1bhu37
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abacfa18472a4ace0034615d9219c5d3585292b5920881c434f7a3382f7cfc57

Request headers

Referer
https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.css
Origin
https://www.herald.co.zw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Mar 2019 09:28:49 GMT
server
cloudflare
etag
W/"3a6c-584fbf2de7a5f"
vary
Accept-Encoding
content-type
font/ttf
cache-control
max-age=300
cf-ray
778089cfefe5928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
count.js
heraldlive.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldlive.disqus.com/count.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
28
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 09 Dec 2022 23:26:27 GMT
Server
nginx
ETag
"6393c423-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
ZC5POBQ48HaEmZmDXD6HJogQ_nZBjMytBIubQvMsaWsXLHYYNC1Okw==
forms-api.min.js
www.herald.co.zw/wp-content/plugins/mailchimp-for-wp/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.1.14
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d915c1a38320682d4c8e6fbe119889d26a91958f472d10808c161f938fc14957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 22 Jan 2018 08:55:52 GMT
server
cloudflare
etag
W/"2e73-5635998ece2cb-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0f9f8928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
www.herald.co.zw/wp-includes/js/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-includes/js/wp-embed.min.js?ver=4.8.21
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 15 Apr 2021 10:22:51 GMT
server
cloudflare
etag
W/"56a-5c0003eea8ced-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0f9fb928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sirius.min.js
www.herald.co.zw/wp-content/themes/sirius/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/sirius.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d37c00df70f24efaaf7ea5ad554d26246f61863ad26ecdddbcb19c19e81920e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 20 Aug 2022 11:37:21 GMT
server
cloudflare
etag
W/"2467-5e6aaa33c97dd-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0fa02928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lightgallery-all.min.js
www.herald.co.zw/wp-content/themes/sirius/js/lg/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/lg/js/lightgallery-all.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872fdbf1d445fc24148a4025a848e9c9e7eee31730e98fc218f58b13d28461da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 26 Mar 2019 09:29:31 GMT
server
cloudflare
etag
W/"c0a8-584fbf55a85bd-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0fa07928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
slick.min.js
www.herald.co.zw/wp-content/themes/sirius/js/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/slick/slick.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 26 Mar 2019 09:28:48 GMT
server
cloudflare
etag
W/"a76f-584fbf2ca2746-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0fa0c928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
verlok.lazyload.min.js
www.herald.co.zw/wp-content/themes/sirius/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/verlok.lazyload.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f8034b4f08f1c4f05a6a914d7ba6fe966a0112d5ec0cbbae2cd7b35b6407b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 26 Mar 2019 09:28:42 GMT
server
cloudflare
etag
W/"dcd-584fbf273d9a0-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0fa0d928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.2.1.min.js
www.herald.co.zw/wp-content/themes/sirius/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 26 Mar 2019 09:28:43 GMT
server
cloudflare
etag
W/"15283-584fbf276b7ff-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0fa0f928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
resizer.js
www.herald.co.zw/wp-content/plugins/marfeelpress/includes/base/src/resources/js/ 		681 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/wp-content/plugins/marfeelpress/includes/base/src/resources/js/resizer.js?ver=4.8.21
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 10 Feb 2022 13:13:43 GMT
server
cloudflare
etag
W/"2a9-5d7a9b83b9653-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
cf-ray
778089d0fa12928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68cc41c8bd4b99770b04e610917de3cf82f404ca4640579dfe4ad0a5fec7522e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49264
x-xss-protection
0
server
cafe
etag
13360635023363995605
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:13:35 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1419 / 138 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 11 Dec 2022 19:13:34 GMT
invisible.js
www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 1875 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=778089c6c9ee9950
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20131f1da483b42d85788609e17853f8eb52fb71b650e1ec6a68ac94de31eb3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:34 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
778089d0fa15928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
id
googleads.g.doubleclick.net/pagead/ Frame B091
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99d29993a2f4b899200b6fba42c1d7c73d1ea0431e9e8579c5beaaabc3c1ee8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 11 Dec 2022 19:13:35 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B091 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:58:52 GMT
x-content-type-options
nosniff
age
883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 19:13:52 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 00B7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/e71ezSmiSyc
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fce8391acbe0f8be242713056c44bcfd0d22d3bb1bb0b83c4e17e1064e447d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 11 Dec 2022 19:13:35 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 00B7 		29 B
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:58:52 GMT
x-content-type-options
nosniff
age
883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 19:13:52 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 11 Dec 2022 19:13:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
lib.wasm
www.youtube.com/s/player/72d3c60a/wasm/ Frame B091 		23 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/wasm/lib.wasm
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25d069ff651ed54115f016a1c8e7667666b167add6dc90225948d546d02c1185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
343600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9504
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
application/wasm
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:46:55 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B091 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
145f33b4f19058351f1e56a7181ebffd8805900fbfcd68b664bc4607f891993e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30976
x-xss-protection
0
remote.js
www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/ Frame B091 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e981e924b21455635989b5c06b2fc664bde6d184bd857065bbb8afd7db949bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
344218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37386
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:36:37 GMT
G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
www.google.com/js/th/ Frame B091 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
199860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14211
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 11:42:35 GMT
embed.js
www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/ Frame B091 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afe020da20b7aad5cc185b3851261cd16b7c5be7f9a45f732bd27820de065f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
344166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8322
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:37:29 GMT
truncated
/ Frame B091 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu9GkMQz9OQMYCxRymmmpeXemP5TTaML045-J8kthA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B091 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu9GkMQz9OQMYCxRymmmpeXemP5TTaML045-J8kthA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
385ad77259ca03879af9a51eeec61d0851864a3d4986a36a159dd3b4898fd1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 16:39:29 GMT
x-content-type-options
nosniff
age
9246
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3103
x-xss-protection
0
server
fife
etag
"v1b3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 12 Nov 2022 17:25:15 GMT
sddefault.jpg
i.ytimg.com/vi/8qz1CmZwxcc/ Frame B091 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/8qz1CmZwxcc/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-BIAC4AKKAgwIABABGFkgYihlMA8=&rs=AOn4CLBzWUQrawv2BboCkjuXRThbGIfyNQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8qz1CmZwxcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ebe2da9b77fd506d3b00c93fb1e519439dda21c34623a10990741cfbee8dfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:11:13 GMT
x-content-type-options
nosniff
age
3742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39816
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 11 Dec 2022 20:11:13 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 11 Dec 2022 19:13:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 00B7 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ebf3fd42f35cb405ab4139463275b0abf8b60e4bb02f59e822f7887705c6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31001
x-xss-protection
0
remote.js
www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/ Frame 00B7 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e981e924b21455635989b5c06b2fc664bde6d184bd857065bbb8afd7db949bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
344218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37386
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:36:37 GMT
G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
www.google.com/js/th/ Frame 00B7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
199860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14211
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 11:42:35 GMT
embed.js
www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/ Frame 00B7 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afe020da20b7aad5cc185b3851261cd16b7c5be7f9a45f732bd27820de065f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
344166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8322
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 01:17:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Dec 2023 19:37:29 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B091 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0743438207384132ac0219aa6ca9ed381e1c1cd6297b3a141c80439a207f909c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 11 Dec 2022 19:13:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 00B7 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca8a32cf317fcae39004583dbd1a004cd7ad75b076693db3230797f509f5e68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 11 Dec 2022 19:13:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
pica.js
www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1875 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c5848d2213dfb81e31e71a3756825dc1e4c865d9ef69925f37c9a51a4c659c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
778089d4ea47928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
generate_204
www.youtube.com/ Frame B091 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?tJNeQQ
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
choice.js
quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/choice.js?timestamp=1670786015690
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:dc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dce2b4fd512012ed35f39ec51bf1553a27a0667af55a2f643530b1114bd9f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 21:25:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
W/"ed48efdf8e3a9200874842e4d3f432e4"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
xKUccDwMAAZYpfiMkV3c06M1gm4hLZewIfcKTFjahyYasNjn7cSzVA==
gtm.js
www.googletagmanager.com/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3HF3JF
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ec72586ee09203fb70bea5255f366dbe561313ccc72a9f439ecb9a00c860270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46532
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Dec 2022 19:13:35 GMT
embed.js
heraldlive.disqus.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldlive.disqus.com/embed.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
f279c5cca4f899d995eaed1c898dfc52c89ea2a43e74fb99be2ea699b3601852
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
0
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25702
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B091 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:13:35 GMT
generate_204
www.youtube.com/ Frame 00B7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?FIUkLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/e71ezSmiSyc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 00B7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:13:35 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 15:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Dec 2023 15:34:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		143 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.herald.co.zw
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657fbcccc7c4e8c29302e0b4b6497213c90de400f099a5fd9f494461d07c092f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:35 GMT
cast_sender.js
www.gstatic.com/eureka/clank/108/ Frame B091 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/108/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 16:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 00:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 12 Dec 2022 16:20:54 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7429385817508822&plah=www.herald.co.zw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccc1c7567bc104604261d962eb6d79329dc403f8faccfd97a80d72dd2924e71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119778
x-xss-protection
0
server
cafe
etag
10755560716459674844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:13:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 5151 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 22:17:10 GMT
etag
10353107486223812946
expires
Sat, 24 Dec 2022 22:17:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HF3JF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 17:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7070
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 11 Dec 2022 19:15:46 GMT
cast_sender.js
www.gstatic.com/eureka/clank/108/ Frame 00B7 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/108/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 16:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 00:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 12 Dec 2022 16:20:54 GMT
lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
c.disquscdn.com/next/embed/styles/ 		0
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 09 Dec 2022 19:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
173512
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
30724
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 08 Dec 2022 23:13:29 GMT
server
nginx
etag
"63926f99-7804"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
VdwIpZN8IjmsqegZM_0P78pNsek9mbzU5wDzra7sDd6i7DaW8iY_ug==
expires
Sat, 09 Dec 2023 19:01:44 GMT
common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 01 Dec 2022 15:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
876297
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94892
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 30 Nov 2022 00:18:36 GMT
server
nginx
etag
"6386a15c-172ac"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
-7JR-rCCu74oQcQ9VE6ksTo1sVSCUeSY_JZBFJOgdkWRGVYXvxb8aA==
expires
Fri, 01 Dec 2023 15:48:39 GMT
lounge.bundle.5018287d05b2fa3bc388022cb540d0b3.js
c.disquscdn.com/next/embed/ 		0
127 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.5018287d05b2fa3bc388022cb540d0b3.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 08 Dec 2022 17:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
265267
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
128803
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 08 Dec 2022 17:26:42 GMT
server
nginx
etag
"63921e52-1f723"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
WAG-LpA0S1vG05scVZiQrUd_RqUvYDhdh89lbhTT1kcpiW3_4YvOmQ==
expires
Fri, 08 Dec 2023 17:32:29 GMT
config.js
disqus.com/next/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
31
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
16911
X-XSS-Protection
1; mode=block
recommendations.js
heraldlive.disqus.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldlive.disqus.com/recommendations.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
514b51de0736e321d5e45654d3e1c548812364193aa5cd93f60b32f5d343bd17
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21400
778089c6c9ee9950
www.herald.co.zw/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1875 		2 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/cv/result/778089c6c9ee9950
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=778089c6c9ee9950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
br
server
cloudflare
cf-ray
778089da1d21928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
count.js
heraldlive.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldlive.disqus.com/count.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
29
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 09 Dec 2022 23:26:27 GMT
Server
nginx
ETag
"6393c423-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
ZC5POBQ48HaEmZmDXD6HJogQ_nZBjMytBIubQvMsaWsXLHYYNC1Okw==
tRaiETqnLgj758hTBazgd3xHTJEWR7OmUHrYFzIhCPxiXsVPgoL3g1QCp2jw8oLi.js
widget.surveymonkey.com/collect/website/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd3xHTJEWR7OmUHrYFzIhCPxiXsVPgoL3g1QCp2jw8oLi.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-31.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
invisible.js
www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 1875 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=778089c6c9ee9950
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ff96bf3f0e375e002a87c6a748cf154f872a9ebe837813d1173d635c925b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
778089da1d2e928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1317976740&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ul=en-us&de=UTF-8&dt=10%20most%20expensive%20toys%20for%20big%20boys%20%7C%20The%20Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1581789255&gjid=45582373&cid=558125199.1670786016&tid=UA-28980530-1&_gid=1038939516.1670786016&_r=1&gtm=2wgbu0N3HF3JF&z=1159479627
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
disqus.com/embed/comments/ Frame 9819 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eaed0694a91d758d18f41c404efb77d2ba6244d4e306b9d20fe3ef9ffffef101
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3007
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sun, 11 Dec 2022 19:13:36 GMT
ETag
W/"lounge:view:1616299725.822786e5e38ae3eec6d29f98a70defe6.2"
Last-Modified
Sun, 06 Nov 2022 09:32:36 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
/
tempest.services.disqus.com/ads-iframe/aniview/ 		31 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/aniview/?position=top&shortname=heraldlive&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23000000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&disqus_version=current
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
46a69da0b58713603c4ab10e0ed047a009145a17284ebd7f4752684bf54e9fdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Content-Encoding
gzip
Server
openresty
Vary
Accept-Encoding,
transfer-encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
/
tempest.services.disqus.com/ads-iframe/google/ 		29 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/google/?position=bottom&shortname=heraldlive&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23000000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&disqus_version=current
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
a9092e468d85fbabb16b57cd616659d6c5ebdfee3a97698a1941ee6b94ca76bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Content-Encoding
gzip
Server
openresty
Vary
Accept-Encoding,
transfer-encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=m1lnd7vev2dn&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=heraldlive&zone=thread&version=dada105c7d77e39822242c0ceb7f6732&page_url=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=1725957
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=m1lnd7vev2dn&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=heraldlive&zone=thread&version=dada105c7d77e39822242c0ceb7f6732&page_url=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=1725957
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
count-data.js
heraldlive.disqus.com/ 		298 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldlive.disqus.com/count-data.js?2=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a7081a22bd4f8d4d25e5d14bef1d8e273b1e88952f74c6102b22e67237af9d2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
298
X-XSS-Protection
1; mode=block
truncated
/ Frame 00B7 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu9GkMQz9OQMYCxRymmmpeXemP5TTaML045-J8kthA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 00B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu9GkMQz9OQMYCxRymmmpeXemP5TTaML045-J8kthA=s68-c-k-c0x00ffffff-no-rj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
385ad77259ca03879af9a51eeec61d0851864a3d4986a36a159dd3b4898fd1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 16:39:29 GMT
x-content-type-options
nosniff
age
9247
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3103
x-xss-protection
0
server
fife
etag
"v1b3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 12 Nov 2022 17:25:15 GMT
default.webp
i.ytimg.com/vi_webp/e71ezSmiSyc/ Frame 00B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/e71ezSmiSyc/default.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce5818232ce656ed91f90245af447c1168b8311fcd87ae6ea3e84a9a159d003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 17:42:33 GMT
x-content-type-options
nosniff
age
5463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3202
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 11 Dec 2022 19:42:33 GMT
Untitled-42-1-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/08/Untitled-42-1-100x100.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c55d3cd87b519263413bc45cf0a1830a650d5e68d52f226189df5afd55ea50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 31 Aug 2022 16:27:20 GMT
server
cloudflare
cf-polished
origFmt=jpeg, origSize=566890
etag
"8a66a-5e78bf890309e"
vary
Accept
content-type
image/webp
cache-control
max-age=300
content-disposition
inline; filename="Untitled-42-1-100x100.webp"
accept-ranges
bytes
cf-ray
778089dabe6e928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3964
Tetrad-Bank-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/10/Tetrad-Bank-100x100.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be5ff9947e8bc864e5a43396923176a8b885de6ad720c6847269e94cd28b374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Oct 2022 19:24:46 GMT
server
cloudflare
etag
"3bc8-5eadb58759785"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089dabe74928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15304
Untitled-213.56j5j-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/12/ 		561 KB
561 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/12/Untitled-213.56j5j-100x100.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c288290453ddbd2788cd6a43c2a70891581bcc145ff9c94d43b1caf537e9632d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
MISS
last-modified
Thu, 08 Dec 2022 17:47:36 GMT
server
cloudflare
etag
"8c34c-5ef54a1eb67cc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089dabe76928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
574284
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/choice.js?timestamp=1670786015690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 18 Dec 2022 19:13:36 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.herald.co.zw
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/choice.js?timestamp=1670786015690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:dc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:23:19 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
3018
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 10 Nov 2022 18:23:42 GMT
server
AmazonS3
etag
W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
H8m7emCXEy494CUmvpfa4pVk1-vVf2ekHtUrE0TmzoM_6Wb1eWPI0A==
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 11 Sep 2022 02:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
7922108
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 30 Aug 2022 17:50:39 GMT
server
nginx
etag
"630e4def-ba2"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
Sfh5e18i5CTalk8rEpXrIXly5K7o34a7IMseaH_9hkgFQezI_65hmw==
expires
Mon, 11 Sep 2023 02:38:28 GMT
common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
c.disquscdn.com/next/recommendations/ 		0
88 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 01 Dec 2022 15:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
876301
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88904
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 30 Nov 2022 00:18:36 GMT
server
nginx
etag
"6386a15c-15b48"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
xnk_doI7tgNe1Yazee04iZZ7MTU_5q02wMy7mIRt6eaSQWnhZ8S1SQ==
expires
Fri, 01 Dec 2023 15:48:35 GMT
recommendations.bundle.540d77a9b22358647ed01c5c9f5cd435.js
c.disquscdn.com/next/recommendations/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.540d77a9b22358647ed01c5c9f5cd435.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 06 Dec 2022 22:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
420178
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20312
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 06 Dec 2022 22:10:19 GMT
server
nginx
etag
"638fbdcb-4f58"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
JwBm-ze6IRGn8YVDGPvYORjHajoQ_6ONVj8Gcg53sv76kATig2QNzA==
expires
Wed, 06 Dec 2023 22:30:38 GMT
config.js
disqus.com/next/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
33
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
16911
X-XSS-Protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28980530-1&cid=558125199.1670786016&jid=1581789255&gjid=45582373&_gid=1038939516.1670786016&_u=YEBAAEAAAAAAACAAI~&z=811102937
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Dec 2022 19:13:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.herald.co.zw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8208d620893b885a91778378cf304bd40c73decf639ee1ec487e91804907ecbf

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 03:00:36 GMT
x-amz-version-id
KZ_abct9fxSnQsZ4cInZdlEfLgTLD6XT
content-encoding
br
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
58381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 30 Nov 2022 19:52:29 GMT
server
AmazonS3
etag
W/"8980f3096e8d1a15cdb9518354d546f7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
mHeySheMhnBbSC8CjTw1OPggbwrppwb1L4hk9gKSSdZiNjl6wt98Zw==
pica.js
www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1875 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b914d95fb3b7569bb01c6460730d8885057e2a89547436c22573e0e0866240

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
778089db7fd6928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lounge.load.dada105c7d77e39822242c0ceb7f6732.js
c.disquscdn.com/next/embed/ Frame 9819 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.dada105c7d77e39822242c0ceb7f6732.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
12d0d6781cbe475fd2fe751a8d5318a5f8ae1ec43e408b2ff6a3f69eca28d1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 09 Dec 2022 19:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
173512
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
492
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 08 Dec 2022 23:13:29 GMT
server
nginx
etag
"63926f99-1ec"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ScX0FsD51XXXyhS8UV864ieYuRgv-SHtjCwdz7a12dsOzT6bxzYh5A==
expires
Sat, 09 Dec 2023 19:01:44 GMT
rules-p-qcGGj0TBhxAVc.js
rules.quantcount.com/ 		160 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-qcGGj0TBhxAVc.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83b8b3b6be1d2dd637e73451d922f78b4e3af8c3b725b315dcb1257450eab5bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:05:07 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2750
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 06:45:32 GMT
server
AmazonS3
etag
"caebc4a6985a5632400b9e9f8a4b01b9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
YpFl-wbaXxWjbveJYoE6h6S4jkZSO7jJ6V331E6KD5JejhNolrhGAA==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28980530-1&cid=558125199.1670786016&jid=1581789255&_u=YEBAAEAAAAAAACAAI~&z=776290873
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28980530-1&cid=558125199.1670786016&jid=1581789255&_u=YEBAAEAAAAAAACAAI~&z=776290873
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
c.disquscdn.com/next/embed/ Frame 9819 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.dada105c7d77e39822242c0ceb7f6732.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
278f7c9d80a080385d0ac988d5dc97b7ec33d0ae378a4d8ae58afb6f03cb156d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 01 Dec 2022 15:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
876297
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94892
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 30 Nov 2022 00:18:36 GMT
server
nginx
etag
"6386a15c-172ac"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
P9KwrlL6mN2DsLHmsNKAdnMUO8exxOiHq444xXjqWEoCe3R2oVfLKw==
expires
Fri, 01 Dec 2023 15:48:39 GMT
/
disqus.com/recommendations/ Frame 8467 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=heraldlive&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
873a2a19dcfb158c552119466fb5b6e4bc286b2c983c1ff9b51038e996544547
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2509
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sun, 11 Dec 2022 19:13:36 GMT
Last-Modified
Sun, 06 Nov 2022 09:32:36 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
/
tempest.services.disqus.com/ads-iframe/google/ 		29 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/google/?position=recommendations&shortname=heraldlive&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23000000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&disqus_version=current
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ede5765143e80285cb1b66e247b53c33b86bc53c5ced82c50c14b98ce1502359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Content-Encoding
gzip
Server
openresty
Vary
Accept-Encoding,
transfer-encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
event.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=m1lnrkgkmncr&experiment=network_default&variant=fallthrough&service=dynamic&area=recommendations&product=recommendations&forum=heraldlive&zone=thread&version=45d803678709df462a062a65814e3d01&page_url=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=1725957
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
cmp2ui-en.js
cmp.quantcast.com/tcfv2/45/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.herald.co.zw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 10:31:42 GMT
content-encoding
br
via
1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
31315
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Nov 2022 18:23:24 GMT
server
AmazonS3
etag
W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
gZYRw5Pq6Wy7FGLhnaJoaPLX9Q39sxxxnuyM45jymJr9LtQTkZ27Og==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		350 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.herald.co.zw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be4ccf6f0f6b7abd06c20fafd905b6f0a4b0bc521a9189ec1fe19eb38dcd9582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 03:00:39 GMT
content-encoding
br
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
58378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 11 Dec 2022 03:00:33 GMT
server
AmazonS3
etag
W/"f4313acb56a2e62fd3bead72cb60cc84"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
xWUSCRg0MEwSf9XrQE2dBDvfAVuU_FPg_-2uEnE0bG9IPQFSmTliZQ==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame 3EC7 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
511d418bc0e0a2f62bcd855820981c21c19ad44d6d23fcfe3965ad12127d1161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 16:18:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=89236
accept-ranges
bytes
content-length
77322
expires
Mon, 12 Dec 2022 20:00:53 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/ Frame 3EC7 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.5.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-5-57.sof50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd48609b2f3db4ab7f3bf9b77a44218855d9f03519af9f3a284d81144c1dacd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
0WvQHC.ZzXUD9yRYfFAQHp8EswPj3dDW
content-encoding
gzip
via
1.1 afbd7cb497ba4f75e65480f5d1f3bcfa.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 07:58:50 GMT
x-amz-cf-pop
SOF50-C1
age
40487
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Tue, 01 Nov 2022 18:12:07 GMT
server
AmazonS3
etag
W/"e08baffa21be668d25a6bc0d82051061"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
BPZzRhwxFNPGXurtUL0peqlyHPF4TIavDJ025PkvZZ9948vO6XyPtA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3EC7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1419 / 897 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 11 Dec 2022 19:13:36 GMT
prebid.7.26.0.js
s.disquscdn.com/prebid/ Frame 3EC7 		410 KB
411 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.disquscdn.com/prebid/prebid.7.26.0.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1c00:d:6d12:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e9e3f1ce2542e569308abe5f833f0e1a0f18da64fb13b4ca6547bee5920ad78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
.gfBHBLOVfts4RlLwozCoi.aw5iWzOxg
date
Sun, 11 Dec 2022 09:42:51 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 09:33:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
34246
etag
"61df20d9d4bc14d6e2f0eb1926410ff5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
420218
x-amz-cf-id
8LhTv9f60nKze-4hSWy-znXzjBDes9Lr3Pz65V8iAhauBHhbzuquqg==
spt
tg1.aniview.com/api/adserver/ Frame 3EC7 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=61b3b33ac58a257d035ed467&AV_PUBLISHERID=616704c962b31624e671e171&AV_CUSTOM1=top
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
471d9c51614415966135826ef532bb6a3fa995f1180f81651b46480168ad59dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4888
Expires
Sun, 11 Dec 2022 19:18:36 GMT
711970.gif
id.rlcdn.com/ Frame 3EC7 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711970.gif
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame 5337 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
511d418bc0e0a2f62bcd855820981c21c19ad44d6d23fcfe3965ad12127d1161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 16:18:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=89236
accept-ranges
bytes
content-length
77322
expires
Mon, 12 Dec 2022 20:00:53 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/ Frame 5337 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.5.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-5-57.sof50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd48609b2f3db4ab7f3bf9b77a44218855d9f03519af9f3a284d81144c1dacd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
0WvQHC.ZzXUD9yRYfFAQHp8EswPj3dDW
content-encoding
gzip
via
1.1 afbd7cb497ba4f75e65480f5d1f3bcfa.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 07:58:50 GMT
x-amz-cf-pop
SOF50-C1
age
40487
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Tue, 01 Nov 2022 18:12:07 GMT
server
AmazonS3
etag
W/"e08baffa21be668d25a6bc0d82051061"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
6kfhNKz2Hst6e4Iku4_5DNdUldVVFwQVKWQN2lmYK-OFltHcmg_vtA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5337 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27544
x-xss-protection
0
server
sffe
etag
"1419 / 424 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 11 Dec 2022 19:13:36 GMT
prebid.7.26.0.js
s.disquscdn.com/prebid/ Frame 5337 		410 KB
411 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.disquscdn.com/prebid/prebid.7.26.0.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1c00:d:6d12:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e9e3f1ce2542e569308abe5f833f0e1a0f18da64fb13b4ca6547bee5920ad78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
.gfBHBLOVfts4RlLwozCoi.aw5iWzOxg
date
Sun, 11 Dec 2022 09:42:51 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 09:33:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
34246
etag
"61df20d9d4bc14d6e2f0eb1926410ff5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
420218
x-amz-cf-id
9Sf7Uv1dKsxwz2nQxkA0v3q2aoDEX7m4gayw1r-3JZ_O6A1lhGzKFA==
711970.gif
id.rlcdn.com/ Frame 5337 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711970.gif
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
c.disquscdn.com/next/embed/styles/ Frame 9819 		202 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
75f956d1290310423d4152cc0988ec12b97fb4bb3338a8e8546bf1ec205dc3a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 09 Dec 2022 19:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
173512
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
30724
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 08 Dec 2022 23:13:29 GMT
server
nginx
etag
"63926f99-7804"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
zpiconySp0i1_Jtk6fvdm43BSbaTI1UENPPe2W780SgoD0eWOjra2Q==
expires
Sat, 09 Dec 2023 19:01:44 GMT
lounge.bundle.5018287d05b2fa3bc388022cb540d0b3.js
c.disquscdn.com/next/embed/ Frame 9819 		504 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.5018287d05b2fa3bc388022cb540d0b3.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d38131b25cf8046eea120b271d661da4e1b47e95c52f82eb34a9ab7bb90ee883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 08 Dec 2022 17:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
265267
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
128803
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 08 Dec 2022 17:26:42 GMT
server
nginx
etag
"63921e52-1f723"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
nrCZqzGzKxEkkmUogumIe-Ppt1Z_rkEKxxkz8C-QzBx1HSzT6A2hsg==
expires
Fri, 08 Dec 2023 17:32:29 GMT
config.js
disqus.com/next/ Frame 9819 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e5c15580c6b9b0db29719a0db5a12864ffaeace46e7a7bd9ef3944e90ddc5aa
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
33
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
16911
X-XSS-Protection
1; mode=block
recommendations.load.45d803678709df462a062a65814e3d01.js
c.disquscdn.com/next/recommendations/ Frame 8467 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.45d803678709df462a062a65814e3d01.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=heraldlive&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e54bda451bb81f99cf473297523f48b6c313510fee73931956737575456ab9fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 06 Dec 2022 22:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
420178
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
447
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 06 Dec 2022 22:10:19 GMT
server
nginx
etag
"638fbdcb-1bf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
zG4hiPebBAuMTbrOiC8_fD9OElq-WGeKzrDXmm5WvwextdKhE04zGw==
expires
Wed, 06 Dec 2023 22:30:38 GMT
details
disqus.com/api/3.0/forums/ Frame 9819 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=heraldlive&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6dd0bd4924a2cd12ee7c955bcb3718e4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41dd1df11fb9e3918ebd11e740541164aa5171425faad3bbe13c021b1af60670
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3387
X-XSS-Protection
1; mode=block
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame 3E33 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
511d418bc0e0a2f62bcd855820981c21c19ad44d6d23fcfe3965ad12127d1161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 16:18:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=89236
accept-ranges
bytes
content-length
77322
expires
Mon, 12 Dec 2022 20:00:53 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/ Frame 3E33 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.5.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-5-57.sof50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd48609b2f3db4ab7f3bf9b77a44218855d9f03519af9f3a284d81144c1dacd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
0WvQHC.ZzXUD9yRYfFAQHp8EswPj3dDW
content-encoding
gzip
via
1.1 afbd7cb497ba4f75e65480f5d1f3bcfa.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 07:58:50 GMT
x-amz-cf-pop
SOF50-C1
age
40487
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Tue, 01 Nov 2022 18:12:07 GMT
server
AmazonS3
etag
W/"e08baffa21be668d25a6bc0d82051061"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
3t99py1bpsK2WTtl2pKE0_LFfeNdfGBpEjzYW4AXipR1AGAEoC64wQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3E33 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1419 / 815 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 11 Dec 2022 19:13:36 GMT
prebid.7.26.0.js
s.disquscdn.com/prebid/ Frame 3E33 		410 KB
411 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.disquscdn.com/prebid/prebid.7.26.0.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1c00:d:6d12:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e9e3f1ce2542e569308abe5f833f0e1a0f18da64fb13b4ca6547bee5920ad78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
.gfBHBLOVfts4RlLwozCoi.aw5iWzOxg
date
Sun, 11 Dec 2022 09:42:51 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 09:33:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
34246
etag
"61df20d9d4bc14d6e2f0eb1926410ff5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
420218
x-amz-cf-id
IscZ-O0ZVXTPMKPTF6w4Zz7lWoNqzKlB2RMo1auowZdcPd8Lh3N6ng==
711970.gif
id.rlcdn.com/ Frame 3E33 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711970.gif
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/recommendations.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
c.disquscdn.com/next/recommendations/ Frame 8467 		262 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.45d803678709df462a062a65814e3d01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6b14bffa5a0f903538cbde31fe3455a23f8515152156fdf8a21aeb131b89dd54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 01 Dec 2022 15:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
876301
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88904
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 30 Nov 2022 00:18:36 GMT
server
nginx
etag
"6386a15c-15b48"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
cV2QQRAl66toDdtTxXPPUciAkU8r6MOWodX23MWmIpfyezC5OUZPqQ==
expires
Fri, 01 Dec 2023 15:48:35 GMT
noavatar92.png
a.disquscdn.com/1668443441/images/ Frame 9819 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1668443441/images/noavatar92.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
strict-transport-security
max-age=300; includeSubdomains
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
2087775
etag
"60395f01-66c"
content-type
image/png
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
content-length
1644
x-amz-cf-id
7QwFgPyASiEVt0NIdz5ME2PvHxKMS7x8AqBlBg3Ewx1VdkF_6TruvQ==
x-xss-protection
1; mode=block
expires
Sat, 17 Dec 2022 15:17:21 GMT
truncated
/ Frame 9819 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
herald_logo.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2017/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2017/11/herald_logo.jpg
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbe2702bfe6db30bcfd2ae6030e8c65ca767693fc3cb972c08fe11647c83836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Dec 2017 07:39:26 GMT
server
cloudflare
age
2
cf-polished
origSize=5104, status=webp_bigger
etag
"13f0-55f4277cda780"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089de5e13928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4980
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22qcGGj0TBhxAVc%22%2C%22domain%22%3A%22www.herald.co.zw%22%2C%22publisher%22%3A%22The%20Herald%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22xsHNnoiwM5ckxqduy%2BoC2A%22%2C%22clientTimestamp%22%3A1670786016997%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-bvn51one80xt1nh3ctif%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 11 Dec 2022 19:13:37 GMT
content-length
2
content-type
text/plain; charset=utf-8
778089c6c9ee9950
www.herald.co.zw/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1875 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/cv/result/778089c6c9ee9950
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=778089c6c9ee9950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
br
server
cloudflare
cf-ray
778089e02a13928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 9819 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 28 Apr 2022 14:37:41 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
19629356
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 26 Apr 2022 19:12:12 GMT
server
nginx
etag
"6268440c-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
D0uws4YhcEoUjjXUE4U5cScSConriMk_ug3VFV1kMfOTMkVHAq6dmA==
expires
Fri, 28 Apr 2023 14:37:41 GMT
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 9819 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 03 Feb 2022 04:58:07 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
26921730
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 26 Jan 2022 21:59:15 GMT
server
nginx
etag
"61f1c433-b9b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
PsXaXG_oEUDfDLco9pEV00T0_7W4AvM1sOPkzVlxe__mqNAHrLUCBQ==
expires
Fri, 03 Feb 2023 04:58:07 GMT
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 9819 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 20 Sep 2022 11:48:31 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
7111506
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 16 Sep 2022 08:34:41 GMT
server
nginx
etag
"63243521-6e3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rThwK9nY9au5dUhmShCaMzIll8YO4CaVIWL6ARJdMyRINsDtY94OCQ==
expires
Wed, 20 Sep 2023 11:48:31 GMT
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 9819 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.56ee1ee1b2f8109c8e5779c47a5ec128.css
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 28 Aug 2022 00:45:29 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
9138488
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 26 Aug 2022 22:07:42 GMT
server
nginx
etag
"6309442e-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mdIDKoNyMQYIUyvi9zpSVojmOEwqd9Llwu00N6Qvwa0ks7FbDeNo8Q==
expires
Mon, 28 Aug 2023 00:45:29 GMT
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 05 May 2022 15:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
19021687
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 26 Apr 2022 19:12:12 GMT
server
nginx
etag
"6268440c-67d2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
45OEzDiC2rvvz8lrkePNtvSOiKHoYFFgrZtvvV8kPQKBgXsUj4iDCA==
expires
Fri, 05 May 2023 15:25:30 GMT
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.present
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.no_consent
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
event.gif
referrer.disqus.com/juggler/ Frame 9819 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=283&event=init_embed&thread=1616299725&forum=heraldlive&forum_id=1725957&imp=m1lnd7vev2dn&thread_slug=10_most_expensive_toys_for_big_boys&user_type=anon&referrer=https%3A%2F%2Fwww.herald.co.zw%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=heraldlive&t_i=11357%20http%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_e=10%20most%20expensive%20toys%20for%20big%20boys&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
launchpad.bundle.js
launchpad.privacymanager.io/1/ Frame 3EC7 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
gzip
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 18:23:24 GMT
x-amz-cf-pop
FRA56-C2
age
3014
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
78DoQFMPjxe6PXm7DN_mMCQmGqXm0TMrykUkylcD7MjEkT7EQqMuOw==
main.js
onetag-sys.com/ Frame 3EC7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/main.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
69a7ce821ff802110f6298791556d67f6122b95ebc3fb792ce6e6a404aabdb53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/javascript
strict-transport-security
max-age=15552000
content-encoding
gzip
content-length
2778
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
launchpad.bundle.js
launchpad.privacymanager.io/1/ Frame 5337 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
gzip
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 18:23:24 GMT
x-amz-cf-pop
FRA56-C2
age
3014
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
NMfxrpNjwMdJYmAL94JXenf9IsTsbaV7PQY_gWXmOZs21S9cNaLRwA==
main.js
onetag-sys.com/ Frame 5337 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/main.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
16034fd960c5b9298ccb02e7647c07a7b14b19baf4f3f29b2c136442a0a3103f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/javascript
strict-transport-security
max-age=15552000
content-encoding
gzip
content-length
2785
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
launchpad.bundle.js
launchpad.privacymanager.io/1/ Frame 3E33 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
gzip
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 18:23:24 GMT
x-amz-cf-pop
FRA56-C2
age
3014
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
5kfMjZ7HpZVpTt_pq7ZjU_8A5Rwf-CBg0de47Wb3WdVcvtvynYyjXA==
main.js
onetag-sys.com/ Frame 3E33 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/main.js
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
23b2c6b25291b6b697e6573941c539493aa676801037a83dc112a52006d54949
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/javascript
strict-transport-security
max-age=15552000
content-encoding
gzip
content-length
2782
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 3EC7 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 15:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Dec 2023 15:34:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 3EC7 		143 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.herald.co.zw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657fbcccc7c4e8c29302e0b4b6497213c90de400f099a5fd9f494461d07c092f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:37 GMT
player.js
player.aniview.com/script/6.1/ Frame 3EC7 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=61b3b33ac58a257d035ed467&AV_PUBLISHERID=616704c962b31624e671e171&AV_CUSTOM1=top
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b92ef9d951462eb871bce25c07ce90de0addb35e85c15f50ab706f14df5ed9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu4S7DpQxc9dBfZIn0-Vn8acrS4zI0438hS99_3pdfK5h_79PWe3e4_AguL_vbUROmwTo-nfAPOiNOvqgXkGk9stw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
10002
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"f94227624d3fd23564515992d023bedf"
vary
Accept-Encoding
x-goog-generation
1670761818362707
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=yiUOJw==, md5=+UInYk0/0jVkUVmS0CO+3w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
10002
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:23:37 GMT
track
track1.aniview.com/ Frame 3EC7 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=616704c962b31624e671e171&cid=61b3b30a8e8e3a41297346d6&cb=1670786017572&r=www.herald.co.zw&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d65=Control&e=playerLoaded
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
j
rp4.liadm.com/ Frame 3EC7
Redirect Chain
  • https://rp.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=16707...
  • https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670...
13 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017590&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Protocol
H2
Server
52.207.92.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-92-75.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
x-pixel-event-id
0d62e012-b572-429f-9406-96bb49ec26d1
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
0859f2767212d703
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Sun, 11 Dec 2022 19:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017590&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
access-control-allow-origin
https://www.herald.co.zw
request-time
0
access-control-allow-credentials
true
trace-id
574699c79329f79b
content-length
0
x-xss-protection
1; mode=block
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 5337 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 12:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Dec 2023 12:48:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 5337 		143 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.herald.co.zw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657fbcccc7c4e8c29302e0b4b6497213c90de400f099a5fd9f494461d07c092f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:37 GMT
Untitled-42-1-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/08/Untitled-42-1-100x100.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c55d3cd87b519263413bc45cf0a1830a650d5e68d52f226189df5afd55ea50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
HIT
age
0
cf-polished
origFmt=jpeg, origSize=566890
content-disposition
inline; filename="Untitled-42-1-100x100.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3964
cf-bgj
imgq:100,h2pri
last-modified
Wed, 31 Aug 2022 16:27:20 GMT
server
cloudflare
etag
"8a66a-5e78bf890309e"
vary
Accept
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089e23ea3928d-FRA
Tetrad-Bank-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/10/Tetrad-Bank-100x100.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7180d62c7a773a5eb7ca3c47192661f27c3663386092c3fce5de967c098467b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
HIT
age
0
cf-polished
origFmt=jpeg, origSize=15304
content-disposition
inline; filename="Tetrad-Bank-100x100.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5358
cf-bgj
imgq:100,h2pri
last-modified
Wed, 12 Oct 2022 19:24:46 GMT
server
cloudflare
etag
"3bc8-5eadb58759785"
vary
Accept
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089e23ea8928d-FRA
j
rp4.liadm.com/ Frame 5337
Redirect Chain
  • https://rp.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=16707...
  • https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670...
13 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017646&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
Protocol
H2
Server
52.207.92.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-92-75.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
x-pixel-event-id
388e886e-e475-489b-ab3c-d310c11929ac
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
4836ea08216788fb
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Sun, 11 Dec 2022 19:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017646&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
access-control-allow-origin
https://www.herald.co.zw
request-time
0
access-control-allow-credentials
true
trace-id
40b1687baaa46a17
content-length
0
x-xss-protection
1; mode=block
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 3E33 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 15:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Dec 2023 15:34:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 3E33 		143 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.herald.co.zw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657fbcccc7c4e8c29302e0b4b6497213c90de400f099a5fd9f494461d07c092f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:37 GMT
j
rp4.liadm.com/ Frame 3E33
Redirect Chain
  • https://rp.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=16707...
  • https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670...
13 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017680&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
Protocol
H2
Server
52.207.92.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-92-75.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
x-pixel-event-id
cae12fc6-e51d-4092-be94-1879f0be34ce
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
e37d08e0729a0edc
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Sun, 11 Dec 2022 19:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?wpn=prebid&us_privacy=1---&gdpr=0&pu=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&se=e30&dtstmp=1670786017680&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
access-control-allow-origin
https://www.herald.co.zw
request-time
0
access-control-allow-credentials
true
trace-id
5930497baef6e046
content-length
0
x-xss-protection
1; mode=block
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 8467 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 11 Sep 2022 02:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
7922109
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 30 Aug 2022 17:50:39 GMT
server
nginx
etag
"630e4def-ba2"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
vPZsQPKu541dWEBALdGFrSv7iNABUIt9vZP23Kmk2djew5SPz64srg==
expires
Mon, 11 Sep 2023 02:38:28 GMT
log_event
www.youtube.com/youtubei/v1/ Frame B091 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
X-Goog-Request-Time
1670786017716
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/8qz1CmZwxcc
X-YouTube-Client-Version
1.20221206.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtvZVhuN1JrTjB4cyje19icBg%3D%3D
X-YouTube-Ad-Signals
dt=1670786014821&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C189&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:37 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=8.635855102323521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-42.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
OpIGLU9w7I7PLUH49yii5iQVJUbrg1-mM5XzcKLhNfNeXUTgUynwGw==
pixel.gif
cdn.viglink.com/images/ 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=8.635855102323521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-42.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
SBvGmfWi8artLV1iP4VCUJj4PmyG24mW4ISEGsWPbBOR8GZvH3oIaA==
recommendations.bundle.540d77a9b22358647ed01c5c9f5cd435.js
c.disquscdn.com/next/recommendations/ Frame 8467 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.540d77a9b22358647ed01c5c9f5cd435.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8dd28e7681ada525cd32f48f07ae01c558153b1cdecf40c597478621b2988043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 06 Dec 2022 22:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
420179
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20312
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 06 Dec 2022 22:10:19 GMT
server
nginx
etag
"638fbdcb-4f58"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
gwncxXmSlsx6PxjISO_Al5_y9elnvacnbYdTGNKZq0APEiJD7vN7Pg==
expires
Wed, 06 Dec 2023 22:30:38 GMT
config.js
disqus.com/next/ Frame 8467 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e5c15580c6b9b0db29719a0db5a12864ffaeace46e7a7bd9ef3944e90ddc5aa
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=heraldlive&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:37 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
33
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
16911
X-XSS-Protection
1; mode=block
/
geo.privacymanager.io/ Frame 3EC7 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 00:53:04 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
66033
x-amzn-requestid
3ec8a9ee-cead-4db6-ba9c-dcd247933fc4
x-amzn-trace-id
Root=1-639529f0-1e726b3f50ca1a1b45928f13;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
c9N9iGOzjoEFnYw=
content-length
30
x-amz-cf-id
kjab3zMALMG4XzZkc70wQK_Ke1klW7JivjHeoNH1ie6v6jNQmtfGSg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 11 Dec 2022 19:13:37 GMT
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-apigw-id
c_vLUGCLjoEF4Lw=
x-amz-cf-id
KeXU_Unodg_3-rILwi-qYvQdIfeeL7mqFcV09U3QZvq9cXT266cKhw==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
33674eb4-3125-4596-9ded-c0a659b50f96
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ Frame 5337 		30 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 00:53:04 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
66033
x-amzn-requestid
3ec8a9ee-cead-4db6-ba9c-dcd247933fc4
x-amzn-trace-id
Root=1-639529f0-1e726b3f50ca1a1b45928f13;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
c9N9iGOzjoEFnYw=
content-length
30
x-amz-cf-id
SAfGbPGX9gJ413sWcljeOaihiK7M8wW6AdAlGVYU95Wgp820JzuiwA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 11 Dec 2022 19:13:37 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-apigw-id
c_vLUGAAjoEFd2g=
x-amz-cf-id
1KGj9d60sTIgQkY_tNSiEUddjyznvRe4yHNtoRslS5MHygFZCJtewA==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
261f928a-84d5-4ba6-9338-a78f9411f674
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ Frame 3E33 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 00:53:04 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
66033
x-amzn-requestid
3ec8a9ee-cead-4db6-ba9c-dcd247933fc4
x-amzn-trace-id
Root=1-639529f0-1e726b3f50ca1a1b45928f13;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
c9N9iGOzjoEFnYw=
content-length
30
x-amz-cf-id
4qgRxgjkYa_dNrBQP-2jAqvC5CRoZ5s1Of_Bc0UxvOgcQhtJhpEl3g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 11 Dec 2022 19:13:37 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-apigw-id
c_vLUEjCjoEFz9w=
x-amz-cf-id
z9XYRJ5j_LwMD2PO_tUbB5ptU7DSO_PBw7EcCnds6umYWJOfPQnXdg==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
77e94532-5228-4ed8-92ef-14bef0c0e6b9
x-cache
Miss from cloudfront
Untitled-42-1-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/08/Untitled-42-1-100x100.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c55d3cd87b519263413bc45cf0a1830a650d5e68d52f226189df5afd55ea50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
HIT
age
0
cf-polished
origFmt=jpeg, origSize=566890
content-disposition
inline; filename="Untitled-42-1-100x100.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3964
cf-bgj
imgq:100,h2pri
last-modified
Wed, 31 Aug 2022 16:27:20 GMT
server
cloudflare
etag
"8a66a-5e78bf890309e"
vary
Accept
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089e2f81e928d-FRA
Tetrad-Bank-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/10/Tetrad-Bank-100x100.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7180d62c7a773a5eb7ca3c47192661f27c3663386092c3fce5de967c098467b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
cf-cache-status
HIT
age
0
cf-polished
origFmt=jpeg, origSize=15304
content-disposition
inline; filename="Tetrad-Bank-100x100.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5358
cf-bgj
imgq:100,h2pri
last-modified
Wed, 12 Oct 2022 19:24:46 GMT
server
cloudflare
etag
"3bc8-5eadb58759785"
vary
Accept
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089e2f823928d-FRA
AVmanager.js
player.aniview.com/script/6.1/ Frame 0E39 		426 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1ce08d6b57f8d244f2095b56c5fd51852d633eecb72323149be49670ff0a567e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduQriInbIBYB77pVhL-_aJ_SAX1-GGyMz6apv84ePYhTn8BgLddXbJJZpHQf0jGSpAlvAa7QkSbr6fiMdvKkum-Lw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
116956
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"27fa9874fd956e1aa8529e9ff0b24a1a"
vary
Accept-Encoding
x-goog-generation
1670761818167232
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=59DBbA==, md5=J/qYdP2VbhqoUp6f8LJKGg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
116956
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:23:37 GMT
details
disqus.com/api/3.0/forums/ Frame 8467 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=heraldlive&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41dd1df11fb9e3918ebd11e740541164aa5171425faad3bbe13c021b1af60670
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=heraldlive&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:37 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
1
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3387
X-XSS-Protection
1; mode=block
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 8467 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=heraldlive&thread=url%3Ahttps%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.57ff60ef3dfb240c302805882f9ab7a8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ab0541f166cb321300a8e6f85299aa1de278c5f14a5feab547a7c5aed2ffdad
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=heraldlive&t_u=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&t_d=10%20most%20expensive%20toys%20for%20big%20boys&t_t=10%20most%20expensive%20toys%20for%20big%20boys
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:38 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
6122
X-XSS-Protection
1; mode=block
truncated
/ Frame 3EC7 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3EC7 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=61b3b33ac58a257d035ed467&AV_PUBLISHERID=616704c962b31624e671e171&AV_CUSTOM1=top&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&AV_CHANNELID=61b3b30a8e8e3a41297346d6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.herald.co.zw&AV_DADPOS=3&AV_TAG=61b3b33ac58a257d035ed467&AV_TEMPLATE=62cd682a22f05376446af2a4&d36=6.2.67&responsive=1&sver=3&avtoken=17993&omv=1.0.1&AV_D65=Control&clsid=f9b6588e-b41e-41c0-b95b-f625f8afd6c2&rando=58&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1670786017996&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.177.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-177-246.compute-1.amazonaws.com
Software
/
Resource Hash
fd6e54a3a5a61eba26926c464c964861f767f2578ca6d9ec1c4ccca32d8316f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 30 Nov 2022 05:26:58 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.herald.co.zw&sn=&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.67&apppkg=&fv=3&proto=https&d65=Control&clsid=f9b6588e-b41e-41c0-b95b-f625f8afd6c2&rando=58&pid=616704c962b31624e671e171&cid=61b3b30a8e8e3a41297346d6&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&e=inventory&vi=0&cb=1670786017995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Untitled-213.56j5j-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2022/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herald.co.zw/wp-content/uploads/sites/2/2022/12/Untitled-213.56j5j-100x100.jpg
Requested by
Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa3a32e18e58234d9e4060ee9e46876ed0aa8d1fe2f18336a4162eb51ce65054

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
cf-cache-status
HIT
age
1
cf-polished
origFmt=jpeg, origSize=574284
content-disposition
inline; filename="Untitled-213.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7182
cf-bgj
imgq:100,h2pri
last-modified
Thu, 08 Dec 2022 17:47:36 GMT
server
cloudflare
etag
"8c34c-5ef54a1eb67cc"
vary
Accept
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
778089e54ce1928d-FRA
ping
links.services.disqus.com/api/ 		357 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
031b0abdd27b7e25f24e6af06187d461d0ac1513628ba574b7de6ca919c66131

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.herald.co.zw
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
357
Expires
Thu, 01 Jan 1970 00:00:00 GMT
get
c.disquscdn.com/ Frame 8467 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2018%2F10%2FGeorge-Guvamatanga.jpg&key=wsYv92CxUH0bB6tkl20LuQ&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f04c269ba385c4f87a6729df8c4c3b15dd290370db95528db9768bec120e0d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 07 Dec 2022 07:18:46 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
388492
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
12632
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
G51fubJHZbXfzfz8WR2MEEswLr59wr6hEUdvh9H3W5AUvwJoxadP1Q==
expires
Fri, 06 Jan 2023 07:18:46 GMT
get
c.disquscdn.com/ Frame 8467 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2022%2F12%2FUntitled-6.jpg&key=rk5r6XRwxCB_fJBvQ_4z_A&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0be6db59bcace781feb9759376ca0290ab893d5d7d4893cdd494be6f2e04226e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 10 Dec 2022 03:21:15 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
143623
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
9553
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
FXqLcnmZvgYUyjEUjNEK4EWllB6VSLer4CgUxxQBs-zWhEhp2NzOEw==
expires
Mon, 09 Jan 2023 03:21:15 GMT
get
c.disquscdn.com/ Frame 8467 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2019%2F04%2Ffifa.jpg&key=f9BBxL-lzX8m4zkkahCq3w&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8cfc7bdd5249918e71b11dcc1a1484822608860408b38d5eb755db6666a73426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 10 Dec 2022 03:21:15 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
143543
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
14915
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
fNGgMZ2B8lNzf5BPSKEUF3WnGKqylz_c-LMMua8_iOBDme9IIBEgDw==
expires
Mon, 09 Jan 2023 03:21:15 GMT
get
c.disquscdn.com/ Frame 8467 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2022%2F09%2FUntitled-6-6.jpg&key=X79Mj9waVRyZg4AtN6lamg&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7d0c838bd0090cac51b8a3df902a832c1488c963b3ca587902582fa35064f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 08 Dec 2022 11:29:10 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
293063
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
12394
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
gbmPEbBvUt-Yyq3lhLSSWKvaODJ48pNhx_aw9q9mCe7Qy39bS3BLfA==
expires
Sat, 07 Jan 2023 11:29:10 GMT
get
c.disquscdn.com/ Frame 8467 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2022%2F08%2FWadyajena.jpg&key=tsNL1dnzJyf34wZCN5vG-Q&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c5929c6af60e3b72c6da5399fe88914d6dc62842be6d2fcf3b4beb67a8ae8e9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 10 Dec 2022 14:49:59 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
102219
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
9677
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
xoCCPiHTk-hH3_Ez63aJ1nHe-8Owd7XMKQzgsBxLIGUeNzApKOl79w==
expires
Mon, 09 Jan 2023 14:49:59 GMT
get
c.disquscdn.com/ Frame 8467 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2022%2F12%2FUntitled-46.jpg&key=BrYMSlt-BBTQPnNbwXCnag&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ffee454aea4bdf574dee5c2a6fd030a4cf029cf2900021002c7baffbb460209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 08 Dec 2022 08:58:31 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
296107
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
15230
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
dOS2xKwv1lvrtbuSg3CADDLiouxmtVF6a-unayIcctlBP5Ivw1nuuQ==
expires
Sat, 07 Jan 2023 08:58:31 GMT
get
c.disquscdn.com/ Frame 8467 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2021%2F12%2Fzimbabwe-flag.jpg&key=n6jCoTz7dHccmy_5GrWnQA&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
366beb0620a657ac6a964e6c74952bfbc34384c793617e7cd9757a5a5d43875e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 08 Dec 2022 11:29:33 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
287045
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
11434
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
177w0R37W02HFCy73cKQ_vvIEWFBWZCvVqwDM48cxEwc2MbStXbA5A==
expires
Sat, 07 Jan 2023 11:29:33 GMT
get
c.disquscdn.com/ Frame 8467 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.herald.co.zw%2Fwp-content%2Fuploads%2Fsites%2F2%2F2022%2F12%2Fjk.jk_.j.jpg&key=odXVTGTbXAJWjIIi7lFxZw&h=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0c06ffb011657b70ad72581ae6c1b9d7cd706af5f431341d4149d772c6a3b800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 08 Dec 2022 11:30:28 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
age
286990
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
15082
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
2x-DqkPsQxR9RoKXBsBVFerWXUG3uNRNyiEju4Oc6SxDexUKq7wHEQ==
expires
Sat, 07 Jan 2023 11:30:28 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 00B7 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
X-Goog-Request-Time
1670786018410
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/e71ezSmiSyc
X-YouTube-Client-Version
1.20221206.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt5TkpsWnh2SVROayje19icBg%3D%3D
X-YouTube-Ad-Signals
dt=1670786014829&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C169&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:38 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		41 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8ff45a49b6473537e28fedfb560b68a59055e6dfb29ced8ae460a17aa79dec70

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.herald.co.zw
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us
sync.go.sonobi.com/ Frame D5FC
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D52%26key%3DBUYERUID
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MD...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D14%26buyeruid%3D%24UID%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVz...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=8481611034023613484&r=Cg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3l...
0
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgC
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, private
Content-Length
0
Content-Type
text/plain; charset=utf8
Date
Sun, 11 Dec 2022 19:13:39 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Server
sonobi-go
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-76
X-Xss-Protection
0

Redirect headers

cache-control
no-store
content-length
0
date
Sun, 11 Dec 2022 19:13:39 GMT
expires
0
location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCg1sdnFpNmEyYTZ0ZWJhEP___________wEqfWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjcwNzg2MDE4MzU1LTk0Nzg5NzA2NjcwNy0wMDkyNTYtMDEyLTAwNTUyOCZiaWRkZXJuYW1lPTUyJmtleT1sdnFpNmEyYTZ0ZWJhMgIOEjgC
pragma
no-cache
vary
origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4655 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147047
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Dec 2022 19:13:38 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Dec 2022 12:04:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 51D7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=200&key=OPTOUT
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.192.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-192-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 11 Dec 2022 19:13:38 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 11 Dec 2022 19:13:38 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=200&key=OPTOUT
pragma
no-cache
services
sync.technoratimedia.com/ Frame 7101 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1670786018355-947897066707-009256-012-005528&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.herald.co.zw/
age
0
date
Sun, 11 Dec 2022 19:13:38 GMT
server
nginx
via
1.1 varnish
x-varnish
473136882
pixel
ap.lijit.com/ Frame 9585 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 11 Dec 2022 19:13:38 GMT
X-Sovrn-Pod
ad_ap3ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame CEC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sun, 11 Dec 2022 19:13:38 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame 95BA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Dec 2022 19:13:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 11 Dec 2022 19:13:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 1949
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=10&pid=59c9148628a0612da3689288&key=3vJLQpLdq2FB&ev=1&us_privacy=1---&pid=562704
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=10&pid=59c9148628a0612da3689288&key=3vJLQpLdq2FB&ev=1&us_privacy=1---&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.192.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-192-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 11 Dec 2022 19:13:38 GMT

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-574cff5bc6-gbm5v
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1670786018355-947897066707-009256-012-005528&biddername=10&pid=59c9148628a0612da3689288&key=3vJLQpLdq2FB&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
sync
t.adx.opera.com/pub/ Frame D900 		0
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 11 Dec 2022 19:13:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Tengine
cm
u.openx.net/w/1.0/ Frame F2B4 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Sun, 11 Dec 2022 19:13:38 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 3399 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsm81GEQMDRQ-pGIxAXWlinGzUWzGjU-qLOkTHkrPdXcqUUU9_oYPmMxahwdboa_j3JXC7l5zp8JNC2jtf7SuVnPg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55951
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"502321f1adef7589481d2670bf2ad31e"
vary
Accept-Encoding
x-goog-generation
1670761818566578
x-goog-hash
crc32c=kHIHgw==, md5=UCMh8a3vdYlIHSZwvyrTHg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
55951
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 11 Dec 2022 19:23:38 GMT
avpb7.12.0a6.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a6.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4d2d2f2900b4534d42501a7ba6a4d94f110c1c4d0dcfd5ff3da9d88c9382c0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsDX61JVEUBplHyBH_KoYF__yAQzbByk4qYmlytmW4eMcptatf7Whqy9MRlq98GpNbKi3yp_1bxA-nScv-yODlxyFX5QmHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
16350
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"9d7f3a47cfea17b3dbf0eb41267c4647"
vary
Accept-Encoding
x-goog-generation
1670761818783113
x-goog-hash
crc32c=XpHPeA==, md5=nX86R8/qF7Pb8OtBJnxGRw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
16350
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 11 Dec 2022 19:23:38 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt3mnbwnMRAXVma5YrmZ3lbf2shoYuyknci35nX9B6AWAjSwCTO7eQp8-rk2xr77qxf_XIwsyACKB7CsBU_idqZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"e1283b74cfbb1b0b9b3940799cf1128c"
vary
Accept-Encoding
x-goog-generation
1670761818771447
x-goog-hash
crc32c=VjGRog==, md5=4Sg7dM+7GwubOUB5nPESjA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 11 Dec 2022 19:23:38 GMT
avpb7.12.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c44be4b987d3b9a0394a04ecca2176548dee3a9282afd93aae45cfc3b03c82b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdukieCfSV3Jetfr3qys2zolboOlhDcU0y1Q2N8R8RLUmZre4d19ol7ww-g1kkAYsl4Yzsw6RvFMQv8WwRIKjR5W1g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21043
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"f7020628bf0de725d30e36a50e3629d6"
vary
Accept-Encoding
x-goog-generation
1670761818774202
x-goog-hash
crc32c=CP/eQw==, md5=9wIGKL8N5yXTDjalDjYp1g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21043
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 11 Dec 2022 19:23:38 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtY-1g17XF8KtX4T12K11PWfvTM8kfFOI41dBBNrXg6UXIqUfLS-O2xdD38bKRHtClmRhv_QWH8zAqMKeYyOYIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"1dde5992b668836584248b6af5b357e6"
vary
Accept-Encoding
x-goog-generation
1670761818777016
x-goog-hash
crc32c=ArciWw==, md5=Hd5ZkrZog2WEJItq9bNX5g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 11 Dec 2022 19:23:38 GMT
avpb7.12.0a7.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a7.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f08e45b5a5473b835f1959f5f427efb577c595b38e04dac76ed50f1883bb4f2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdspDsP3IkbRkydsjHwgbRxbJrkqvrvgIPTm1RJS6MxEv91KIXqRpNlFreChLFJgWlq7ikY0W6kYNRu92qqxzXgz9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20636
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"9b3dd7e1ee0c1bf81d8ccef7a5da98c5"
vary
Accept-Encoding
x-goog-generation
1670761818798586
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=J5XdEg==, md5=mz3X4e4MG/gdjM73pdqYxQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20636
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:23:38 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1670786018355-947897066707-009256-012-005528&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.50.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.50.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=20079&t=1670786018&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=29a575d3f6f15e14b65b16760ba51e68&d63=29a575d3f6f15e14b65b16760ba51e68&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.7&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=18979124996&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786018536&asid=6230ab4d65d68a55b20d1c04%2C61bcb59a2d801547d24be1f7%2C62bb0115edb3e92180502b68%2C61bcb604acdffc564d207864%2C6351cc26c6143e469022a594%2C63039ef2f6e12404830bebf4%2C61bcb66d7498382a84489d88%2C629dd7436a0f3879e8394cc6&ofpr=0.3%2C1%2C1%2C0.3%2C0.2%2C1%2C0.3%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4655 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54467208&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 95BA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa526ee31ee8aa7cdad348b3999171f50a35c811f1b87372b7415d1c8dfab359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Dec 2022 22:50:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12944
Connection
keep-alive
Content-Length
10065
Expires
Sun, 11 Dec 2022 22:49:22 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:38 GMT
server
ATS/9.1.10.25
prebid
ib.adnxs.com/ut/v3/ 		138 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0ae1f9b432af233b1fd908cae2a9dfc6992c39f79f336922bb6402d535635ae0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:38 GMT
AN-X-Request-Uuid
259655e5-c5ad-4fc4-b119-6e206e33370e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
6d128c29d14848d4417fd0e6540c33ecdacf1682ba73f418d044fdf800b8d50a

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b125c4bf7daecd2b77ed195fbec360e681aff6e78582d3567cecb8349b5bb759

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:38 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
cdb
bidder.criteo.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=97370819051&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
add680b93a2caf9a01ed8d2e06387105f7187601a2dcfa3f84f990f72d2bd356

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
avjp
disqus-d.openx.net/v/1.0/ 		106 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=85cb8206-d0e6-4beb-bdae-89725882a70e&nocache=1670786018804&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:38 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d87e24b744a8a0f33391ee8787681298534019d2ebfe0197af8ea6eef934db45

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:38 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
khaos.jpg
token.rubiconproject.com/ Frame 95BA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
go1.aniview.com/api/adserver/tag/ 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=61b3b33ac58a257d035ed467&AV_PUBLISHERID=616704c962b31624e671e171&AV_CUSTOM1=top&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&AV_CHANNELID=61b3b30a8e8e3a41297346d6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.herald.co.zw&AV_DADPOS=3&AV_TAG=61b3b33ac58a257d035ed467&AV_TEMPLATE=62cd682a22f05376446af2a4&d36=6.2.67&responsive=1&sver=3&avtoken=17993&omv=1.0.1&AV_D65=Control&clsid=f9b6588e-b41e-41c0-b95b-f625f8afd6c2&rando=58&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1670786019426&AV_C_USER_ID=1670786018355-947897066707-009256-012-005528&wfc=2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.177.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-177-246.compute-1.amazonaws.com
Software
/
Resource Hash
f97c959ae973480f957798e084b5b1018a8cb08077698a264dea44c42a3978ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 30 Nov 2022 05:26:59 GMT
avpb7.12.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0E39 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:580::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt6ulDP5URb2pIgNb8tz5yosfLdt6o_PhUoleuAGVxR-oVujcz5-dehJ_B4dERVlkD6N0aJmmpv8_D5Va1IeJIEZw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19946
last-modified
Sun, 11 Dec 2022 12:30:18 GMT
server
UploadServer
etag
"3ee62fbf3f98d5f12f1da31583164bb0"
vary
Accept-Encoding
x-goog-generation
1670761818777160
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=WyMTmw==, md5=PuYvvz+Y1fEvHaMVgxZLsA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
19946
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:23:39 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786019565&asid=6230ab4d65d68a55b20d1c04%2C62bea3586b215f7a31586941%2C61bcb59a2d801547d24be1f7%2C61bcb604acdffc564d207864%2C62bb0115edb3e92180502b68%2C629dd7436a0f3879e8394cc6%2C6315e397c250db0a4732e156%2C6351cc26c6143e469022a594%2C61bcb66d7498382a84489d88%2C63039ef2f6e12404830bebf4&ofpr=0.3%2C1%2C1%2C0.3%2C1%2C1%2C0.3%2C0.2%2C0.3%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C1%2C%2C%2C%2C%2C1%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:39 GMT
server
ATS/9.1.10.25
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ec1e32d0a126cf7d71ca8c6829bc5bbbe44707e1c2a7ecb36e673dcd34aa0ad2

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
61d0ba9e8d1a9ad5336a50260cf31fd91581cfccc18edb653c38e291a618aea9

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e05de343-bbf3-44af-a087-602f0ee83a13&nocache=1670786019629&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=47688284892&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		24 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
508361dc4a471617cbcf9786a65a9c473bb318d83daafdbb39cdcd96f68a2b28

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
bid
ap.lijit.com/rtb/ 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bfbda034e4cb2883b046071f2cc21d840f5271e491628af7ebb9ac8f27fd1ce2

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:39 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
ec3d428eaf879bcdb038ffca01a757b8d480da85c6f004281be66393caac79c1

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bc21135603467b1416061aa41799c1a454c253bda2440ca2ffaae60c1c3f8595
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:39 GMT
AN-X-Request-Uuid
34da2c5e-81a0-435c-830a-f4568513bf08
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 11 Dec 2022 19:13:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
458821
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 3EC7 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000gxLd1AAE&gdpr=0&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame 3EC7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=FAELKnxiTUhkN0drcDdYS0dzZXg5WUYrV1lIRjZZUG1uWktZWU5wR0RmbngvbjZNVGdLRFUxdEZCdTRzcmY3WWlSY2lmRTZXbktRNW83aGlXYTl4WGFVcnAvM3htdVJtV2lRT1h1ZVoxWndsZmJJSFA5M2VuVXZFb1VkUz...
370 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FAELKnxiTUhkN0drcDdYS0dzZXg5WUYrV1lIRjZZUG1uWktZWU5wR0RmbngvbjZNVGdLRFUxdEZCdTRzcmY3WWlSY2lmRTZXbktRNW83aGlXYTl4WGFVcnAvM3htdVJtV2lRT1h1ZVoxWndsZmJJSFA5M2VuVXZFb1VkUzR2eG04clpUNTRzMlREOFRwVkx4VCt0ckNpbk5WZEk3WERKalB2ZkdJdit4cWY3YVJ3dnR4Mnd3Z1dJUmF1OVdvV1RJcmZ6U1c1d1cvOUJ5Q1NnTkdUQzdwV0dkT3ZQeGphckVKSmVwSmx2ZVVkN1hhVC8vQU52OHRnMUZKc3UrRmxJTGFRSXppfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4ac6548069d7b11fa6c364c23702d2ed116a37f0288da82e8be77222a42137e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1745608
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=FAELKnxiTUhkN0drcDdYS0dzZXg5WUYrV1lIRjZZUG1uWktZWU5wR0RmbngvbjZNVGdLRFUxdEZCdTRzcmY3WWlSY2lmRTZXbktRNW83aGlXYTl4WGFVcnAvM3htdVJtV2lRT1h1ZVoxWndsZmJJSFA5M2VuVXZFb1VkUzR2eG04clpUNTRzMlREOFRwVkx4VCt0ckNpbk5WZEk3WERKalB2ZkdJdit4cWY3YVJ3dnR4Mnd3Z1dJUmF1OVdvV1RJcmZ6U1c1d1cvOUJ5Q1NnTkdUQzdwV0dkT3ZQeGphckVKSmVwSmx2ZVVkN1hhVC8vQU52OHRnMUZKc3UrRmxJTGFRSXppfA&cppv=2
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
9285031
content-length
0
expires
0
538.json
id5-sync.com/g/v2/ Frame 3EC7 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/538.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
cafbdef4d269b296fcebd9fb7ed15188b9bd9261ee33990f27330baf19562406
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 3EC7 		0
0
74319
idx.liadm.com/idex/prebid/ Frame 3EC7 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/74319?duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&us_privacy=1---&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.91.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-91-17.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
9b7e117e4f60fa47
vary
Origin
request-time
5
id
id.crwdcntrl.net/ Frame 3EC7 		43 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache
x-server
10.45.16.121
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 3EC7 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
175d613dcca17b62b2ab0c978cd06c26b4cb2e9a6b1fb4407f6227944b7867d0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 10 Jan 2023 19:13:39 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 11 Dec 2022 19:13:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
410683
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 5337 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000gxLd1AAE&gdpr=0&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame 5337
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=085OiXw1Y3liZ0J0UGZHYnFYVFBUWkdJYUNTaHZBbFNKUkJRK2FIbEZwYTlTUGp0V0ZEOE42YWRBVmpKM0FrK1hUNEttZ3pQaG96aDlqYjNOUUF0WWdHUWtqWGxFZnZiVTBDSENHdzJJRnN6MjJzN1dvZXQvNW5NbjBtMD...
368 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=085OiXw1Y3liZ0J0UGZHYnFYVFBUWkdJYUNTaHZBbFNKUkJRK2FIbEZwYTlTUGp0V0ZEOE42YWRBVmpKM0FrK1hUNEttZ3pQaG96aDlqYjNOUUF0WWdHUWtqWGxFZnZiVTBDSENHdzJJRnN6MjJzN1dvZXQvNW5NbjBtMDMzLy9Cc3k0eUo4c0xQdG9TeTdqTC9hNHVpcmhYMnFPN3NYNkNyd0RYZkt4b2JtL0dnNndDNEFIMDZwSXoxOWF6WEZCVW9ib2VLc2E4WTlMTE9MVjREYnFTdElpaWdOdTFhdmVZMnhIWmNwcTBwcWhFdmtQU3VCT0NFeTFnZThJTVNNc1hMd1pxfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1b93b2f3fee3e530a81516e59f322dbc35089fd11cf92ee5b63895418ede8fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1640950
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=085OiXw1Y3liZ0J0UGZHYnFYVFBUWkdJYUNTaHZBbFNKUkJRK2FIbEZwYTlTUGp0V0ZEOE42YWRBVmpKM0FrK1hUNEttZ3pQaG96aDlqYjNOUUF0WWdHUWtqWGxFZnZiVTBDSENHdzJJRnN6MjJzN1dvZXQvNW5NbjBtMDMzLy9Cc3k0eUo4c0xQdG9TeTdqTC9hNHVpcmhYMnFPN3NYNkNyd0RYZkt4b2JtL0dnNndDNEFIMDZwSXoxOWF6WEZCVW9ib2VLc2E4WTlMTE9MVjREYnFTdElpaWdOdTFhdmVZMnhIWmNwcTBwcWhFdmtQU3VCT0NFeTFnZThJTVNNc1hMd1pxfA&cppv=2
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
293721
content-length
0
expires
0
538.json
id5-sync.com/g/v2/ Frame 5337 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/538.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
d375744f3196b797c8e10f2d5451b2628266f025c2120a68e377dc9414d634f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
74319
idx.liadm.com/idex/prebid/ Frame 5337 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/74319?duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&us_privacy=1---&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.91.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-91-17.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
5aa09d861ba38e29
vary
Origin
request-time
4
id
id.crwdcntrl.net/ Frame 5337 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache
x-server
10.45.30.236
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 5337 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
175d613dcca17b62b2ab0c978cd06c26b4cb2e9a6b1fb4407f6227944b7867d0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 10 Jan 2023 19:13:39 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 11 Dec 2022 19:13:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
552314
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 3E33 		49 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000gxLd1AAE&gdpr=0&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame 3E33
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.herald.co.zw%2F&domain=www.herald.co.zw&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=UFcCSXx5dUs4d2JIYTBCckorNkhpL2J3cGZQY2g5Vng4TnV0TTJ6MG1JK1NUY2c0elh2L3VpL3pmalZSck5Lc2htQ3NDd1NJRGwyN0FaV2xISzRCNkxIcDZ6bG5CdHV0OFZWc1VOUVhZeFlSODRqR0RsNmtrNGVMQjIyYW...
360 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UFcCSXx5dUs4d2JIYTBCckorNkhpL2J3cGZQY2g5Vng4TnV0TTJ6MG1JK1NUY2c0elh2L3VpL3pmalZSck5Lc2htQ3NDd1NJRGwyN0FaV2xISzRCNkxIcDZ6bG5CdHV0OFZWc1VOUVhZeFlSODRqR0RsNmtrNGVMQjIyYWhQRW1kenJJYmI1TVExNE5lS0ZsTUhURU13cjNRTWp4am4xOGIvQWZtOFlNbG1KeDB4cjh3MVo1WUJsamE1a3cvd0NyWGVCR1dHeHZ1Z0FIR1dwWS8rQVJ1YmcvWldPNWNUVzJVMjhMTERGb0RrUEpMWXJDRUVYa2FVd01aNWd6OElVVzFUblYyfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bae2884484504605f967fc20dac8e05b9ae7b7b7718493b768ce764cf199f47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1577096
expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=UFcCSXx5dUs4d2JIYTBCckorNkhpL2J3cGZQY2g5Vng4TnV0TTJ6MG1JK1NUY2c0elh2L3VpL3pmalZSck5Lc2htQ3NDd1NJRGwyN0FaV2xISzRCNkxIcDZ6bG5CdHV0OFZWc1VOUVhZeFlSODRqR0RsNmtrNGVMQjIyYWhQRW1kenJJYmI1TVExNE5lS0ZsTUhURU13cjNRTWp4am4xOGIvQWZtOFlNbG1KeDB4cjh3MVo1WUJsamE1a3cvd0NyWGVCR1dHeHZ1Z0FIR1dwWS8rQVJ1YmcvWldPNWNUVzJVMjhMTERGb0RrUEpMWXJDRUVYa2FVd01aNWd6OElVVzFUblYyfA&cppv=2
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
310172
content-length
0
expires
0
538.json
id5-sync.com/g/v2/ Frame 3E33 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/538.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
fbb2fe574d89f501750f1c1c97c6934f18e389e9428a0a29af239c28d6c27fae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
74319
idx.liadm.com/idex/prebid/ Frame 3E33 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/74319?duid=801119ae28d5--01gm19pt9knzk1a4v3evxaqczd&us_privacy=1---&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.91.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-91-17.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
7f0c41c879866bd7
vary
Origin
request-time
5
id
id.crwdcntrl.net/ Frame 3E33 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache
x-server
10.45.13.171
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 3E33 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
175d613dcca17b62b2ab0c978cd06c26b4cb2e9a6b1fb4407f6227944b7867d0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 10 Jan 2023 19:13:39 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UFcCSXx5dUs4d2JIYTBCckorNkhpL2J3cGZQY2g5Vng4TnV0TTJ6MG1JK1NUY2c0elh2L3VpL3pmalZSck5Lc2htQ3NDd1NJRGwyN0FaV2xISzRCNkxIcDZ6bG5CdHV0OFZWc1VOUVhZeFlSODRqR0RsNmtrNGVMQjIyYWhQRW1kenJJYmI1TVExNE5lS0ZsTUhURU13cjNRTWp4am4xOGIvQWZtOFlNbG1KeDB4cjh3MVo1WUJsamE1a3cvd0NyWGVCR1dHeHZ1Z0FIR1dwWS8rQVJ1YmcvWldPNWNUVzJVMjhMTERGb0RrUEpMWXJDRUVYa2FVd01aNWd6OElVVzFUblYyfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 11 Dec 2022 19:13:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
563950
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=085OiXw1Y3liZ0J0UGZHYnFYVFBUWkdJYUNTaHZBbFNKUkJRK2FIbEZwYTlTUGp0V0ZEOE42YWRBVmpKM0FrK1hUNEttZ3pQaG96aDlqYjNOUUF0WWdHUWtqWGxFZnZiVTBDSENHdzJJRnN6MjJzN1dvZXQvNW5NbjBtMDMzLy9Cc3k0eUo4c0xQdG9TeTdqTC9hNHVpcmhYMnFPN3NYNkNyd0RYZkt4b2JtL0dnNndDNEFIMDZwSXoxOWF6WEZCVW9ib2VLc2E4WTlMTE9MVjREYnFTdElpaWdOdTFhdmVZMnhIWmNwcTBwcWhFdmtQU3VCT0NFeTFnZThJTVNNc1hMd1pxfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 11 Dec 2022 19:13:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
482731
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FAELKnxiTUhkN0drcDdYS0dzZXg5WUYrV1lIRjZZUG1uWktZWU5wR0RmbngvbjZNVGdLRFUxdEZCdTRzcmY3WWlSY2lmRTZXbktRNW83aGlXYTl4WGFVcnAvM3htdVJtV2lRT1h1ZVoxWndsZmJJSFA5M2VuVXZFb1VkUzR2eG04clpUNTRzMlREOFRwVkx4VCt0ckNpbk5WZEk3WERKalB2ZkdJdit4cWY3YVJ3dnR4Mnd3Z1dJUmF1OVdvV1RJcmZ6U1c1d1cvOUJ5Q1NnTkdUQzdwV0dkT3ZQeGphckVKSmVwSmx2ZVVkN1hhVC8vQU52OHRnMUZKc3UrRmxJTGFRSXppfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 11 Dec 2022 19:13:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
493319
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame E115 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 11 Dec 2022 19:13:39 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A093 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158685&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147046
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Dec 2022 19:13:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Dec 2022 12:04:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C7FB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70152
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 11 Dec 2022 19:13:39 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 491485
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220043-HHN
X-Timer
S1670786020.995192,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FCA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158685&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147046
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 11 Dec 2022 19:13:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Dec 2022 12:04:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D834 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670786019689&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 591E 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 11 Dec 2022 19:13:39 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame E6D7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Dec 2022 19:13:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C3D2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70153
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 11 Dec 2022 19:13:40 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
34, 479539
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220065-HHN
X-Timer
S1670786020.019041,VS0,VE0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:39 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786019948&asid=6230ab4d65d68a55b20d1c04%2C629dd7436a0f3879e8394cc6%2C6315e397c250db0a4732e156%2C61bcb66d7498382a84489d88%2C62bea3586b215f7a31586941%2C63039ef2f6e12404830bebf4%2C61bcb604acdffc564d207864%2C62bb0115edb3e92180502b68%2C61bcb59a2d801547d24be1f7%2C6351cc26c6143e469022a594&ofpr=0.3%2C1%2C0.3%2C0.3%2C1%2C1%2C0.3%2C1%2C1%2C0.2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f959f9d77cb7d1e8a2913402fca211c770114a000d70f36a8256afe28e508263

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e8fc6851aa3d39205606501d8fc9851ef9698320f3018637764f564ef299a74d

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
49
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3e52423160f0eff541a321af6bb3a1f2392a8c01591e3a0936b13aec2ae01d83
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:39 GMT
AN-X-Request-Uuid
71484b9b-365d-46d9-bd8e-77cdb06e755e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eb12c212-eeb3-4eb4-856b-038f2e707f4f&nocache=1670786019960&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
792e56d9d089ca054a331d3bbadaae4039fdb44e798fec8baf9b3b5bc02f79d0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=15808358693&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid
ap.lijit.com/rtb/ 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
23d19489c5249584038a50e7368a6620b85dbf30e9451639a58784e1a908dc4d

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:39 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
2436f09013691199a2ed0a8274f451a44319dd84ae150e949114df98eadbfdc8

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
usync.js
eus.rubiconproject.com/ Frame E6D7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa526ee31ee8aa7cdad348b3999171f50a35c811f1b87372b7415d1c8dfab359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:13:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Dec 2022 22:50:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12942
Connection
keep-alive
Content-Length
10065
Expires
Sun, 11 Dec 2022 22:49:22 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786020105&asid=6230ab4d65d68a55b20d1c04%2C629dd7436a0f3879e8394cc6%2C62bb0115edb3e92180502b68%2C6315e397c250db0a4732e156%2C61bcb604acdffc564d207864%2C61bcb66d7498382a84489d88%2C6351cc26c6143e469022a594%2C61bcb59a2d801547d24be1f7%2C63039ef2f6e12404830bebf4%2C62bea3586b215f7a31586941&ofpr=0.3%2C1%2C1%2C0.3%2C0.3%2C0.3%2C0.2%2C1%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
43a186bb5f930292e763629086b03aeae60313302c5a0d7975cdf31da9328cca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:40 GMT
AN-X-Request-Uuid
030bc432-9638-485c-b6ca-a2dd4c941faa
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f7e72630-fdac-4219-beda-1f2a34889a65&nocache=1670786020110&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
77a422e412f2fbf4e4ef14ea79b5d2be9100e415e1652a1c8fd2be2f3c48761c

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bid
ap.lijit.com/rtb/ 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
12dde2ed6eb91f1b3bfc5ca984674500c8b83827cf2f470439490069d36cebd2

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
df954b97e550d2a4492534947721e203b2ec1e696fd8dab63228e72b723a8558

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f60211d8b388b961a031e3247f17ca502c73bf5860d9d88a6ce23f07649d6d84

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=15544950316&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
8a88e13f30c9b1309419461d8f4ee0c8a541aac32d93242599543bf7f2acdd4a

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786020351&asid=6230ab4d65d68a55b20d1c04%2C63039ef2f6e12404830bebf4%2C62bea3586b215f7a31586941%2C6351cc26c6143e469022a594%2C61bcb59a2d801547d24be1f7%2C61bcb66d7498382a84489d88%2C629dd7436a0f3879e8394cc6%2C61bcb604acdffc564d207864%2C62bb0115edb3e92180502b68%2C6315e397c250db0a4732e156&ofpr=0.3%2C1%2C1%2C0.2%2C1%2C0.3%2C1%2C0.3%2C1%2C0.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c703d142c76af8c5072842d48b8ffa413af338325c68e8b8c5728c9dd3377195
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:40 GMT
AN-X-Request-Uuid
6c7e4d75-3771-408b-9c57-d12a78dcd1d1
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
71f337934418f2b756db0a1b920dca0b40a0c7432ae042b5e018571e1e32f645

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=24091717098&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f30ee44f-f6ad-47ae-8cf1-364eebec8bd3&nocache=1670786020373&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
8b58cca962af3de528377062798f8a18cc4596afe3f46d224f2e46104621d8b3

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae52781983ac18a7044faab49a056f83c652f2cad2fd7b59d019c30e221f302b

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9600b8a56b9f944505ff4be3727725acbe9f77520a18ac23191b7c879f8469ac

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c3275f8e6afbffd72574602a964ea4cce112922a81a8fb0e1e2ea56a27b55bbc

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=cQL1QkDGTQFmMJ5lVT5-2cEbDhw&user_group=1&ssp=themediagrid
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=188&user_id=cQL1QkDGTQFmMJ5lVT5-2cEbDhw&user_group=1&ssp=themediagrid
Protocol
H2
Server
18.194.50.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=188&user_id=cQL1QkDGTQFmMJ5lVT5-2cEbDhw&user_group=1&ssp=themediagrid
Date
Sun, 11 Dec 2022 19:13:40 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786020543&asid=6230ab4d65d68a55b20d1c04%2C6351cc26c6143e469022a594%2C61bcb66d7498382a84489d88%2C61bcb604acdffc564d207864%2C62bb0115edb3e92180502b68%2C61bcb59a2d801547d24be1f7%2C63039ef2f6e12404830bebf4%2C6315e397c250db0a4732e156%2C62bea3586b215f7a31586941%2C629dd7436a0f3879e8394cc6&ofpr=0.3%2C0.2%2C0.3%2C0.3%2C1%2C1%2C1%2C0.3%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
304465482860950312e32f446f00e76ab930acee0be8b4892176e9875344beab

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=31560350465&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
383c2bd12f6e376ca4e505338b71ada9caa463499760752a69eb1a7a9f1547cd

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
d1955fddc171df4e83df5ab74b0bdf5d1158d08f94f9ec52cfd51b349c7b9ca1

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1789a9d88fb1bba73737201d2759842d46838cde90c3cd212d70fc8a16609800

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f80e439b91567522bd821ed26f65a48e3593e616ed2450276b3d36abd8248c7c

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b5ff78341463bd81bf37fe9fb08ecf25efbfa295c71b57b82aa4f43d946df34d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:40 GMT
AN-X-Request-Uuid
095909c6-5154-4cbc-a1e7-632496db2243
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=99fd0a96-30a7-4d75-b75a-a076b75249de&nocache=1670786020574&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 00B7 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
X-Goog-Request-Time
1670786020600
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/e71ezSmiSyc
X-YouTube-Client-Version
1.20221206.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt5TkpsWnh2SVROayje19icBg%3D%3D
X-YouTube-Ad-Signals
dt=1670786014829&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C169&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 11 Dec 2022 19:13:40 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786020705&asid=6230ab4d65d68a55b20d1c04%2C6315e397c250db0a4732e156%2C629dd7436a0f3879e8394cc6%2C61bcb604acdffc564d207864%2C6351cc26c6143e469022a594%2C63039ef2f6e12404830bebf4%2C62bb0115edb3e92180502b68%2C61bcb66d7498382a84489d88%2C61bcb59a2d801547d24be1f7%2C62bea3586b215f7a31586941&ofpr=0.3%2C0.3%2C1%2C0.3%2C0.2%2C1%2C1%2C0.3%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9b5fc236022726838ed4b3621ae59c6e7baa8052a2269bfb9e1d2a1f6e709894

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
344b0e2ebae8cf126fe5cc154a88d0684f1c71ffbb9de145dc9a6715233eeba8

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
3b929b044f62474d33d893dcf913155c4ca0f4f71f0294b19c0e02a0d1712cf6

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3fbfff128f1d52959aa00709111f11ebb4f940b6228ccbd154d5c1dfd96ea3bd

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eec6f3b61d41e4d5c21097047597a26a4abd1fd7b3dcdd3b9b296a43c3d372b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:40 GMT
AN-X-Request-Uuid
c36bee6f-96cd-4103-9ab3-841415c8932b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=16861301857&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a8430c51-a42d-4d82-b638-49aa9cf22cb4&nocache=1670786020716&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1dc436bb4c4cec1721c77602a843853dd3841d92cf7eb9e278cf5b3d86d78f83

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786020860&asid=6230ab4d65d68a55b20d1c04%2C6351cc26c6143e469022a594%2C629dd7436a0f3879e8394cc6%2C62bea3586b215f7a31586941%2C62bb0115edb3e92180502b68%2C61bcb66d7498382a84489d88%2C6315e397c250db0a4732e156%2C63039ef2f6e12404830bebf4%2C61bcb59a2d801547d24be1f7%2C61bcb604acdffc564d207864&ofpr=0.3%2C0.2%2C1%2C1%2C1%2C0.3%2C0.3%2C1%2C1%2C0.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8c7bbbfe3b5aaca3aab570ee3116ef8517cf5d26250ecdf13a185b8e355887ee

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
50
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2ceddf736092b6b56b9e3f9dfef0a7d84cd00f9d893cbffc360e930bb198595a

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=1487680590&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
919ae8eb044beb661de50aa309776e6c649410d1c89c903dfd678c3f51a6491e

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53a5e45a-d69a-483c-b208-7f8a7c26d06a&nocache=1670786020883&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4714cbce7201ffb6e01a61dc53e64863ee8160b85942d331b651ea6d38ed8f94

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:40 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dd4f783bb5bc7848bf1c54007077d7bda64a6dfe394feb67d7cc22c50bde0574

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
25d377b9311c6501f4ac5aaacf916fb3b393ef0d75bf79011410e21c3e27539f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:40 GMT
AN-X-Request-Uuid
21209f84-8de3-4e45-a531-6d1c2da42a51
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786021195&asid=6230ab4d65d68a55b20d1c04%2C61bcb604acdffc564d207864%2C629dd7436a0f3879e8394cc6%2C61bcb66d7498382a84489d88%2C6351cc26c6143e469022a594%2C62bb0115edb3e92180502b68%2C62bea3586b215f7a31586941%2C6315e397c250db0a4732e156%2C61bcb59a2d801547d24be1f7%2C63039ef2f6e12404830bebf4&ofpr=0.3%2C0.3%2C1%2C0.3%2C0.2%2C1%2C1%2C0.3%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bid
ap.lijit.com/rtb/ 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a4e4cc43e3b71e1651432d60cc30bfcb7b1e0315e719c828b3735dc1554a2d0d

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d52afc7af55d830c6bf86926a8f179a5a87b264dc886a9a7f40ee1aae55d85e8

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1d53c2de4eadab50934362f3c24260615da82dd4f9f7e013a44af3c625bf873f

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=50423147388&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b474a4de-4ba6-4693-ae92-eab3d86e5e89&nocache=1670786021217&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
822aefe2366b78337a03c167fbd608b7c68e4719e075eb9d9a88096d9971a5a5

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
50
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
13a56f9facd3dde408bf6dffed0e1f0aed2496dee83f8dfd140159c87f91ca23

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
394ae62355dec78031045f16264ca42c6e9415c9b727079f665c437232b05eb6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:41 GMT
AN-X-Request-Uuid
1c115aa4-3941-4d32-b7c4-871a4629b469
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786021395&asid=6230ab4d65d68a55b20d1c04%2C6351cc26c6143e469022a594%2C62bea3586b215f7a31586941%2C61bcb59a2d801547d24be1f7%2C63039ef2f6e12404830bebf4%2C629dd7436a0f3879e8394cc6%2C61bcb66d7498382a84489d88%2C61bcb604acdffc564d207864%2C6315e397c250db0a4732e156%2C62bb0115edb3e92180502b68&ofpr=0.3%2C0.2%2C1%2C1%2C1%2C1%2C0.3%2C0.3%2C0.3%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d88e365b746a7b7aaf6291be723ab7db0bca1eaf7ec3d9f0df30955d486f65a7

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9a73e48e-45ae-4e3c-a892-82558e0b44e4&nocache=1670786021413&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
393e74a1781cc1c269ad99835d30d1b07f60d3b42fe1e4f9d56d67d8207333df

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
46d99b47751f42ef191482dd8c76ce9e68d8f8aaf29363f0689ae15f93dbbb3c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:41 GMT
AN-X-Request-Uuid
5f1acb18-c16f-4f93-9309-09e4f064e5a2
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a8233a6426d9a9ca4b75cbe24c22e2fd9b550941eb359c6b2f7167104a2240fb

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
50
content-type
application/json
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=54307568523&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
e5accdf2d955f22a7448668e8b6caedd1cea3a2bfa4cd5295f6a6f6c27b1130a

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c9cf5b01103bbd219814a864ef7698cdf4f7707e5791e091dd26a4bf2e7c988a

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786021576&asid=6230ab4d65d68a55b20d1c04%2C61bcb604acdffc564d207864%2C6351cc26c6143e469022a594%2C62bea3586b215f7a31586941%2C61bcb59a2d801547d24be1f7%2C61bcb66d7498382a84489d88%2C6315e397c250db0a4732e156%2C63039ef2f6e12404830bebf4%2C629dd7436a0f3879e8394cc6%2C62bb0115edb3e92180502b68&ofpr=0.3%2C0.3%2C0.2%2C1%2C1%2C0.3%2C0.3%2C1%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9e74777d97ae2854b7c34997b19f4f51ee25f79717d834afde7f490d75a7b2f3

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9f416c75-3b04-4882-bce1-5828cad8e0b1&nocache=1670786021590&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b33d6487e6e062b68eeca32ff4c4e66644a6ffe2c576bc7f0b265b8b8d91adfd

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
6d6748bf512788d25caaf7b902f6c068fadd3e51550e5fc35be0ca8824d6c6d2

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=9276616105&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
85f54f3612a52c2e015d27e22c52f4bd622ac50d2c80f756f147fa9d48dd8418
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:41 GMT
AN-X-Request-Uuid
472d345c-40a8-45da-b126-7760de1c587a
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
48f50a1a80a99305f6bce0226f09eb8739a0419af1666d10c9302fba122f1fe2

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a4206ee026b9335b7c91314fef30f7c50e383afec63fec57852e6e45c916e6b7

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786021710&asid=6230ab4d65d68a55b20d1c04%2C61bcb59a2d801547d24be1f7%2C61bcb66d7498382a84489d88%2C629dd7436a0f3879e8394cc6%2C63039ef2f6e12404830bebf4%2C61bcb604acdffc564d207864%2C6351cc26c6143e469022a594%2C62bb0115edb3e92180502b68%2C6315e397c250db0a4732e156%2C62bea3586b215f7a31586941&ofpr=0.3%2C1%2C0.3%2C1%2C1%2C0.3%2C0.2%2C1%2C0.3%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
26034e4924a666bd66127f8046fa8e9f4591d983f2bd38075a783af1ba951822

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
04dde2cae50bd31ae028d7bb5b96fab323ee4ff5b9f6f04cb9de7e1e6547a685

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
application/json
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=79869456713&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=854c95a5-0a6b-4927-98dc-94fa6cfeb002&nocache=1670786021720&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6e63c25cc0b28931d342d95000bb0c8db4dc8d8795fe00f817bcfbdd32e4b7cf

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
89fd43c5d890564fa5be3bdbdd81ab5a8020ee55f9e4f5d3a7da5cddf5bfa3c1

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f7df7be7ee4ea8a3f0c4e99ee260c5728790be4be940698ea69bc8f5a12b2cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:41 GMT
AN-X-Request-Uuid
8681dcd7-b1ff-4b31-b9a8-26d185642ffb
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
61a10c94e285efcdf6a818bb2cff89f6480ad9c4924152b5e659b7c5172160b8

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786021928&asid=6230ab4d65d68a55b20d1c04%2C629dd7436a0f3879e8394cc6%2C6351cc26c6143e469022a594%2C6315e397c250db0a4732e156%2C61bcb59a2d801547d24be1f7%2C62bea3586b215f7a31586941%2C61bcb66d7498382a84489d88%2C63039ef2f6e12404830bebf4%2C62bb0115edb3e92180502b68%2C61bcb604acdffc564d207864&ofpr=0.3%2C1%2C0.2%2C0.3%2C1%2C1%2C0.3%2C1%2C1%2C0.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=42860507936&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a00ff5bc-98dd-4629-a077-a291933a3ad7&nocache=1670786021940&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6d03f5e76de98a48d07c88e37b45bfdaa2ee2e42f4d75a426c4d3d80aa5b4c5b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:41 GMT
AN-X-Request-Uuid
aefae4dd-72e9-4ee1-a8c8-2167f94c52f1
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7f56c1f1790dedcf8dfa4ded601752ba138f043293f549182ca789f5a0ef5b35

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1a63d84871fa68b417f652cac82fa22742cba0504d45c4366ac16338bdb72ada

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
bid
ap.lijit.com/rtb/ 		95 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7be49cf57dbcdbc1526599e90e342fc4a651ef59659ef4a128110c50e9b43593

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f6f6e58dd8b18b2e28c9a0b91014b4c490b77f1322b56789547981844841a5fd

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
de217d5df635f4d6700b77c80d7cd3257cf438d605c4abe3d0e087eedbc9f774

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:41 GMT
server
ATS/9.1.10.25
beacon
ap.lijit.com/ Frame F480 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?us_privacy=1---&informer=13428637
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.herald.co.zw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 11 Dec 2022 19:13:42 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786022054&asid=6230ab4d65d68a55b20d1c04%2C61bcb604acdffc564d207864%2C6351cc26c6143e469022a594%2C62bb0115edb3e92180502b68%2C61bcb59a2d801547d24be1f7%2C61bcb66d7498382a84489d88%2C629dd7436a0f3879e8394cc6%2C62bea3586b215f7a31586941%2C63039ef2f6e12404830bebf4%2C6315e397c250db0a4732e156&ofpr=0.3%2C0.3%2C0.2%2C1%2C1%2C0.3%2C1%2C1%2C1%2C0.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c86c64c9ba52731c39b20c63d6ac97288daf47ac3936a2e33a2b2b15239e978d

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
c2b4ba530e174ef0234c07b16f8cf72a73dc9bed837e4c5f8eaad46f13f5edee

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=da926947-9270-42e3-a8c5-fd3408d59eab&nocache=1670786022060&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
45d4023646074fd2d9504dc60a2565f938678e79af3f87a9337a3f977f20e69c

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4012ec54be1af0d1e6ed5c48c7830f396d22d583dfe0855eed60d69c35dcb38b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:42 GMT
AN-X-Request-Uuid
33415d44-22a9-411e-9168-dbcffa9cc9ed
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=80103892115&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
425fea0960852b156c5f9d0b780dd42694f92fe15a8244f6b6df3edecafd7b0d

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
98bdbd1888dba9cd4e0d4c162d63ee59e9fb2af1687705312e4370f8fc1f43ce

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786022399&asid=6230ab4d65d68a55b20d1c04%2C63039ef2f6e12404830bebf4%2C62bea3586b215f7a31586941%2C6351cc26c6143e469022a594%2C6315e397c250db0a4732e156%2C62bb0115edb3e92180502b68%2C61bcb66d7498382a84489d88%2C61bcb59a2d801547d24be1f7%2C61bcb604acdffc564d207864%2C629dd7436a0f3879e8394cc6&ofpr=0.3%2C1%2C1%2C0.2%2C0.3%2C1%2C0.3%2C1%2C0.3%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f91bcaa4-2c77-45a7-bd7c-42aff06f4a9e&nocache=1670786022404&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=97878164329&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
17d88482bda966745fc168eea1c9d24c8b40792a82bd67bc0549a2390dd31e3d

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
338688d734c3bd1e46aac55eb5378bd8226226bd6a2bb932be50fd3d9f657489

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5878f711017eed3aa54e3e3bc401e9d4b2fd90c22f58394ca324e1fc51ca7e10

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
faca440dcd5075b4b475949957915ff2dddbe515a774e572ea108de0403df1e7

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1b4624afa0e27e87d218cf9623e48f6a980524988bd4bcb3f729e07b57e5337e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:42 GMT
AN-X-Request-Uuid
3a8c1054-2537-417d-aad6-4619e3ebeb77
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
aae06d7a164549a0636cde8f030b7ebdae1342d820e31f7b3880eb93e1a6fc77

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
track
track1.aniview.com/ Frame 0E39 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786022516&asid=6230ab4d65d68a55b20d1c04%2C629dd7436a0f3879e8394cc6%2C6315e397c250db0a4732e156%2C62bea3586b215f7a31586941%2C63039ef2f6e12404830bebf4%2C61bcb604acdffc564d207864%2C62bb0115edb3e92180502b68%2C6351cc26c6143e469022a594%2C61bcb66d7498382a84489d88%2C61bcb59a2d801547d24be1f7&ofpr=0.3%2C1%2C0.3%2C1%2C1%2C0.3%2C1%2C0.2%2C0.3%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=20391195135&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
aa116ddf6b8f627f52441570880bacbe33feb7b792c717daaa660df478581a1c

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
00364ce9838a1664d394b6c90a4efe5add5c02f8a459fa92ede60f9fa4ff126f

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c8443b11-ca14-4942-877a-d97cbadb44c1&nocache=1670786022526&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
ab33ea844ba39b32d4d70c8532794d51f77d6d5fcb5ad9c4ddf2d7e1da67270b

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a0154780b6970e0f7ce884816e544900dd23c96e19058aef6064a8ea30787a06

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
50
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ed2bc020867a01953213a9f7c52006c92a62bb578a07db1fb776480ea8814daa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:42 GMT
AN-X-Request-Uuid
c707f7fb-814b-41d8-82cd-958673ed3b1c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f93182a99c5ac4c822e9caf4b5fcfa1b145e43025eebb35408bb2586e16a1d3

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786022746&asid=6230ab4d65d68a55b20d1c04%2C61bcb59a2d801547d24be1f7%2C61bcb604acdffc564d207864%2C63039ef2f6e12404830bebf4%2C6315e397c250db0a4732e156%2C629dd7436a0f3879e8394cc6%2C62bb0115edb3e92180502b68%2C6351cc26c6143e469022a594%2C62bea3586b215f7a31586941%2C61bcb66d7498382a84489d88&ofpr=0.3%2C1%2C0.3%2C1%2C0.3%2C1%2C1%2C0.2%2C1%2C0.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b1ee2b6dbbac77d3fff0068d3f500230d50209b803b61ccabda1a28bb1a8c03b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:42 GMT
AN-X-Request-Uuid
3dfb8d7f-fc2e-45fb-ac4d-cb12e395e81b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f97f4b94c3e340ffc3f6a09b7fec1b8ce40650b4db10cc6bb146504ccb13f989

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
889e320e7871d0e36ff6559a29ebe53ce7b716dc76593b31d63e0389ca5eae68

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c0d08d5fd7f434471abd0ea32df3c3cb92d9f0208d069803cb3a0492d4cab92d

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=69820609660&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3b20501e3375db23566efb20066a8b4d63c78b383031b0e3f2a702607581396a

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bc90a223-68bc-4e3e-a738-00dbe188e6cf&nocache=1670786022755&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8e4073baf9990438a3d71b3e6f64d6fcedb743149a9c8653cd92c18beeb902a

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786022863&asid=6230ab4d65d68a55b20d1c04%2C63039ef2f6e12404830bebf4%2C6315e397c250db0a4732e156%2C6351cc26c6143e469022a594%2C61bcb604acdffc564d207864%2C61bcb59a2d801547d24be1f7%2C61bcb66d7498382a84489d88%2C629dd7436a0f3879e8394cc6%2C62bea3586b215f7a31586941%2C62bb0115edb3e92180502b68&ofpr=0.3%2C1%2C0.3%2C0.2%2C0.3%2C1%2C0.3%2C1%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
da4902d43307f3fc7c18d55863b3d271b175d06d2ea59ebfe45178b4c6b7cd30

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
fcb97e3db603e22246181f99967bff349999be251a9e17db8bc22285f8c7010c

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3a4d574f1aaa5f496dfca29260e5bcae372ad40e6bcf2dd0834be79e345aacdf

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
425e1cc87e372111a60d4d52f9eb0a1395a0ad9b8b463b1f62b792ecbda6d0e3

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=94139994914&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6b5191a3-7cca-4400-88a5-f45b14678674&nocache=1670786022873&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b10bbe86b3ee490805801b29dd03367964199f98e0df4b7cddcc794f11ca20a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:42 GMT
AN-X-Request-Uuid
292b4c70-3b50-4dc7-a87d-60e6c5c0d8af
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2fc6d04ea73cbfc7cf68d3b7d3edffa2d49ea04e9ff9e0bdab551899abdcd058

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
50
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:42 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786022977&asid=6230ab4d65d68a55b20d1c04%2C61bcb604acdffc564d207864%2C6315e397c250db0a4732e156%2C6351cc26c6143e469022a594%2C61bcb66d7498382a84489d88%2C61bcb59a2d801547d24be1f7%2C62bea3586b215f7a31586941%2C629dd7436a0f3879e8394cc6%2C62bb0115edb3e92180502b68%2C63039ef2f6e12404830bebf4&ofpr=0.3%2C0.3%2C0.3%2C0.2%2C0.3%2C1%2C1%2C1%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a498f129-bc4a-4bd5-b298-77ab669d399f&nocache=1670786022981&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bdef47011cb0278ce9ec2a3451d950ba6a0cf7aad19a0ae0feafbd11912627bf

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5d7c1dfdc43e708d16cb11c5160ab28d3b2aef0ddb2487babae7176857506230

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
49
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
e24e17e6dc780fb3a432e1a84348975b990d6a5e03e2accce47a3505cbc5571c

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2ef9f188dfef3424f6b479c475b4efaacab911ebeee36115060283c1774f1507
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:42 GMT
AN-X-Request-Uuid
625f066c-c427-4344-8acd-8cb36f70f533
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8b54839a323527aad7f7d6a8a030530ed6966eecda1152259556c25f901d267d

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
34fde060482dea1645150186a75969cf69ce31157918376b4f99bec2903df50d

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=936582190&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786023093&asid=6230ab4d65d68a55b20d1c04%2C629dd7436a0f3879e8394cc6%2C62bea3586b215f7a31586941%2C6351cc26c6143e469022a594%2C61bcb604acdffc564d207864%2C63039ef2f6e12404830bebf4%2C61bcb66d7498382a84489d88%2C6315e397c250db0a4732e156%2C61bcb59a2d801547d24be1f7%2C62bb0115edb3e92180502b68&ofpr=0.3%2C1%2C1%2C0.2%2C0.3%2C1%2C0.3%2C0.3%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
d38654998cd8287e888f668211ce6481d7cd41648413b52f4d3349d41d557f63

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cf12a057da007612453f251861f2324c0ca083741bc0ed5cc7be8f99f7567f96

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
973d042ecdaf814928d7c20df54e8c79c8ad1fd1b2c0732adcefafc76c7f3ff9

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1ba57a60d2f85a6186609bc16add0890610a5371c494c298bc102b16b0faa6a1

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2d1f8c88f91f08d16c981b56c9c524ecd15443b8b6a1f6ffc3182451e2ca6cd

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
50
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0f2161c1f4c0119411f9af2a627a2b3caa9e39998c1aa9523f6cc2b5dce11367
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:43 GMT
AN-X-Request-Uuid
0b6f13ce-4838-4a65-a514-73c13f5d3990
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=556013d8-2d93-420b-8599-8190488b58d3&nocache=1670786023105&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=99135528465&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786023309&asid=6230ab4d65d68a55b20d1c04%2C62bea3586b215f7a31586941%2C61bcb59a2d801547d24be1f7%2C6315e397c250db0a4732e156%2C629dd7436a0f3879e8394cc6%2C61bcb66d7498382a84489d88%2C63039ef2f6e12404830bebf4%2C62bb0115edb3e92180502b68%2C61bcb604acdffc564d207864%2C6351cc26c6143e469022a594&ofpr=0.3%2C1%2C1%2C0.3%2C1%2C0.3%2C1%2C1%2C0.3%2C0.2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b3f0c14df82ade4e990a0b7556bcc3c2ce5d833fd5bf36a2644c1c5ce348608b

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2b451c50ccd745190db9b648d58ddf77b52a783fda0dc1b68eb576e392029e64
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:43 GMT
AN-X-Request-Uuid
15f8478c-02c6-4a1e-b3d3-41c521f8e612
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d5d38b85-391e-46c5-9eb5-1737bcd86017&nocache=1670786023317&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f57e954ded8fb65ad80201826bcf203e4d85af43b3fa3aabafe2e3fed8a8f65f

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
f2ece72c47ae7556646eeb39fa6215988fc30d1d26e7b41c25981301e1fe4bb1

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=76860874885&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
622046605109307bcc57ff0664f666b903a4d34adcb213dfb49a98e61b0684fa

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
50
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9acb4f344d8803028c544bbfa401403ebf1df3ffaea5160982cafdd664d71e78

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786023428&asid=6230ab4d65d68a55b20d1c04%2C61bcb59a2d801547d24be1f7%2C61bcb604acdffc564d207864%2C63039ef2f6e12404830bebf4%2C62bb0115edb3e92180502b68%2C62bea3586b215f7a31586941%2C629dd7436a0f3879e8394cc6%2C6315e397c250db0a4732e156%2C61bcb66d7498382a84489d88%2C6351cc26c6143e469022a594&ofpr=0.3%2C1%2C0.3%2C1%2C1%2C1%2C1%2C0.3%2C0.3%2C0.2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
de5117cd8a91fd1f36ad2426d871f709a1e758f338e3b95c83e6f86f1e66e1d6

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
880ed49999abd3baa789b4b1b3dcba75debc2b80f7a9afd881a7aef33c1fc5e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:43 GMT
AN-X-Request-Uuid
19a9b10f-7399-4488-9964-46c20cc71ec7
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
05eeb83492f1987b141ba56ce9aedf67a3b943ed23ea83ea5e8ae23b283684ae

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=98856550867&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
03f7ebc85585134ad1fa0e322b662d86a83796f14c20962309ef4b0a65b8608c

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
d15dcaf577df90ad67d9a626fdc7974d75112569244681bece77bf07a13c37b0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8db28c991cebffa3e7f0201e4b2324145ac29519b3add1d456f2bef3b40a05fd

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=866b121b-6613-46f6-a8ba-b3a7c1aea194&nocache=1670786023439&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786023549&asid=6230ab4d65d68a55b20d1c04%2C62bea3586b215f7a31586941%2C61bcb604acdffc564d207864%2C61bcb59a2d801547d24be1f7%2C63039ef2f6e12404830bebf4%2C6351cc26c6143e469022a594%2C61bcb66d7498382a84489d88%2C6315e397c250db0a4732e156%2C62bb0115edb3e92180502b68%2C629dd7436a0f3879e8394cc6&ofpr=0.3%2C1%2C0.3%2C1%2C1%2C0.2%2C0.3%2C0.3%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=23611851882&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f8b9dd568b8feb080fef054c8de7dbb15f666f32e0f8da0baa1be0b7a4d72699

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4979c2c37b751481a21481f3bfe5ac17b017d6a550faff0f49d3a543fb27a7bd

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a737b6b6b80940e82f725d8fc56215729b7821f0ebfac6c250358397685cf17
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:43 GMT
AN-X-Request-Uuid
fff18c6a-02d6-4a9c-8934-3f5199d943f8
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7c5797c2aad9d3eee84c57620ff5780d0b5ee64cb7e68f8eb5c8a1efb1e67685

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
50
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
93036c9e8437f16bc9993efd5b31ac277fdf50532bf437fe950b155920f45fb2

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=55c07d87-8bc3-4e1a-98d1-d611ba61d53b&nocache=1670786023558&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
80e32c617882fefa028e72cb5c1f5ffaee11fa655ed38f77fc2fb6e51f2fb16b

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.herald.co.zw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.herald.co.zw
access-control-max-age
600
age
0
content-length
0
date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=616704c962b31624e671e171&ncid=61b3b30a8e8e3a41297346d6&e=request&cb=1670786023750&asid=6230ab4d65d68a55b20d1c04%2C62bea3586b215f7a31586941%2C61bcb59a2d801547d24be1f7%2C6351cc26c6143e469022a594%2C6315e397c250db0a4732e156%2C61bcb604acdffc564d207864%2C62bb0115edb3e92180502b68%2C61bcb66d7498382a84489d88%2C63039ef2f6e12404830bebf4%2C629dd7436a0f3879e8394cc6&ofpr=0.3%2C1%2C1%2C0.2%2C0.3%2C0.3%2C1%2C0.3%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		25 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.195.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-195-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
29b14d5736897eeacda99627520131d90371ac19a072c4551b4a66685ed2720e

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6fb3c74a4a1230989535c17e4182e993709317517127f16c77ef310ca7049f33

Request headers

Referer
https://www.herald.co.zw/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		140 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fb44b43649dae8f906670f0060f6aa9034c8f474bced644a88dcce23d67b57b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:13:43 GMT
AN-X-Request-Uuid
b6e9b47b-93c1-4a9a-924c-bf6171ab2e2f
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.herald.co.zw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.28; 193.27.14.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
54a74351914567bbd9618391f38825bb140d73dc1177234fe4e4c9c3e5121658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.herald.co.zw
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
afe310a561a4861af55273b44b87040d4c8a39b8c84751f640e3f545115c0a4c

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 11 Dec 2022 19:13:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.herald.co.zw
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
avjp
disqus-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.herald.co.zw%2F10-most-expensive-toys-for-big-boys%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4118077b-f916-4231-bf72-ab716a0526d1&nocache=1670786023774&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557904407&vwd=400&vht=300&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.herald.co.zw
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bf006973239d2e49776fdbd626a7233150ae7b4ef2a69b358b4fa090ce06d264

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:13:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.herald.co.zw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.herald.co.zw
date
Sun, 11 Dec 2022 19:13:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=51323528876&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.herald.co.zw
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.herald.co.zw&sn=&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.67&apppkg=&fv=3&proto=https&d65=Control&clsid=f9b6588e-b41e-41c0-b95b-f625f8afd6c2&rando=58&pid=616704c962b31624e671e171&cid=61b3b30a8e8e3a41297346d6&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&e=AV_M8&prbdres=errorlimit&cb=1670786023910
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
publishertag.prebid.123.js
static.criteo.net/js/ld/ Frame 0E39 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Dec 2022 19:13:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.herald.co.zw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:13:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Dec 2022 19:13:46 GMT
track
track1.aniview.com/ Frame 0E39 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.herald.co.zw&rs=www.herald.co.zw&sid=97685&t=1670786019&cip=193.27.14.28&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=616704c962b31624e671e171&test=&d64=1254e1a535baf41a60312c287ef06906&d63=1254e1a535baf41a60312c287ef06906&aafaid=&proto=https&uid=1670786018355-947897066707-009256-012-005528&cha=0.05&stagid=61b3b33ac58a257d035ed467&stplid=62cd682a22f05376446af2a4&d35=&d36=6.2.67&cb=93712154306&d39=&d65=Control&d66=&apppkg=&cd1=top&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=616704c962b31624e671e171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.herald.co.zw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 11 Dec 2022 19:13:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontentvisibilityautostatechange object| marfeel object| mrf object| __cfQR object| _wpemojiSettings function| __tcfapi function| __uspapi object| dataLayer object| googletag function| siriusSetTakeOverHeader object| adsbygoogle function| disqus_config object| mc4wp object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| mrf_resized function| $ function| jQuery function| _extends function| _typeof function| LazyLoad number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| DISQUS function| disqus_recommendations_config object| siriusjs function| sirius_sidebar_loader object| wp object| mc4wp_forms_config function| Gator object| SMCX boolean| __cfRLUnblockHandlers object| gaplugins object| gaGlobal object| gaData object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname function| google_sa_impl object| googleToken object| googleIMState object| _qevents object| DISQUS_RECOMMENDATIONS object| regeneratorRuntime function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16707860177336 object| vglnk undefined| vglnk_16707860182547 undefined| vglnk_16707860184529 object| criteo_syncframe_state

32 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: El-5HuhaWsw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: yNJlZxvITNk
.herald.co.zw/ Name: _ga
Value: GA1.3.558125199.1670786016
.herald.co.zw/ Name: _gid
Value: GA1.3.1038939516.1670786016
.herald.co.zw/ Name: _gat_UA-28980530-1
Value: 1
.herald.co.zw/ Name: __cf_bm
Value: qT5StJ2aEpn6bP00mw1yZy9PUrgp3xAaNVAvzPglxxI-1670786017-0-ARTDLtBiOkDr+eX9tJblY8OWJvU6I2YEilDy72LxRCPRa3HvlZ5WU/VIyqAGnz5QnAD0/2nIzKTjgEW+yo3AalHSOm5+s0FbAtCqIoOedOPURUeTSZfuafKefL6fUGTVkuH+NUq6/rT0mc7ozZ4ISPM=
.herald.co.zw/ Name: _li_dcdm_c
Value: .herald.co.zw
.herald.co.zw/ Name: _lc2_fpi
Value: 801119ae28d5--01gm19pt9knzk1a4v3evxaqczd
.herald.co.zw/ Name: _pubcid
Value: 704e61a9-d1d2-40b2-b589-a2966e8859cc
.disqus.com/ Name: disqus_unique
Value: lvqi6a2a6teba
disqus.com/ Name: __jid
Value: m1lnrkgkmncr
.liadm.com/ Name: lidid
Value: 9e4aa884-b23c-46b4-9791-8940e0ba38c4
.adx.opera.com/ Name: UID
Value: OPU70fd6184ada945609fa431aee1d4c7f5
.technoratimedia.com/ Name: tads_uid
Value: GDPR
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 87253b2befc7ff17
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.adnxs.com/ Name: uuid2
Value: 8481611034023613484
.aniview.com/ Name: aniC
Value: 1670786018355-947897066707-009256-012-005528
www.herald.co.zw/ Name: _lr_retry_request
Value: true
www.herald.co.zw/ Name: _lr_env_src_ats
Value: false
.go.sonobi.com/ Name: HAPLB8S
Value: s8756|Y5Yr5
.herald.co.zw/ Name: __li_idex_cache
Value: %7B%7D
www.herald.co.zw/ Name: pbjs_li_nonid
Value: %7B%7D
.herald.co.zw/ Name: cto_bundle
Value: kmJX3V9oVVVZcThCREI5bWtmOG5IWWZzNjRQVU9sRVNHRTJ4UyUyRnR4NElHVTFMNUVZZUhiRXR1ZldXVWg4YXZvNU5LdVFHSkZ5OE9vOXpRWTlTS3clMkZrU0lISUVNSmp3c1FVRXcxJTJCNDZ5U1RuZTVvTHNFZnhTc2drUzQxWHVkMlQ5U1JaOA
.herald.co.zw/ Name: cto_bidid
Value: 8z0XFV8lMkZvS0g3RjduUW93VUhXV2tqcEh4TEMzJTJCaElzeGNRUFdqSjVOZjJhMDZkUXV1Nkk1OWlqRFVVWVBkJTJCWUNHNjFBcUslMkZDMlN2JTJCZXhhRlp5STNpQiUyQm5nUSUzRCUzRA
.bidswitch.net/ Name: tuuid
Value: 5a4c2cd9-faae-4989-8cf0-615e9aff0093
.bidswitch.net/ Name: c
Value: 1670786020
.bidswitch.net/ Name: tuuid_lu
Value: 1670786020
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7102f542-40c6-4d01-6630-9e65553e7ed9.rzMAKQEvEnD%2BEn5CrpBabwIuSRNkQPd2WzAP%2BAa5sXQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcQL1QkDGTQFmMJ5lVT5-2cEbDhw.wumrSRW%2BsGcR87MQb1FkPPDwBoaQDf39w%2FSUJxNPAqc
www.herald.co.zw/ Name: _pbjs_userid_consent_data
Value: 8316820400794021

7 Console Messages

Source Level URL
Text
network error URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd3xHTJEWR7OmUHrYFzIhCPxiXsVPgoL3g1QCp2jw8oLi.js
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://id.rlcdn.com/711970.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/711970.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/711970.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670786018355-947897066707-009256-012-005528%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.herald.co.zw/10-most-expensive-toys-for-big-boys/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.herald.co.zw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
acdn.adnxs.com
ads.pubmatic.com
ap.lijit.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
bc.marfeelcache.com
bh.contextweb.com
bidder.criteo.com
c.disquscdn.com
c2shb.pubgw.yahoo.com
cdn.viglink.com
cmp.quantcast.com
disqus-d.openx.net
disqus.com
eus.rubiconproject.com
fonts.gstatic.com
geo.privacymanager.io
go1.aniview.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
heraldlive.disqus.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idx.liadm.com
image6.pubmatic.com
jnn-pa.googleapis.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lexicon.33across.com
links.services.disqus.com
live.mrf.io
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
player.aniview.com
prebid-server.rubiconproject.com
quantcast.mgr.consensu.org
referrer.disqus.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.disquscdn.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssp.disqus.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.go.sonobi.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.adx.opera.com
tempest.services.disqus.com
test.cmp.quantcast.com
tg1.aniview.com
token.rubiconproject.com
track1.aniview.com
u.openx.net
ups.analytics.yahoo.com
widget.surveymonkey.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.herald.co.zw
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
api.rlcdn.com
100.24.192.38
104.125.24.254
13.32.27.115
13.32.99.59
143.204.215.42
151.101.128.134
151.101.194.207
151.101.65.108
162.19.138.117
178.250.0.157
18.156.0.31
18.157.100.67
18.194.50.17
184.24.9.113
185.64.189.112
185.64.189.115
185.89.210.153
193.122.174.27
198.148.27.140
199.232.192.64
199.232.194.49
199.232.196.134
213.19.147.45
2600:1901:0:8344::
2600:1f18:730:b140:4517:6949:e1a8:7c3d
2600:9000:206f:dc00:9:46dc:4700:93a1
2600:9000:2127:6e00:9:46dc:4700:93a1
2600:9000:223c:c800:6:44e3:f8c0:93a1
2600:9000:223d:1c00:d:6d12:1c0:93a1
2600:9000:223d:ce00:6:8656:f5c0:93a1
2600:9000:225e:a800:3:a4cd:8380:93a1
2606:4700:10::6816:3ef
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:811::2016
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9a
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638::3
2a02:26f0:480:580::2c79
3.224.217.10
3.72.195.124
34.236.140.33
34.98.64.218
35.157.246.167
35.173.91.17
35.244.174.68
35.71.131.137
44.207.237.92
51.89.9.253
52.17.7.52
52.207.92.75
52.222.214.31
52.59.91.148
52.85.5.57
54.197.177.246
54.90.77.112
69.166.1.10
69.173.144.138
72.251.249.9
82.145.213.8
88.221.168.201
00364ce9838a1664d394b6c90a4efe5add5c02f8a459fa92ede60f9fa4ff126f
02657b7eec9c3836c93c328d9dc23bada4b701b815409f62033815c0f2234eee
031b0abdd27b7e25f24e6af06187d461d0ac1513628ba574b7de6ca919c66131
03f7ebc85585134ad1fa0e322b662d86a83796f14c20962309ef4b0a65b8608c
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04dde2cae50bd31ae028d7bb5b96fab323ee4ff5b9f6f04cb9de7e1e6547a685
05eeb83492f1987b141ba56ce9aedf67a3b943ed23ea83ea5e8ae23b283684ae
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7
0743438207384132ac0219aa6ca9ed381e1c1cd6297b3a141c80439a207f909c
0ae1f9b432af233b1fd908cae2a9dfc6992c39f79f336922bb6402d535635ae0
0be6db59bcace781feb9759376ca0290ab893d5d7d4893cdd494be6f2e04226e
0c06ffb011657b70ad72581ae6c1b9d7cd706af5f431341d4149d772c6a3b800
0c55d3cd87b519263413bc45cf0a1830a650d5e68d52f226189df5afd55ea50a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f2161c1f4c0119411f9af2a627a2b3caa9e39998c1aa9523f6cc2b5dce11367
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
12d0d6781cbe475fd2fe751a8d5318a5f8ae1ec43e408b2ff6a3f69eca28d1f4
12dde2ed6eb91f1b3bfc5ca984674500c8b83827cf2f470439490069d36cebd2
13a56f9facd3dde408bf6dffed0e1f0aed2496dee83f8dfd140159c87f91ca23
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
145f33b4f19058351f1e56a7181ebffd8805900fbfcd68b664bc4607f891993e
16034fd960c5b9298ccb02e7647c07a7b14b19baf4f3f29b2c136442a0a3103f
175d613dcca17b62b2ab0c978cd06c26b4cb2e9a6b1fb4407f6227944b7867d0
1789a9d88fb1bba73737201d2759842d46838cde90c3cd212d70fc8a16609800
17d88482bda966745fc168eea1c9d24c8b40792a82bd67bc0549a2390dd31e3d
1a63d84871fa68b417f652cac82fa22742cba0504d45c4366ac16338bdb72ada
1b4624afa0e27e87d218cf9623e48f6a980524988bd4bcb3f729e07b57e5337e
1b93b2f3fee3e530a81516e59f322dbc35089fd11cf92ee5b63895418ede8fbc
1ba57a60d2f85a6186609bc16add0890610a5371c494c298bc102b16b0faa6a1
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
1ce08d6b57f8d244f2095b56c5fd51852d633eecb72323149be49670ff0a567e
1d53c2de4eadab50934362f3c24260615da82dd4f9f7e013a44af3c625bf873f
1dc436bb4c4cec1721c77602a843853dd3841d92cf7eb9e278cf5b3d86d78f83
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1ec72586ee09203fb70bea5255f366dbe561313ccc72a9f439ecb9a00c860270
20131f1da483b42d85788609e17853f8eb52fb71b650e1ec6a68ac94de31eb3b
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
23b2c6b25291b6b697e6573941c539493aa676801037a83dc112a52006d54949
23d19489c5249584038a50e7368a6620b85dbf30e9451639a58784e1a908dc4d
2436f09013691199a2ed0a8274f451a44319dd84ae150e949114df98eadbfdc8
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d069ff651ed54115f016a1c8e7667666b167add6dc90225948d546d02c1185
25d377b9311c6501f4ac5aaacf916fb3b393ef0d75bf79011410e21c3e27539f
26034e4924a666bd66127f8046fa8e9f4591d983f2bd38075a783af1ba951822
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
278f7c9d80a080385d0ac988d5dc97b7ec33d0ae378a4d8ae58afb6f03cb156d
29b14d5736897eeacda99627520131d90371ac19a072c4551b4a66685ed2720e
2b451c50ccd745190db9b648d58ddf77b52a783fda0dc1b68eb576e392029e64
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
2ceddf736092b6b56b9e3f9dfef0a7d84cd00f9d893cbffc360e930bb198595a
2dbe2702bfe6db30bcfd2ae6030e8c65ca767693fc3cb972c08fe11647c83836
2ef9f188dfef3424f6b479c475b4efaacab911ebeee36115060283c1774f1507
2fc6d04ea73cbfc7cf68d3b7d3edffa2d49ea04e9ff9e0bdab551899abdcd058
304465482860950312e32f446f00e76ab930acee0be8b4892176e9875344beab
3074be6ff5e0f232dd1080c058925917f2d7c67f1a103c67b56bdbfd43d66863
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
338688d734c3bd1e46aac55eb5378bd8226226bd6a2bb932be50fd3d9f657489
344b0e2ebae8cf126fe5cc154a88d0684f1c71ffbb9de145dc9a6715233eeba8
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34fde060482dea1645150186a75969cf69ce31157918376b4f99bec2903df50d
366beb0620a657ac6a964e6c74952bfbc34384c793617e7cd9757a5a5d43875e
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37989d66d7da422105656007fd8aa14684e4c9ec4cb93ca4912e4c5221040c67
383c2bd12f6e376ca4e505338b71ada9caa463499760752a69eb1a7a9f1547cd
385ad77259ca03879af9a51eeec61d0851864a3d4986a36a159dd3b4898fd1f5
393e74a1781cc1c269ad99835d30d1b07f60d3b42fe1e4f9d56d67d8207333df
394ae62355dec78031045f16264ca42c6e9415c9b727079f665c437232b05eb6
3a4d574f1aaa5f496dfca29260e5bcae372ad40e6bcf2dd0834be79e345aacdf
3b20501e3375db23566efb20066a8b4d63c78b383031b0e3f2a702607581396a
3b929b044f62474d33d893dcf913155c4ca0f4f71f0294b19c0e02a0d1712cf6
3be5ff9947e8bc864e5a43396923176a8b885de6ad720c6847269e94cd28b374
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e52423160f0eff541a321af6bb3a1f2392a8c01591e3a0936b13aec2ae01d83
3e981e924b21455635989b5c06b2fc664bde6d184bd857065bbb8afd7db949bf
3e9e3f1ce2542e569308abe5f833f0e1a0f18da64fb13b4ca6547bee5920ad78
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3fbfff128f1d52959aa00709111f11ebb4f940b6228ccbd154d5c1dfd96ea3bd
3fce8391acbe0f8be242713056c44bcfd0d22d3bb1bb0b83c4e17e1064e447d1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4012ec54be1af0d1e6ed5c48c7830f396d22d583dfe0855eed60d69c35dcb38b
41dd1df11fb9e3918ebd11e740541164aa5171425faad3bbe13c021b1af60670
425e1cc87e372111a60d4d52f9eb0a1395a0ad9b8b463b1f62b792ecbda6d0e3
425fea0960852b156c5f9d0b780dd42694f92fe15a8244f6b6df3edecafd7b0d
43a186bb5f930292e763629086b03aeae60313302c5a0d7975cdf31da9328cca
45d4023646074fd2d9504dc60a2565f938678e79af3f87a9337a3f977f20e69c
46a69da0b58713603c4ab10e0ed047a009145a17284ebd7f4752684bf54e9fdc
46d99b47751f42ef191482dd8c76ce9e68d8f8aaf29363f0689ae15f93dbbb3c
4714cbce7201ffb6e01a61dc53e64863ee8160b85942d331b651ea6d38ed8f94
471d9c51614415966135826ef532bb6a3fa995f1180f81651b46480168ad59dc
47ebf3fd42f35cb405ab4139463275b0abf8b60e4bb02f59e822f7887705c6b4
48f50a1a80a99305f6bce0226f09eb8739a0419af1666d10c9302fba122f1fe2
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4979c2c37b751481a21481f3bfe5ac17b017d6a550faff0f49d3a543fb27a7bd
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a737b6b6b80940e82f725d8fc56215729b7821f0ebfac6c250358397685cf17
4ac6548069d7b11fa6c364c23702d2ed116a37f0288da82e8be77222a42137e4
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d2d2f2900b4534d42501a7ba6a4d94f110c1c4d0dcfd5ff3da9d88c9382c0f4
4d37c00df70f24efaaf7ea5ad554d26246f61863ad26ecdddbcb19c19e81920e
4f7df7be7ee4ea8a3f0c4e99ee260c5728790be4be940698ea69bc8f5a12b2cf
4f93182a99c5ac4c822e9caf4b5fcfa1b145e43025eebb35408bb2586e16a1d3
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
508361dc4a471617cbcf9786a65a9c473bb318d83daafdbb39cdcd96f68a2b28
511d418bc0e0a2f62bcd855820981c21c19ad44d6d23fcfe3965ad12127d1161
514b51de0736e321d5e45654d3e1c548812364193aa5cd93f60b32f5d343bd17
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a74351914567bbd9618391f38825bb140d73dc1177234fe4e4c9c3e5121658
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5752d4a50658cddeceb586dccb5713bb9cf91efc2976d79f2a47248c010f192e
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
5878f711017eed3aa54e3e3bc401e9d4b2fd90c22f58394ca324e1fc51ca7e10
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be3ffa74348aa48ef6b3bb96c257ffa46fc137dbc3c0e473eedf2f11803f8f3
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d7c1dfdc43e708d16cb11c5160ab28d3b2aef0ddb2487babae7176857506230
5ffee454aea4bdf574dee5c2a6fd030a4cf029cf2900021002c7baffbb460209
61a10c94e285efcdf6a818bb2cff89f6480ad9c4924152b5e659b7c5172160b8
61b914d95fb3b7569bb01c6460730d8885057e2a89547436c22573e0e0866240
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61d0ba9e8d1a9ad5336a50260cf31fd91581cfccc18edb653c38e291a618aea9
622046605109307bcc57ff0664f666b903a4d34adcb213dfb49a98e61b0684fa
63ff96bf3f0e375e002a87c6a748cf154f872a9ebe837813d1173d635c925b18
657fbcccc7c4e8c29302e0b4b6497213c90de400f099a5fd9f494461d07c092f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4
68cc41c8bd4b99770b04e610917de3cf82f404ca4640579dfe4ad0a5fec7522e
69a7ce821ff802110f6298791556d67f6122b95ebc3fb792ce6e6a404aabdb53
6b14bffa5a0f903538cbde31fe3455a23f8515152156fdf8a21aeb131b89dd54
6ce5818232ce656ed91f90245af447c1168b8311fcd87ae6ea3e84a9a159d003
6d03f5e76de98a48d07c88e37b45bfdaa2ee2e42f4d75a426c4d3d80aa5b4c5b
6d128c29d14848d4417fd0e6540c33ecdacf1682ba73f418d044fdf800b8d50a
6d6748bf512788d25caaf7b902f6c068fadd3e51550e5fc35be0ca8824d6c6d2
6e63c25cc0b28931d342d95000bb0c8db4dc8d8795fe00f817bcfbdd32e4b7cf
6ebe2da9b77fd506d3b00c93fb1e519439dda21c34623a10990741cfbee8dfb8
6fb3c74a4a1230989535c17e4182e993709317517127f16c77ef310ca7049f33
71f337934418f2b756db0a1b920dca0b40a0c7432ae042b5e018571e1e32f645
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
75f956d1290310423d4152cc0988ec12b97fb4bb3338a8e8546bf1ec205dc3a9
77a422e412f2fbf4e4ef14ea79b5d2be9100e415e1652a1c8fd2be2f3c48761c
792e56d9d089ca054a331d3bbadaae4039fdb44e798fec8baf9b3b5bc02f79d0
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7be49cf57dbcdbc1526599e90e342fc4a651ef59659ef4a128110c50e9b43593
7c52e805c1b69dda11a886e212b418bc215aaec0df4369a90ee63264b83e7832
7c5797c2aad9d3eee84c57620ff5780d0b5ee64cb7e68f8eb5c8a1efb1e67685
7d0c838bd0090cac51b8a3df902a832c1488c963b3ca587902582fa35064f60e
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7f56c1f1790dedcf8dfa4ded601752ba138f043293f549182ca789f5a0ef5b35
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80e32c617882fefa028e72cb5c1f5ffaee11fa655ed38f77fc2fb6e51f2fb16b
8208d620893b885a91778378cf304bd40c73decf639ee1ec487e91804907ecbf
822aefe2366b78337a03c167fbd608b7c68e4719e075eb9d9a88096d9971a5a5
83b8b3b6be1d2dd637e73451d922f78b4e3af8c3b725b315dcb1257450eab5bf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f54f3612a52c2e015d27e22c52f4bd622ac50d2c80f756f147fa9d48dd8418
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872fdbf1d445fc24148a4025a848e9c9e7eee31730e98fc218f58b13d28461da
873a2a19dcfb158c552119466fb5b6e4bc286b2c983c1ff9b51038e996544547
880ed49999abd3baa789b4b1b3dcba75debc2b80f7a9afd881a7aef33c1fc5e7
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
889e320e7871d0e36ff6559a29ebe53ce7b716dc76593b31d63e0389ca5eae68
89fd43c5d890564fa5be3bdbdd81ab5a8020ee55f9e4f5d3a7da5cddf5bfa3c1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7081a22bd4f8d4d25e5d14bef1d8e273b1e88952f74c6102b22e67237af9d2
8a88e13f30c9b1309419461d8f4ee0c8a541aac32d93242599543bf7f2acdd4a
8ab0541f166cb321300a8e6f85299aa1de278c5f14a5feab547a7c5aed2ffdad
8b54839a323527aad7f7d6a8a030530ed6966eecda1152259556c25f901d267d
8b58cca962af3de528377062798f8a18cc4596afe3f46d224f2e46104621d8b3
8c5848d2213dfb81e31e71a3756825dc1e4c865d9ef69925f37c9a51a4c659c5
8c7bbbfe3b5aaca3aab570ee3116ef8517cf5d26250ecdf13a185b8e355887ee
8cfc7bdd5249918e71b11dcc1a1484822608860408b38d5eb755db6666a73426
8db28c991cebffa3e7f0201e4b2324145ac29519b3add1d456f2bef3b40a05fd
8dd28e7681ada525cd32f48f07ae01c558153b1cdecf40c597478621b2988043
8ff45a49b6473537e28fedfb560b68a59055e6dfb29ced8ae460a17aa79dec70
919ae8eb044beb661de50aa309776e6c649410d1c89c903dfd678c3f51a6491e
93036c9e8437f16bc9993efd5b31ac277fdf50532bf437fe950b155920f45fb2
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
9600b8a56b9f944505ff4be3727725acbe9f77520a18ac23191b7c879f8469ac
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
973d042ecdaf814928d7c20df54e8c79c8ad1fd1b2c0732adcefafc76c7f3ff9
98bdbd1888dba9cd4e0d4c162d63ee59e9fb2af1687705312e4370f8fc1f43ce
99d29993a2f4b899200b6fba42c1d7c73d1ea0431e9e8579c5beaaabc3c1ee8e
99e68199e07cf56e9e05fd0188dbfd7e020685dc2861c04177eed58ee605ebf4
9acb4f344d8803028c544bbfa401403ebf1df3ffaea5160982cafdd664d71e78
9b5fc236022726838ed4b3621ae59c6e7baa8052a2269bfb9e1d2a1f6e709894
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dce2b4fd512012ed35f39ec51bf1553a27a0667af55a2f643530b1114bd9f12
9e5c15580c6b9b0db29719a0db5a12864ffaeace46e7a7bd9ef3944e90ddc5aa
9e74777d97ae2854b7c34997b19f4f51ee25f79717d834afde7f490d75a7b2f3
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a0154780b6970e0f7ce884816e544900dd23c96e19058aef6064a8ea30787a06
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a4206ee026b9335b7c91314fef30f7c50e383afec63fec57852e6e45c916e6b7
a4e4cc43e3b71e1651432d60cc30bfcb7b1e0315e719c828b3735dc1554a2d0d
a7180d62c7a773a5eb7ca3c47192661f27c3663386092c3fce5de967c098467b
a8233a6426d9a9ca4b75cbe24c22e2fd9b550941eb359c6b2f7167104a2240fb
a9092e468d85fbabb16b57cd616659d6c5ebdfee3a97698a1941ee6b94ca76bf
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa116ddf6b8f627f52441570880bacbe33feb7b792c717daaa660df478581a1c
aa3a32e18e58234d9e4060ee9e46876ed0aa8d1fe2f18336a4162eb51ce65054
aae06d7a164549a0636cde8f030b7ebdae1342d820e31f7b3880eb93e1a6fc77
ab33ea844ba39b32d4d70c8532794d51f77d6d5fcb5ad9c4ddf2d7e1da67270b
abacfa18472a4ace0034615d9219c5d3585292b5920881c434f7a3382f7cfc57
add680b93a2caf9a01ed8d2e06387105f7187601a2dcfa3f84f990f72d2bd356
ae52781983ac18a7044faab49a056f83c652f2cad2fd7b59d019c30e221f302b
afe020da20b7aad5cc185b3851261cd16b7c5be7f9a45f732bd27820de065f67
afe310a561a4861af55273b44b87040d4c8a39b8c84751f640e3f545115c0a4c
b10bbe86b3ee490805801b29dd03367964199f98e0df4b7cddcc794f11ca20a8
b125c4bf7daecd2b77ed195fbec360e681aff6e78582d3567cecb8349b5bb759
b1ee2b6dbbac77d3fff0068d3f500230d50209b803b61ccabda1a28bb1a8c03b
b33d6487e6e062b68eeca32ff4c4e66644a6ffe2c576bc7f0b265b8b8d91adfd
b3f0c14df82ade4e990a0b7556bcc3c2ce5d833fd5bf36a2644c1c5ce348608b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5ff78341463bd81bf37fe9fb08ecf25efbfa295c71b57b82aa4f43d946df34d
b6d39508164d7015990a918eb8f035aa7040f943a834f028f843046855991fcd
b8a88e8ec4dd3f6621a982afcd8ef96e41a658f3b3fb5a0af2e442a41ad9ba4c
b92ef9d951462eb871bce25c07ce90de0addb35e85c15f50ab706f14df5ed9fe
bae2884484504605f967fc20dac8e05b9ae7b7b7718493b768ce764cf199f47a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc21135603467b1416061aa41799c1a454c253bda2440ca2ffaae60c1c3f8595
bc30d3115fa31557e01b293919640cdf5de0717613b890e3a3a0aec3ffc73572
bdef47011cb0278ce9ec2a3451d950ba6a0cf7aad19a0ae0feafbd11912627bf
be4ccf6f0f6b7abd06c20fafd905b6f0a4b0bc521a9189ec1fe19eb38dcd9582
bf006973239d2e49776fdbd626a7233150ae7b4ef2a69b358b4fa090ce06d264
bfbda034e4cb2883b046071f2cc21d840f5271e491628af7ebb9ac8f27fd1ce2
c0d08d5fd7f434471abd0ea32df3c3cb92d9f0208d069803cb3a0492d4cab92d
c288290453ddbd2788cd6a43c2a70891581bcc145ff9c94d43b1caf537e9632d
c2b4ba530e174ef0234c07b16f8cf72a73dc9bed837e4c5f8eaad46f13f5edee
c2d1f8c88f91f08d16c981b56c9c524ecd15443b8b6a1f6ffc3182451e2ca6cd
c3275f8e6afbffd72574602a964ea4cce112922a81a8fb0e1e2ea56a27b55bbc
c44be4b987d3b9a0394a04ecca2176548dee3a9282afd93aae45cfc3b03c82b4
c5537b8e22d98409891207b8fcdc960a93ac332726529bc8b49a0d161354c0aa
c5929c6af60e3b72c6da5399fe88914d6dc62842be6d2fcf3b4beb67a8ae8e9f
c703d142c76af8c5072842d48b8ffa413af338325c68e8b8c5728c9dd3377195
c86c64c9ba52731c39b20c63d6ac97288daf47ac3936a2e33a2b2b15239e978d
c8e4073baf9990438a3d71b3e6f64d6fcedb743149a9c8653cd92c18beeb902a
c9cf5b01103bbd219814a864ef7698cdf4f7707e5791e091dd26a4bf2e7c988a
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca8a32cf317fcae39004583dbd1a004cd7ad75b076693db3230797f509f5e68f
cafbdef4d269b296fcebd9fb7ed15188b9bd9261ee33990f27330baf19562406
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
ccc1c7567bc104604261d962eb6d79329dc403f8faccfd97a80d72dd2924e71a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd48609b2f3db4ab7f3bf9b77a44218855d9f03519af9f3a284d81144c1dacd5
cf12a057da007612453f251861f2324c0ca083741bc0ed5cc7be8f99f7567f96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d15dcaf577df90ad67d9a626fdc7974d75112569244681bece77bf07a13c37b0
d1955fddc171df4e83df5ab74b0bdf5d1158d08f94f9ec52cfd51b349c7b9ca1
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2fb6f79d7a4ab0226ce9634cc960a4430c488459219c956d350868b39f20783
d375744f3196b797c8e10f2d5451b2628266f025c2120a68e377dc9414d634f3
d38131b25cf8046eea120b271d661da4e1b47e95c52f82eb34a9ab7bb90ee883
d38654998cd8287e888f668211ce6481d7cd41648413b52f4d3349d41d557f63
d52afc7af55d830c6bf86926a8f179a5a87b264dc886a9a7f40ee1aae55d85e8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87e24b744a8a0f33391ee8787681298534019d2ebfe0197af8ea6eef934db45
d88e365b746a7b7aaf6291be723ab7db0bca1eaf7ec3d9f0df30955d486f65a7
d915c1a38320682d4c8e6fbe119889d26a91958f472d10808c161f938fc14957
da4902d43307f3fc7c18d55863b3d271b175d06d2ea59ebfe45178b4c6b7cd30
dd4f783bb5bc7848bf1c54007077d7bda64a6dfe394feb67d7cc22c50bde0574
de217d5df635f4d6700b77c80d7cd3257cf438d605c4abe3d0e087eedbc9f774
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5117cd8a91fd1f36ad2426d871f709a1e758f338e3b95c83e6f86f1e66e1d6
df954b97e550d2a4492534947721e203b2ec1e696fd8dab63228e72b723a8558
e24e17e6dc780fb3a432e1a84348975b990d6a5e03e2accce47a3505cbc5571c
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e54bda451bb81f99cf473297523f48b6c313510fee73931956737575456ab9fb
e5accdf2d955f22a7448668e8b6caedd1cea3a2bfa4cd5295f6a6f6c27b1130a
e8fc6851aa3d39205606501d8fc9851ef9698320f3018637764f564ef299a74d
e8fcb3079cb44b316e0b00aa6e6f94f43b6f44cd1dc47a0f9ae7d9c0a57b3b5d
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eaed0694a91d758d18f41c404efb77d2ba6244d4e306b9d20fe3ef9ffffef101
ec1e32d0a126cf7d71ca8c6829bc5bbbe44707e1c2a7ecb36e673dcd34aa0ad2
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec3d428eaf879bcdb038ffca01a757b8d480da85c6f004281be66393caac79c1
ed2bc020867a01953213a9f7c52006c92a62bb578a07db1fb776480ea8814daa
ede5765143e80285cb1b66e247b53c33b86bc53c5ced82c50c14b98ce1502359
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eec6f3b61d41e4d5c21097047597a26a4abd1fd7b3dcdd3b9b296a43c3d372b0
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f04c269ba385c4f87a6729df8c4c3b15dd290370db95528db9768bec120e0d57
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f08e45b5a5473b835f1959f5f427efb577c595b38e04dac76ed50f1883bb4f2e
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f279c5cca4f899d995eaed1c898dfc52c89ea2a43e74fb99be2ea699b3601852
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406
f2ece72c47ae7556646eeb39fa6215988fc30d1d26e7b41c25981301e1fe4bb1
f47f8034b4f08f1c4f05a6a914d7ba6fe966a0112d5ec0cbbae2cd7b35b6407b
f57e954ded8fb65ad80201826bcf203e4d85af43b3fa3aabafe2e3fed8a8f65f
f60211d8b388b961a031e3247f17ca502c73bf5860d9d88a6ce23f07649d6d84
f6f6e58dd8b18b2e28c9a0b91014b4c490b77f1322b56789547981844841a5fd
f80e439b91567522bd821ed26f65a48e3593e616ed2450276b3d36abd8248c7c
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f8b9dd568b8feb080fef054c8de7dbb15f666f32e0f8da0baa1be0b7a4d72699
f959f9d77cb7d1e8a2913402fca211c770114a000d70f36a8256afe28e508263
f97c959ae973480f957798e084b5b1018a8cb08077698a264dea44c42a3978ff
f97f4b94c3e340ffc3f6a09b7fec1b8ce40650b4db10cc6bb146504ccb13f989
fa526ee31ee8aa7cdad348b3999171f50a35c811f1b87372b7415d1c8dfab359
faca440dcd5075b4b475949957915ff2dddbe515a774e572ea108de0403df1e7
fb44b43649dae8f906670f0060f6aa9034c8f474bced644a88dcce23d67b57b4
fbb2fe574d89f501750f1c1c97c6934f18e389e9428a0a29af239c28d6c27fae
fcb97e3db603e22246181f99967bff349999be251a9e17db8bc22285f8c7010c
fd6e54a3a5a61eba26926c464c964861f767f2578ca6d9ec1c4ccca32d8316f6