www.herald.co.zw Open in urlscan Pro
2606:4700:10::ac43:1d7e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herald.co.zw/
Effective URL:
https://www.herald.co.zw/
Submission: On July 30 via api (July 30th 2020, 9:37:24 pm UTC) from TW

Summary HTTP 84 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 84 HTTP transactions. The main IP is 2606:4700:10::ac43:1d7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.herald.co.zw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.

This is the only time www.herald.co.zw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:2ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2606:4700:10:... 2606:4700:10::ac43:1d7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.114.207 151.101.114.207	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:214... 2600:9000:214f:5c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:3200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	35.156.249.121 35.156.249.121	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.65 13.225.87.65	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:7600:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.254.3 13.35.254.3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
84	22

1 2606:4700:10::6816:2ef (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

herald.co.zw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:10::ac43:1d7e (United States)

ASN13335 (CLOUDFLARENET, US)

www.herald.co.zw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.207 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bc.marfeelcache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

heraldlive.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:5c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.249.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-249-121.eu-central-1.compute.amazonaws.com

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-65.fra2.r.cloudfront.net

widget.surveymonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7600:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-3.fra6.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	herald.co.zw 1 redirects herald.co.zw www.herald.co.zw	1 MB
6	consensu.org quantcast.mgr.consensu.org apis.quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	205 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	137 KB
6	ytimg.com i.ytimg.com	22 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	90 KB
4	disqus.com heraldlive.disqus.com	6 KB
3	gstatic.com fonts.gstatic.com	35 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	google.com 1 redirects adservice.google.com www.google.com	350 B
2	google.de adservice.google.de www.google.de	274 B
2	googletagservices.com www.googletagservices.com	43 KB
2	youtube.com www.youtube.com
2	marfeelcache.com bc.marfeelcache.com	5 KB
1	surveymonkey.com widget.surveymonkey.com
1	quantcount.com rules.quantcount.com	346 B
1	googletagmanager.com www.googletagmanager.com	25 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	googleapis.com fonts.googleapis.com	853 B
84	19

	Domain	Requested by
38	www.herald.co.zw	www.herald.co.zw ajax.cloudflare.com quantcast.mgr.consensu.org
6	i.ytimg.com	www.herald.co.zw
4	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
4	heraldlive.disqus.com	ajax.cloudflare.com heraldlive.disqus.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	quantcast.mgr.consensu.org	www.herald.co.zw quantcast.mgr.consensu.org
3	fonts.gstatic.com	www.herald.co.zw
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.googletagservices.com	ajax.cloudflare.com pagead2.googlesyndication.com
2	www.youtube.com	www.herald.co.zw
2	bc.marfeelcache.com	www.herald.co.zw bc.marfeelcache.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	widget.surveymonkey.com	www.herald.co.zw
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	pixel.quantserve.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.herald.co.zw
1	ajax.cloudflare.com	www.herald.co.zw
1	fonts.googleapis.com	www.herald.co.zw
1	herald.co.zw	1 redirects
84	29

This site contains links to these domains. Also see Links.

Domain
www.sundaymail.co.zw
ebusinessweekly.co.zw
www.chronicle.co.zw
www.sundaynews.co.zw
www.b-metro.co.zw
hmetro.co.zw
www.kwayedza.co.zw
www.manicapost.co.zw
southernafrican.news
www.ztn.co.zw
www.starfm.co.zw
diamondfm.co.zw
capitalkfm.com
nyaminyamifm.co.zw
printhub.co.zw
www.facebook.com
twitter.com
newshub.co.zw
www.classifieds.co.zw
www.property.co.zw
www.webdev.co.zw
www.paynow.co.zw
www.topup.co.zw
www.youtube.com

Subject Issuer	Validity	Valid
herald.co.zw Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
marfeel5.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-07-17` - `2021-07-18`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
surveymonkey.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.herald.co.zw/
Frame ID: F0AD49A40BDF03A12818E3C8FB675DDC
Requests: 78 HTTP requests in this frame

Frame: https://www.youtube.com/embed/469_RGrPW60
Frame ID: 22F0EA1C56F5C55D5DA060C123994A95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200729/r20190131/zrt_lookup.html
Frame ID: 8E37D169C16F783CA1295A7B0C83ED2A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iIEy1JHT0-M
Frame ID: ABDF8E3D3F810149EE76C63CCFCA5BED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7429385817508822&output=html&adk=1309968118&adf=3288313458&lmt=1596141475&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&format=0x0&url=https%3A%2F%2Fwww.herald.co.zw%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1596145025870&bpp=74&bdt=2534&idt=320&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3435923124670&frm=20&pv=2&ga_vid=287475671.1596145026&ga_sid=1596145027&ga_hid=192538741&ga_fc=0&iag=0&icsg=2251983025078208&dssz=65&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3121985828060987&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=903
Frame ID: 99852ABFD251B4E080B19CFB43E43DE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7429385817508822&output=html&h=154&slotname=3576371520&adk=3902221545&adf=2830833273&w=680&lmt=1596141475&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&format=680x154&url=https%3A%2F%2Fwww.herald.co.zw%2F&flash=0&wgl=1&adsid=NT&dt=1596145025870&bpp=6&bdt=2534&idt=392&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3435923124670&frm=20&pv=1&ga_vid=287475671.1596145026&ga_sid=1596145027&ga_hid=192538741&ga_fc=0&iag=0&icsg=2251983025078208&dssz=66&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=2669&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3121985828060987&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dMtBjFbMML&p=https%3A//www.herald.co.zw&dtd=953
Frame ID: CCB6D658976FC753DEE36165CE15F359
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: C45B0A15838A49007D94931F1F461EED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://herald.co.zw/ HTTP 301
https://www.herald.co.zw/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

84
Requests

100 %
HTTPS

76 %
IPv6

19
Domains

29
Subdomains

22
IPs

3
Countries

1780 kB
Transfer

3573 kB
Size

8
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sundaymail.co.zw/
Title: The Sunday Mail

Search URL Search Domain Scan URL

URL: http://ebusinessweekly.co.zw/
Title: Business Weekly

Search URL Search Domain Scan URL

URL: https://www.chronicle.co.zw/
Title: Chronicle

Search URL Search Domain Scan URL

URL: http://www.sundaynews.co.zw/
Title: Sunday News

Search URL Search Domain Scan URL

URL: http://www.b-metro.co.zw/
Title: B-Metro

Search URL Search Domain Scan URL

URL: http://hmetro.co.zw/
Title: H-Metro

Search URL Search Domain Scan URL

URL: http://www.kwayedza.co.zw/
Title: Kwayedza

Search URL Search Domain Scan URL

URL: http://www.manicapost.co.zw/
Title: Manicapost

Search URL Search Domain Scan URL

URL: https://southernafrican.news/
Title: The Southern Times

Search URL Search Domain Scan URL

URL: http://www.ztn.co.zw/
Title: ZTN

Search URL Search Domain Scan URL

URL: http://www.starfm.co.zw/
Title: StarFM

Search URL Search Domain Scan URL

URL: http://diamondfm.co.zw/
Title: Diamond FM

Search URL Search Domain Scan URL

URL: http://capitalkfm.com/
Title: Capitalk FM

Search URL Search Domain Scan URL

URL: http://nyaminyamifm.co.zw/
Title: Nyami Nyami

Search URL Search Domain Scan URL

URL: http://printhub.co.zw/advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: http://printhub.co.zw/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheHeraldZimbabwe

Search URL Search Domain Scan URL

URL: https://twitter.com/HeraldZimbabwe

Search URL Search Domain Scan URL

URL: http://newshub.co.zw/
Title: E-Paper

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-electronics-160
Title: Electronics

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-cars-vehicles-15
Title: Cars & Parts

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-building-supplies-24763
Title: Building Supplies

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-services-24369
Title: Services

Search URL Search Domain Scan URL

URL: https://www.property.co.zw/
Title: Property, Houses

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-home-garden-kids-17
Title: Home & Garden

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-leisure-sports-travel-24774
Title: Leisure & Travel

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-commercial-supplies-24778
Title: Commercial Supplies

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-health-fashion-beauty-24733
Title: Fashion & Beauty

Search URL Search Domain Scan URL

URL: https://www.classifieds.co.zw/en/zimbabwe-jobs-14
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.webdev.co.zw/web-design-development/
Title: Web Development

Search URL Search Domain Scan URL

URL: https://www.webdev.co.zw/domain-registration/
Title: Domain Registration

Search URL Search Domain Scan URL

URL: https://www.webdev.co.zw/email-hosting/
Title: Email Hosting

Search URL Search Domain Scan URL

URL: https://www.webdev.co.zw/hosting/
Title: Web Hosting

Search URL Search Domain Scan URL

URL: https://www.paynow.co.zw/
Title: Online Payments

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/
Title: Airtime & Bills

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/pay/zesa-prepaid-electricity-token
Title: Prepaid Electricity

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/pay/city-of-harare
Title: City of Harare

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/buy-netone-onefusion-vouchers-online
Title: NetOne OneFusion

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/buy-telone-adsl-vouchers-online
Title: Pay TelOne ADSL

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/buy-telone-blaze-lte-vouchers-online
Title: TelOne Blaze LTE

Search URL Search Domain Scan URL

URL: https://www.topup.co.zw/broadband
Title: Broadband Vouchers

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=I5jIn26CfjM
Title: Govt donates food to Johane Masowe Apostolic sect members

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=hQdrS_wdM8A
Title: African Apostolic Church leader Archbishop Paul Mwazha succession wrangle

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=iBjr_vTcmTg
Title: Prophet T Freddy on his demolished church

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zOcGRM89xOg
Title: President Mnangagwa visits hospitalised security details

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=9fuhAgpWlaA
Title: #COVID19ZIM: Police launch lockdown campaign

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=lu34BXNOzLk
Title: Access Finance - Feed a million

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheHeraldZimbabwe/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Zimpapers

Search URL Search Domain Scan URL

URL: http://www.webdev.co.zw/
Title: Site & Hosting by Webdev

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herald.co.zw/ HTTP 301
https://www.herald.co.zw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=192538741&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald.co.zw%2F&ul=en-us&de=UTF-8&dt=The%20Herald%20%7C%20Zimbabwe%27s%20largest%20daily%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=606115588&gjid=1718087058&cid=287475671.1596145026&tid=UA-28980530-1&_gid=552781677.1596145026&_r=1&gtm=2wg7m1N3HF3JF&z=1498578466 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_gid=552781677.1596145026&gjid=1718087058&_v=j83&z=1498578466 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_v=j83&z=1498578466 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_v=j83&z=1498578466&slf_rd=1&random=1160032173

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.herald.co.zw/
Redirect Chain

http://herald.co.zw/
https://www.herald.co.zw/

133 KB
19 KB

1016ms
971ms

Document
text/html

2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2369e54bf923ac56ec28b8fd440770eb9e9e44ca8430cb83aedef3f59d7cc618

Request headers

:method: GET
:authority: www.herald.co.zw
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 30 Jul 2020 21:37:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d975f169d6d6c5e0e214fe7c022e5429a1596145022; expires=Sat, 29-Aug-20 21:37:02 GMT; path=/; domain=.herald.co.zw; HttpOnly; SameSite=Lax
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 30 Jul 2020 20:37:55 GMT
cache-control: max-age=0
expires: Thu, 30 Jul 2020 21:37:02 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0443414cec000097ead18da200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bb237f4ab6297ea-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Thu, 30 Jul 2020 21:37:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 30 Jul 2020 22:37:02 GMT
Location: https://www.herald.co.zw
cf-request-id: 0443414c95000064e5c8179200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5bb237f42a8264e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gardac-sync.js Show response
bc.marfeelcache.com/statics/marfeel/ 9 KB
4 KB 178ms
50ms Script
application/javascript 151.101.114.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 08488d175ed222ebe005013e57c4394f1cd0aaf4cb7261c697bbd24be7a1d2ba

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: br
x-b3-traceid: 9d8784aa90614063b8444fdc74552241
x-mrs-cache: HIT
status: 200
x-mrs-age: 30126
content-disposition: inline;filename=f.txt
x-served-by: mshield-b-02, mshield-f-03, cache-yul8921-YUL, cache-hhn4074-HHN
x-mrf-age: 0
x-timer: S1596145023.493485,VS0,VE1
etag: "0effe32da1a9048b77ff16f8cd2c5ae5c"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86401
mrf-cache-status: H-HH
access-control-allow-headers: x-requested-with
x-cache-hits: 2, 1
date: Thu, 30 Jul 2020 21:37:03 GMT
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2f.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: YUL62-C1
x-mrf-lastmod: 0
x-cache: Miss from cloudfront, HIT, HIT
x-mrf-rendered: 1591379553326
x-b3-traceid-primal: d068e0d699764bc8a5b338e7e411fef5
content-length: 3607
x-mshield-cache-status: HIT
x-mrf-type: SECTION
server: nginx
x-mrf-shard: all
x-mrs-cache-hits: 2
accept-ranges: bytes
x-amz-cf-id: CyQcyf8rgxCy5o0offPdMDpo1SrxW0BQubGULaWKVahRpOKesykl0A==

GET
H2 200 sirius.min.css
www.herald.co.zw/wp-content/themes/sirius/css/ 36 KB
7 KB 20ms
20ms Stylesheet
text/css 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/css/sirius.min.css
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fcb3079cb44b316e0b00aa6e6f94f43b6f44cd1dc47a0f9ae7d9c0a57b3b5d

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:03 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 20775419
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-cached-on: Tue, 03 Dec 2019 09:52:43 GMT, Tue, 03 Dec 2019 10:25:53 GMT
cf-ray: 5bb237fbe9ed97ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341516f000097ead1946200000001
expires: Wed, 02 Dec 2020 09:52:43 GMT

GET
H2 200 herald_logo.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2017/11/ 5 KB
5 KB 17ms
17ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2017/11/herald_logo.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832b01798d3505ffdd094079a9f9181eb7496653ca69d8c16cdb0382866aa739

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:03 GMT
cf-cache-status: HIT
age: 344736
cf-polished: status=not_needed
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5104
cf-request-id: 0443415223000097ead1952200000001
last-modified: Fri, 01 Dec 2017 07:39:26 GMT
server: cloudflare
etag: "13f0-55f4277cda780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Mon, 26 Jul 2021 21:51:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb237fd0ac197ea-FRA
cf-bgj: imgq:100

GET
H2 200 IMG_6496-100x100.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 2 KB
2 KB 70ms
66ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/IMG_6496-100x100.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d3ad9dcb910afa916f421ccebc7a7f0602208c7d5d7ea1728cdf8e10c97b5e

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 74624
cf-polished: origSize=2494, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2131
cf-request-id: 0443415461000097ead1989200000001
last-modified: Thu, 30 Jul 2020 00:09:23 GMT
server: cloudflare
etag: "9be-5ab9d7c1433bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 00:53:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d4b97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 UMP-CHITIMBE-PRI-SCH-005-50x50.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 1 KB
1 KB 70ms
67ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/UMP-CHITIMBE-PRI-SCH-005-50x50.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb0dfb4cac02ee153045c07ede53d5b19e7b93be74e152108fc2dfd04cc0eb7

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 70606
cf-polished: origSize=1627, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1258
cf-request-id: 0443415461000097ead198a200000001
last-modified: Thu, 30 Jul 2020 01:31:24 GMT
server: cloudflare
etag: "65b-5ab9ea168511a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 02:00:18 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d4c97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 1512-1-1-TONDERAI-KASU-50x50.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2019/12/ 1001 B
1 KB 69ms
66ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2019/12/1512-1-1-TONDERAI-KASU-50x50.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d321b148166a3362f3b726c214f0f5c3ad663fded63c0675342d093411cbf064

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 73721
cf-polished: origSize=1373, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1001
cf-request-id: 0443415461000097ead198b200000001
last-modified: Sun, 15 Dec 2019 19:05:32 GMT
server: cloudflare
etag: "55d-599c2c7742c2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 01:08:22 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d4e97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 272A1624-50x50.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 1 KB
1 KB 69ms
65ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/272A1624-50x50.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6af564a066837aed5f9639ced9d98bd645b1033786f42e7e6a7a6fe8e7c805

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 74763
cf-polished: origSize=1635, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1267
cf-request-id: 0443415461000097ead198c200000001
last-modified: Thu, 30 Jul 2020 00:29:10 GMT
server: cloudflare
etag: "663-5ab9dc2ce4200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 00:51:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d4f97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 EQ_FrN9WoAAt2_e-50x50.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 1 KB
1 KB 71ms
68ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/EQ_FrN9WoAAt2_e-50x50.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779031b89f5cdb999d37598edd81cc9af2bb147fcf3376bbfda78bee1ed5dcc0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 72490
cf-polished: origSize=1513, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1145
cf-request-id: 0443415461000097ead198d200000001
last-modified: Wed, 29 Jul 2020 05:56:38 GMT
server: cloudflare
etag: "5e9-5ab8e381446e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 01:28:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d5097ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 2907-1-1-PAGE-2-POLITBURO-50x50.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 1 KB
1 KB 68ms
65ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/2907-1-1-PAGE-2-POLITBURO-50x50.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c833842f9675f8de1bfeface3798dc4f71ef33dd459d56596f07edc058e21cc

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 74763
cf-polished: origSize=1436, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
cf-request-id: 0443415461000097ead198e200000001
last-modified: Thu, 30 Jul 2020 00:31:46 GMT
server: cloudflare
etag: "59c-5ab9dcc22fad4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 00:51:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d5197ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 default.jpg
i.ytimg.com/vi/I5jIn26CfjM/ 3 KB
4 KB 65ms
61ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/I5jIn26CfjM/default.jpg

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1b3037a9c4238f1406e16082c90d98a398996ae96d368628edd891f3f3f61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 20:13:41 GMT
x-content-type-options: nosniff
server: sffe
age: 5003
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3495
x-xss-protection: 0
expires: Thu, 30 Jul 2020 22:13:41 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/hQdrS_wdM8A/ 4 KB
4 KB 66ms
62ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/hQdrS_wdM8A/default.jpg

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa19126b9780d64eb404ef69200cf0d1b4fd8e1cdce41665dc3450c392c9d0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3839
x-xss-protection: 0
expires: Thu, 30 Jul 2020 23:37:04 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/iBjr_vTcmTg/ 3 KB
3 KB 66ms
62ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iBjr_vTcmTg/default.jpg

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c745d27196bd9f6bb5a99cdb8c74db3ce1d0f5bffbc500d9d12e1ae325d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2781
x-xss-protection: 0
expires: Thu, 30 Jul 2020 23:37:04 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/zOcGRM89xOg/ 4 KB
4 KB 65ms
62ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zOcGRM89xOg/default.jpg

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a83d35a00a12ce6f99deb5b41500b4428aaad4496ed92f12c0ee9cfc577377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3929
x-xss-protection: 0
expires: Thu, 30 Jul 2020 23:37:04 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/9fuhAgpWlaA/ 4 KB
4 KB 66ms
63ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9fuhAgpWlaA/default.jpg

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ef76751d974b7e0ce6993dd07047e76bb36ce4002ecd40ae26288419abbe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3651
x-xss-protection: 0
expires: Thu, 30 Jul 2020 23:37:04 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/lu34BXNOzLk/ 4 KB
4 KB 75ms
71ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/lu34BXNOzLk/default.jpg

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1dff1accc994a2a64efd22f8374e7d64914e2f7b215816393b1bd52679a3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4143
x-xss-protection: 0
expires: Thu, 30 Jul 2020 23:37:04 GMT

GET
H2 200 EQ_FrN9WoAAt2_e-360x226.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 12 KB
13 KB 69ms
66ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/EQ_FrN9WoAAt2_e-360x226.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae2652b1cbb2a36d9e4ba862d874a5a453fe1802f04ba3c6e3cf4c33d8a302d

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 134031
cf-polished: origSize=13049, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12705
cf-request-id: 0443415463000097ead198f200000001
last-modified: Wed, 29 Jul 2020 05:56:38 GMT
server: cloudflare
etag: "32f9-5ab8e381446e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Thu, 29 Jul 2021 08:23:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d5597ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 IMG_6496-360x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 8 KB
8 KB 69ms
66ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/IMG_6496-360x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1f0ab8e1f15897d74debff8813ea45721702ae882d9106ad54ceade7eb30f7

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 33370
cf-polished: origSize=8427, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7970
cf-request-id: 0443415463000097ead1990200000001
last-modified: Thu, 30 Jul 2020 00:09:23 GMT
server: cloudflare
etag: "20eb-5ab9d7c14629b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 12:20:54 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d5897ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sirius_logo.png
www.herald.co.zw/wp-content/themes/sirius/img/ 1013 B
1 KB 765ms
762ms Image
image/png 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/img/sirius_logo.png
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74cce62e23cee80e0c3223a7f562806ed7954183efd408fef0c5592e7918ff1d

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=1961, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1013
cf-request-id: 0443415463000097ead1991200000001
last-modified: Tue, 26 Mar 2019 09:28:45 GMT
server: cloudflare
etag: "7a9-584fbf2993415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/png
expires: Fri, 30 Jul 2021 21:37:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238009d5a97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 css
fonts.googleapis.com/ 6 KB
853 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:400,700|Merriweather:400,700

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10a8c25fe06211de274f0e3797007fa0113ee9cfdd2db9101b28406532c68206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jul 2020 21:37:03 GMT
server: ESF
date: Thu, 30 Jul 2020 21:37:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jul 2020 21:37:03 GMT

GET
H2 200 sirius_icons.css
www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/ 3 KB
889 B 79ms
79ms Stylesheet
text/css 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.css
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d39508164d7015990a918eb8f035aa7040f943a834f028f843046855991fcd

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 20776433
cf-polished: origSize=3722
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0443415196000097ead194a200000001
last-modified: Tue, 26 Mar 2019 09:28:49 GMT
server: cloudflare
etag: W/"e8a-584fbf2ded81f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
expires: Wed, 02 Dec 2020 09:52:43 GMT
cache-control: max-age=31536000
cf-ray: 5bb237fc2a2197ea-FRA
cf-bgj: minify

GET
H2 200 slick.css
www.herald.co.zw/wp-content/themes/sirius/js/slick/ 1 KB
505 B 21ms
20ms Stylesheet
text/css 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/slick/slick.css
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 20775418
cf-polished: origSize=1776
status: 200
cf-cached-on: Tue, 03 Dec 2019 09:52:43 GMT, Tue, 03 Dec 2019 10:25:53 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04434151ef000097ead194d200000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 5bb237fcba7e97ea-FRA
expires: Wed, 02 Dec 2020 09:52:43 GMT

GET
H2 200 lightgallery.min.css
www.herald.co.zw/wp-content/themes/sirius/js/lg/css/ 20 KB
4 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/lg/css/lightgallery.min.css
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:03 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 20775418
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-cached-on: Tue, 03 Dec 2019 09:52:43 GMT, Tue, 03 Dec 2019 10:25:53 GMT
cf-ray: 5bb237fcda9d97ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0443415205000097ead194f200000001
expires: Wed, 02 Dec 2020 09:52:43 GMT

GET
H2 200 lg-transitions.min.css
www.herald.co.zw/wp-content/themes/sirius/js/lg/css/ 38 KB
2 KB 859ms
858ms Stylesheet
text/css 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/lg/css/lg-transitions.min.css
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fb6f79d7a4ab0226ce9634cc960a4430c488459219c956d350868b39f20783

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 26 Mar 2019 09:29:31 GMT
server: cloudflare
etag: W/"98c4-584fbf5545b9f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-ray: 5bb237fcfaba97ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341521f000097ead1951200000001
expires: Fri, 30 Jul 2021 21:37:04 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 63ms
60ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 28 Jul 2020 10:06:14 GMT
server: cloudflare
etag: W/"5f1ff896-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5bb238009fdbd72d-FRA
cf-request-id: 04434154620000d72da51bd200000001
expires: Sat, 01 Aug 2020 21:37:04 GMT

GET
H2 200 main.d.js Show response
bc.marfeelcache.com/www.herald.co.zw/ 13 B
514 B 70ms
67ms Script
application/javascript 151.101.114.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.marfeelcache.com/www.herald.co.zw/main.d.js
Requested by: Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.207 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
via: 1.1 483c6b691461cafe6d23d15d609dc486.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid: 6be70631a8e048008535856290a80efb
x-amz-cf-pop: YUL62-C1
x-mrf-lastmod: 0
x-mrs-cache: STALE
status: 200
x-mrf-rendered: 1595915865950
x-cache: Miss from cloudfront, MISS, HIT
x-b3-traceid-primal: 1f454a7936e24b9a9d6e78c5677aca31
content-length: 13
x-mshield-cache-status: STALE
server: nginx
x-served-by: mshield-b-02, mshield-f-02, cache-yul8921-YUL, cache-hhn4074-HHN
x-mrf-age: 0
accept-ranges: bytes
x-mrf-type: SECTION
x-mrs-age: 387
x-timer: S1596145024.120627,VS0,VE1
etag: "067e866c735744ec6037b77b623ee022d"
x-mrf-shard: 3
content-language: en
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin, Date
cache-control: public, max-age=61
x-mrs-cache-hits: 9
mrf-cache-status: S-MS
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: x-requested-with
x-amz-cf-id: G2aImf3msJ64ZZp8207aCpOZ46ArCZ3Z1igevEmOtN-QCgDek26w_g==
x-cache-hits: 0, 1

GET
H2 200 preloader_small.gif
www.herald.co.zw/wp-content/themes/sirius/img/ 5 KB
5 KB 794ms
793ms Image
image/gif 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/img/preloader_small.gif
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5537b8e22d98409891207b8fcdc960a93ac332726529bc8b49a0d161354c0aa

Request headers

Referer: https://www.herald.co.zw/wp-content/themes/sirius/css/sirius.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=5754, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4859
cf-request-id: 0443415466000097ead1992200000001
last-modified: Tue, 26 Mar 2019 09:28:45 GMT
server: cloudflare
etag: "167a-584fbf29962f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/gif
expires: Fri, 30 Jul 2021 21:37:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb23800ad5d97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 IMG_6496.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 182 KB
183 KB 205ms
199ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/IMG_6496.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9329dfa20c5fca3d69cbb559d42ae92b83b1d52b66a287f654d59791b55f579c

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 75347
cf-polished: origSize=217926, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186605
cf-request-id: 04434154ad000097ead1999200000001
last-modified: Thu, 30 Jul 2020 00:09:22 GMT
server: cloudflare
etag: "35346-5ab9d7c0752df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 00:41:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011dad97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-3-10-680x380.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 57 KB
58 KB 93ms
87ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/Untitled-3-10-680x380.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f189f50787ad564b24accb2825bf45fa42de334afaec9f50a6242bbb02fc30df

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 20640
cf-polished: origSize=61593, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58708
cf-request-id: 04434154ae000097ead199a200000001
last-modified: Thu, 30 Jul 2020 15:38:04 GMT
server: cloudflare
etag: "f099-5abaa75499b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 15:53:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db097ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-6-2.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 640 KB
641 KB 200ms
195ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/Untitled-6-2.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944e73ee642f988cd5852de70806a0a1c2436f8c78aa78034d0f367a26e15905

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 26150
cf-polished: origSize=676517, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 655159
cf-request-id: 04434154ae000097ead199b200000001
last-modified: Wed, 15 Jul 2020 21:26:45 GMT
server: cloudflare
etag: "a52a5-5aa8194b2bc58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 14:21:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db197ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 o586qKHA48z4YOOU0G4U4Ua0rGbA6fPtffcTOa_lqWTEKVYXuQiZj9daJSo07tx5SYz0qoW30ePJt6SfryYSsrTmO14pvikcu2VBVuDa1Oy7sTWMxcyeBsMZ.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 101 KB
101 KB 114ms
109ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/o586qKHA48z4YOOU0G4U4Ua0rGbA6fPtffcTOa_lqWTEKVYXuQiZj9daJSo07tx5SYz0qoW30ePJt6SfryYSsrTmO14pvikcu2VBVuDa1Oy7sTWMxcyeBsMZ.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56697048bdd3f3abc036c8307413d93148ea7c00006b2339daee70a0ce7a1f05

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 67604
cf-polished: origSize=129555, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103400
cf-request-id: 04434154ae000097ead199c200000001
last-modified: Thu, 30 Jul 2020 02:00:17 GMT
server: cloudflare
etag: "1fa13-5ab9f08b3ddb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 02:50:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db397ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-1-16-200x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 6 KB
6 KB 91ms
86ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/Untitled-1-16-200x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8831b93cea52b57dc0e7861ed4e833aaca6423fb8f2fde1d7e53a30a1fe2a99a

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 41755
cf-polished: origSize=6553, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6162
cf-request-id: 04434154ae000097ead199d200000001
last-modified: Thu, 30 Jul 2020 10:00:11 GMT
server: cloudflare
etag: "1999-5aba5bcf72240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 10:01:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db497ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Mutodi-200x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/01/ 7 KB
7 KB 196ms
192ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/01/Mutodi-200x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3548d726a559ad5d4ffe6bd6de83fe67986b46f9cbbb1ec4b0ba5fcc9d08fa3f

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 40734
cf-polished: origSize=7679, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7268
cf-request-id: 04434154ae000097ead199e200000001
last-modified: Fri, 24 Jan 2020 21:23:37 GMT
server: cloudflare
etag: "1dff-59ce95ef4e0ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 10:18:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db697ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-1-2-200x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/06/ 8 KB
8 KB 113ms
108ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/06/Untitled-1-2-200x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b8d15a200c848f062acefcdac008766fca893c6e88848c1b4506fdc771c42b

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
age: 40733
cf-polished: origSize=8724, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8284
cf-request-id: 04434154ae000097ead199f200000001
last-modified: Thu, 04 Jun 2020 10:53:36 GMT
server: cloudflare
etag: "2214-5a73ff4e21374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 10:18:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db797ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 default_medium.jpg
www.herald.co.zw/wp-content/themes/sirius/img/ 1 KB
1 KB 758ms
754ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/img/default_medium.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f11e0c1d71f2cbd311e9a55a6b5a7ad99ec84a5a0e39fb6b656814975b6afb

Request headers

Referer: https://www.herald.co.zw/wp-content/themes/sirius/css/sirius.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=2147, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1224
cf-request-id: 04434154ae000097ead19a0200000001
last-modified: Tue, 26 Mar 2019 09:28:45 GMT
server: cloudflare
etag: "863-584fbf29cdd93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 21:37:04 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238011db897ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 469_RGrPW60
www.youtube.com/embed/ Frame 22F0 0
0 219ms
123ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/469_RGrPW60

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/469_RGrPW60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald.co.zw/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/

Response headers

status: 200
accept-ch: DPR
strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 10236
accept-ch-lifetime: 2592000
x-content-type-options: nosniff
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Thu, 30 Jul 2020 21:37:04 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=kHTFDPFPqaw; path=/; domain=.youtube.com; secure; expires=Tue, 26-Jan-2021 21:37:04 GMT; httponly; samesite=None YSC=NLn6R7vi0Ik; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=kHTFDPFPqaw; path=/; domain=.youtube.com; secure; expires=Tue, 26-Jan-2021 21:37:04 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 30-Jul-2020 22:07:04 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2
fonts.gstatic.com/s/merriweathersans/v11/ 11 KB
11 KB 125ms
20ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v11/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37f44861004836e71af56f8899c74e69a934516ad70627112afb89a36fdd111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,700|Merriweather:400,700
Origin: https://www.herald.co.zw

Response headers

date: Fri, 24 Jul 2020 15:33:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:01:19 GMT
server: sffe
age: 540207
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11544
x-xss-protection: 0
expires: Sat, 24 Jul 2021 15:33:37 GMT

GET
H2 200 sirius_icons.ttf
www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/ 15 KB
15 KB 124ms
27ms Font
application/x-font-ttf 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.ttf?1bhu37
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abacfa18472a4ace0034615d9219c5d3585292b5920881c434f7a3382f7cfc57

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/wp-content/themes/sirius/fonts/sirius_icons/sirius_icons.css
Origin: https://www.herald.co.zw

Response headers

date: Thu, 30 Jul 2020 21:37:04 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Mar 2019 09:28:49 GMT
server: cloudflare
age: 1361272
etag: W/"3a6c-584fbf2de7a5f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-font-ttf
status: 200
cache-control: max-age=31536000
cf-ray: 5bb238025e8f97ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0443415574000097ead19b2200000001
expires: Thu, 15 Jul 2021 03:03:02 GMT

GET
H2 200 2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hZ0z5qZ.woff2
fonts.gstatic.com/s/merriweathersans/v11/ 11 KB
11 KB 103ms
20ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v11/2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hZ0z5qZ.woff2

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b282a8addc38e45f16f401cde8810e5f06a2fd6e48ae56372f2cba199cbd93fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,700|Merriweather:400,700
Origin: https://www.herald.co.zw

Response headers

date: Wed, 22 Jul 2020 20:10:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:51:54 GMT
server: sffe
age: 696367
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11544
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:10:57 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 94ms
11ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,700|Merriweather:400,700
Origin: https://www.herald.co.zw

Response headers

date: Wed, 22 Jul 2020 21:10:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:46 GMT
server: sffe
age: 692791
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12256
x-xss-protection: 0
expires: Thu, 22 Jul 2021 21:10:33 GMT

GET
H/1.1 200
OK count.js Show response
heraldlive.disqus.com/ 1 KB
1 KB 317ms
180ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldlive.disqus.com/count.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 21:37:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1422564
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 10 Jul 2020 00:55:10 GMT
Server: nginx
ETag: "5f07bc6e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H2 200 forms-api.min.js Show response
www.herald.co.zw/wp-content/plugins/mailchimp-for-wp/assets/js/ 12 KB
4 KB 79ms
75ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.1.14
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d915c1a38320682d4c8e6fbe119889d26a91958f472d10808c161f938fc14957

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 20775420
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
cf-cached-on: Tue, 03 Dec 2019 09:52:45 GMT, Tue, 03 Dec 2019 10:25:53 GMT
cf-ray: 5bb23806ca6597ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583e000097ead19e2200000001
expires: Wed, 02 Dec 2020 09:52:45 GMT

GET
H2 200 wp-embed.min.js Show response
www.herald.co.zw/wp-includes/js/ 1 KB
777 B 782ms
778ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-includes/js/wp-embed.min.js?ver=4.8.14
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 10 Aug 2017 10:17:48 GMT
server: cloudflare
etag: W/"576-5566382194b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5bb23806ca6797ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583e000097ead19e3200000001
expires: Fri, 30 Jul 2021 21:37:05 GMT

GET
H2 200 sirius.min.js Show response
www.herald.co.zw/wp-content/themes/sirius/js/ 9 KB
3 KB 781ms
778ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/sirius.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d5aee8f0faa85b2ea0c29a0ade99e67256834feed8fd87fb801461061d874c

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 26 Mar 2019 09:28:43 GMT
server: cloudflare
etag: W/"246b-584fbf277f07f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5bb23806ca6897ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583e000097ead19e4200000001
expires: Fri, 30 Jul 2021 21:37:05 GMT

GET
H2 200 lightgallery-all.min.js Show response
www.herald.co.zw/wp-content/themes/sirius/js/lg/js/ 48 KB
11 KB 24ms
21ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/lg/js/lightgallery-all.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872fdbf1d445fc24148a4025a848e9c9e7eee31730e98fc218f58b13d28461da

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 20775420
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
cf-cached-on: Tue, 03 Dec 2019 09:52:45 GMT, Tue, 03 Dec 2019 10:25:53 GMT
cf-ray: 5bb23806ca6997ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583e000097ead19e5200000001
expires: Wed, 02 Dec 2020 09:52:45 GMT

GET
H2 200 slick.min.js Show response
www.herald.co.zw/wp-content/themes/sirius/js/slick/ 42 KB
10 KB 26ms
22ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/slick/slick.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 8788693
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583f000097ead19e6200000001
last-modified: Tue, 26 Mar 2019 09:28:48 GMT
server: cloudflare
etag: W/"a76f-584fbf2ca2746-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 5bb23806ca6a97ea-FRA
expires: Tue, 20 Apr 2021 03:59:15 GMT

GET
H2 200 verlok.lazyload.min.js Show response
www.herald.co.zw/wp-content/themes/sirius/js/ 3 KB
1 KB 782ms
779ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/verlok.lazyload.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f47f8034b4f08f1c4f05a6a914d7ba6fe966a0112d5ec0cbbae2cd7b35b6407b

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 26 Mar 2019 09:28:42 GMT
server: cloudflare
etag: W/"dcd-584fbf273d9a0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5bb23806ca6c97ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583f000097ead19e7200000001
expires: Fri, 30 Jul 2021 21:37:05 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
www.herald.co.zw/wp-content/themes/sirius/js/ 85 KB
29 KB 76ms
74ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 8788694
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583f000097ead19e8200000001
last-modified: Tue, 26 Mar 2019 09:28:43 GMT
server: cloudflare
etag: W/"15283-584fbf276b7ff-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 5bb23806ca6d97ea-FRA
expires: Tue, 20 Apr 2021 03:59:13 GMT

GET
H2 200 resizer.js Show response
www.herald.co.zw/wp-content/plugins/marfeelpress/includes/base/src/resources/js/ 681 B
387 B 781ms
778ms Script
application/x-javascript 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald.co.zw/wp-content/plugins/marfeelpress/includes/base/src/resources/js/resizer.js?ver=4.8.14
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 03 Feb 2020 13:13:15 GMT
server: cloudflare
etag: W/"2a9-59dabafae9270-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5bb23806ca6e97ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044341583f000097ead19e9200000001
expires: Fri, 30 Jul 2021 21:37:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 120 KB
42 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36ac8e24642e32152f30143f2733243f6fdb3e0cffa8739c48eaa8e802b621d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 43181
x-xss-protection: 0
server: cafe
etag: 18393666154855094817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jul 2020 21:37:05 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
16 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b22ccffec9bb50b55b52c0296a5b48b1c696bcf70ea6236655aa794800f73a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "587 / 990 of 1000 / last-modified: 1596125926"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16617
x-xss-protection: 0
expires: Thu, 30 Jul 2020 21:37:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 63 KB
25 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3HF3JF

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c4f0dc1f3e275297e306e204d1fb0b9ede47429924bb8a1dbb5aa5c83c3244b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25411
x-xss-protection: 0
last-modified: Thu, 30 Jul 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jul 2020 21:37:05 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/ 4 KB
2 KB 37ms
20ms Script
application/javascript 2600:9000:214f:5c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/choice.js?timestamp=1596145025764
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:5c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d250a41566147c1dbfdca4fa17e9971b2a3c0c2a37c43fc50dc63b37a6473f5

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 03:20:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
status: 200
x-amz-cf-id: H9EOLCKFrZOdTp5uI37b7gib0Y0Vs_WvMhCvdo-BO40JT6WuqX4C4Q==
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.herald.co.zw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.herald.co.zw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/ 223 KB
84 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d42fc1c349e1ff511ae471d2fce211a3787212180217093d826e2f30006a10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85405
x-xss-protection: 0
server: cafe
etag: 4188947787779617085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jul 2020 21:37:05 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200729/r20190131/ Frame 8E37 0
0 12ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200729/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200729/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald.co.zw/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlG1e5rFJxmhJEGSmVnlGrYI336sx_Fx3K_qs0aUx8JjUdex6nVfPvhhrKD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 29 Jul 2020 21:56:39 GMT
expires: Wed, 12 Aug 2020 21:56:39 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 85226
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_2020072701.js Show response
securepubads.g.doubleclick.net/gpt/ 254 KB
90 KB 82ms
82ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

edf6ab3553d76573e5d5939c0c4a3ada737c98ee962379b25cbf23c96f17d732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 13:08:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91625
x-xss-protection: 0
expires: Thu, 30 Jul 2020 21:37:05 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 17ms
8ms Script
application/x-javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/choice.js?timestamp=1596145025764

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:05 GMT
content-encoding: gzip
last-modified: Thu, 30-Jul-2020 21:37:05 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Thu, 06 Aug 2020 21:37:05 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 975 KB
181 KB 97ms
88ms Script
text/javascript 2600:9000:214f:5c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/choice.js?timestamp=1596145025764
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:5c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7be0b7ed8c5e80203bc0672b7b8e5ec47b53f7f2f406d0ede2840c5de2867da

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 18:20:12 GMT
content-encoding: gzip
last-modified: Fri, 24 Jul 2020 19:13:55 GMT
server: AmazonS3
age: 11814
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: EvdDgcOIuOSxwW29TnLjBPLj3-mFkgL5dwVNhy_gJEAI6Ax1dhnC5w==
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)

GET
H2 200 p-qcGGj0TBhxAVc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 15ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-qcGGj0TBhxAVc.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 21:37:05 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3HF3JF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3804
date: Thu, 30 Jul 2020 20:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 30 Jul 2020 22:33:41 GMT

GET
H2 200 rules-p-qcGGj0TBhxAVc.js Show response
rules.quantcount.com/ 3 B
346 B 364ms
364ms Script
application/x-javascript 2600:9000:2057:3200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-qcGGj0TBhxAVc.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:3200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:30:32 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 401
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: Mo4xewPu3qe1wLSHOmyAXVOEtThbxsF9oZhIAaMYhqwGf5BpMtiKSg==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=192538741&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald.co.zw%2F&ul=en-us&de=UTF-8&dt=The%20Herald%20%7C%20Zimbabwe%27s%20largest%20daily%20new...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_gid=552781677.1596145026&gjid=1718087058&_v=j83&z=1498578466
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_v=j83&z=1498578466
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_v=j83&z=1498578466&slf_rd=1&random=1160032173

42 B
106 B

18ms
17ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_v=j83&z=1498578466&slf_rd=1&random=1160032173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 21:37:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jul 2020 21:37:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28980530-1&cid=287475671.1596145026&jid=606115588&_v=j83&z=1498578466&slf_rd=1&random=1160032173
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CookieAccessV2 Show response
apis.quantcast.mgr.consensu.org/ 21 B
270 B 187ms
67ms XHR
application/json 35.156.249.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccessV2
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.249.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-249-121.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e51b8a213ba36235303df692d1653b7a152c5d692709ac360f51bad15e44ac98

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:06 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.herald.co.zw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 21

GET
H/1.1 200
OK count.js Show response
heraldlive.disqus.com/ 1 KB
1 KB 70ms
69ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldlive.disqus.com/count.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 21:37:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1422566
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 10 Jul 2020 00:55:10 GMT
Server: nginx
ETag: "5f07bc6e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H2 410 tRaiETqnLgj758hTBazgd_2FXE_2B0mUQNOlQOYF9f82Z0OPzYf3_2BISw4jeNc3_2FV_2BxZd.js
widget.surveymonkey.com/collect/website/js/ 0
0 269ms
94ms Script
text/html 13.225.87.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd_2FXE_2B0mUQNOlQOYF9f82Z0OPzYf3_2BISw4jeNc3_2FV_2BxZd.js
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-65.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK count-data.js Show response
heraldlive.disqus.com/ 1 KB
2 KB 114ms
50ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldlive.disqus.com/count-data.js?2=https%3A%2F%2Fwww.herald.co.zw%2Fcovid-19-infections-spike-police-intensify-lockdown-enforcement%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fd-day-for-zambian-super-division-as-cases-surge%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Feditorial-comment-patriot-champion-of-agriculture-no-more%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Ffootball-loses-its-very-good-friend%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fjust-in-former-agribank-ceo-malaba-dies%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fjust-in-kazembe-in-good-health%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fjust-in-land-baron-arrested%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fjust-in-minister-shiri-died-of-covid-19-president%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fjust-in-mutodi-withdraws-theft-case%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fjust-in-sambo-burial-set-for-tomorrow%2F

Requested by

Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf360ff0048b8cdd76df69219041b75ccfe53270014f8bb18594238fb59fbbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 21:37:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 2781
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1159
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
heraldlive.disqus.com/ 626 B
1 KB 163ms
60ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldlive.disqus.com/count-data.js?2=https%3A%2F%2Fwww.herald.co.zw%2Fpresident-seals-historic-land-deal%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fsecurity-forces-ready-to-deal-with-demos%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fshiri-national-hero%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fzdf-dismisses-fake-demo-news%2F&2=https%3A%2F%2Fwww.herald.co.zw%2Fzupco-to-space-out-passengers%2F

Requested by

Host: heraldlive.disqus.com
URL: https://heraldlive.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

39714c3d549ac52384586c13e5418f46f47b78b08529b97b3ea086c3e808c066

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 21:37:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 2781
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 626
X-XSS-Protection: 1; mode=block

GET
H2 200 Untitled-1-16-200x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/07/ 6 KB
6 KB 26ms
24ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/07/Untitled-1-16-200x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8831b93cea52b57dc0e7861ed4e833aaca6423fb8f2fde1d7e53a30a1fe2a99a

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:06 GMT
cf-cache-status: HIT
age: 41757
cf-polished: origSize=6553, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6162
cf-request-id: 0443415de8000097ead1a84200000001
last-modified: Thu, 30 Jul 2020 10:00:11 GMT
server: cloudflare
etag: "1999-5aba5bcf72240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 10:01:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb2380fd97b97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Mutodi-200x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/01/ 7 KB
7 KB 28ms
26ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/01/Mutodi-200x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3548d726a559ad5d4ffe6bd6de83fe67986b46f9cbbb1ec4b0ba5fcc9d08fa3f

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:06 GMT
cf-cache-status: HIT
age: 40736
cf-polished: origSize=7679, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7268
cf-request-id: 0443415de8000097ead1a85200000001
last-modified: Fri, 24 Jan 2020 21:23:37 GMT
server: cloudflare
etag: "1dff-59ce95ef4e0ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 10:18:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb2380fd97c97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-1-2-200x200.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2020/06/ 8 KB
8 KB 26ms
25ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2020/06/Untitled-1-2-200x200.jpg
Requested by: Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b8d15a200c848f062acefcdac008766fca893c6e88848c1b4506fdc771c42b

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:06 GMT
cf-cache-status: HIT
age: 40735
cf-polished: origSize=8724, status=vary_header_present
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8284
cf-request-id: 0443415de9000097ead1a86200000001
last-modified: Thu, 04 Jun 2020 10:53:36 GMT
server: cloudflare
etag: "2214-5a73ff4e21374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Fri, 30 Jul 2021 10:18:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb2380fd97e97ea-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 iIEy1JHT0-M
www.youtube.com/embed/ Frame ABDF 0
0 132ms
131ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/iIEy1JHT0-M

Requested by

Host: www.herald.co.zw
URL: https://www.herald.co.zw/wp-content/themes/sirius/js/verlok.lazyload.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/iIEy1JHT0-M
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald.co.zw/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITOR_INFO1_LIVE=kHTFDPFPqaw; YSC=NLn6R7vi0Ik; GPS=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 10699
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
accept-ch-lifetime: 2592000
accept-ch: DPR
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 30 Jul 2020 21:37:06 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 noniab-vendorlist.json Show response
quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/.well-known/ 1 KB
1004 B 33ms
17ms XHR
application/json 2600:9000:214f:5c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/qcGGj0TBhxAVc/www.herald.co.zw/.well-known/noniab-vendorlist.json?timestamp=1596145025963
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:5c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f3fb250b806213e5ae6757fa1d721e6e10abe8539f5356a5dac3e0b47a5bebe

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:30:29 GMT
content-encoding: gzip
vary: Origin
age: 398
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://www.herald.co.zw
last-modified: Wed, 17 Jun 2020 08:58:53 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json;charset=UTF-8
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: LWhtCSV62wkkb0omq49PFswzOq0k9rE-s31cA5NFQOAwAUHEPgStIQ==

GET
H2 200 vendor-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 125 KB
20 KB 29ms
8ms XHR
application/json 2600:9000:21f3:7600:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:7600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d83528012d4e319bcdad0c9c5afbbe521dcc2e2e96f1d06da0ceaabd87f2ffa2

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 06:27:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 54604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 23 Jul 2020 23:59:09 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control: max-age:518400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LiGzyZuG1QtZY1yVqpc86Zjtw98kONRDBH05NRiXSAuOB-fsDiapog==

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9985 0
0 101ms
100ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7429385817508822&output=html&adk=1309968118&adf=3288313458&lmt=1596141475&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&format=0x0&url=https%3A%2F%2Fwww.herald.co.zw%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1596145025870&bpp=74&bdt=2534&idt=320&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3435923124670&frm=20&pv=2&ga_vid=287475671.1596145026&ga_sid=1596145027&ga_hid=192538741&ga_fc=0&iag=0&icsg=2251983025078208&dssz=65&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3121985828060987&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=903

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7429385817508822&output=html&adk=1309968118&adf=3288313458&lmt=1596141475&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&format=0x0&url=https%3A%2F%2Fwww.herald.co.zw%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1596145025870&bpp=74&bdt=2534&idt=320&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3435923124670&frm=20&pv=2&ga_vid=287475671.1596145026&ga_sid=1596145027&ga_hid=192538741&ga_fc=0&iag=0&icsg=2251983025078208&dssz=65&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3121985828060987&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=903
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald.co.zw/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlG1e5rFJxmhJEGSmVnlGrYI336sx_Fx3K_qs0aUx8JjUdex6nVfPvhhrKD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Jul 2020 21:37:06 GMT
server: cafe
content-length: 1393
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200729&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50d10db69939a23ba6a205c3ec6f400c4edde433469cae77056b29bec5371dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 21:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5665
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3325db456620e768bfa6a930c1015b6fd4e8b967cbb88d07867883c9e5fa6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596064266704224"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27106
x-xss-protection: 0
expires: Thu, 30 Jul 2020 21:37:06 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame CCB6 0
0 274ms
273ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7429385817508822&output=html&h=154&slotname=3576371520&adk=3902221545&adf=2830833273&w=680&lmt=1596141475&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&format=680x154&url=https%3A%2F%2Fwww.herald.co.zw%2F&flash=0&wgl=1&adsid=NT&dt=1596145025870&bpp=6&bdt=2534&idt=392&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3435923124670&frm=20&pv=1&ga_vid=287475671.1596145026&ga_sid=1596145027&ga_hid=192538741&ga_fc=0&iag=0&icsg=2251983025078208&dssz=66&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=2669&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3121985828060987&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dMtBjFbMML&p=https%3A//www.herald.co.zw&dtd=953

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12634214338574394842/fly728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12634214338574394842/fly728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2Z18r39eoCFQGAdwodlqsKsg&gqi=gj0jX5DvMpKArASY6LrwCQ&layout=/sadbundle/%24csp%253Der3%24/12634214338574394842/fly728x90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7429385817508822&output=html&h=154&slotname=3576371520&adk=3902221545&adf=2830833273&w=680&lmt=1596141475&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&format=680x154&url=https%3A%2F%2Fwww.herald.co.zw%2F&flash=0&wgl=1&adsid=NT&dt=1596145025870&bpp=6&bdt=2534&idt=392&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3435923124670&frm=20&pv=1&ga_vid=287475671.1596145026&ga_sid=1596145027&ga_hid=192538741&ga_fc=0&iag=0&icsg=2251983025078208&dssz=66&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=2669&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3121985828060987&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=dMtBjFbMML&p=https%3A//www.herald.co.zw&dtd=953
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald.co.zw/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlG1e5rFJxmhJEGSmVnlGrYI336sx_Fx3K_qs0aUx8JjUdex6nVfPvhhrKD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12634214338574394842/fly728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12634214338574394842/fly728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2Z18r39eoCFQGAdwodlqsKsg&gqi=gj0jX5DvMpKArASY6LrwCQ&layout=/sadbundle/%24csp%253Der3%24/12634214338574394842/fly728x90.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Jul 2020 21:37:07 GMT
server: cafe
content-length: 34427
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
515 B 162ms
58ms XHR
text/html 13.35.254.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22qcGGj0TBhxAVc%22%2C%22publisher%22%3A%22The%20Herald%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.7%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22BwLXgLechwRM7FVZuBiYrA%22%2C%22clientTimestamp%22%3A1596145026865%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-oat23ihy33fpcubvgp19%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-3.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 05:57:15 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
vary: Origin
age: 56393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: oNwGTGHtXbzc06YCeZwAoXEKvQrgyaVNjb_QBNrKcGO8hhg9QmFWJQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 30 Jul 2020 21:37:06 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame C45B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald.co.zw/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OX_plg=pm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herald.co.zw/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 30 Jul 2020 19:18:02 GMT
expires: Fri, 30 Jul 2021 19:18:02 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8344
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 herald_logo.jpg
www.herald.co.zw/wp-content/uploads/sites/2/2017/11/ 5 KB
5 KB 16ms
16ms Image
image/jpeg 2606:4700:10::ac43:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald.co.zw/wp-content/uploads/sites/2/2017/11/herald_logo.jpg
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832b01798d3505ffdd094079a9f9181eb7496653ca69d8c16cdb0382866aa739

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 21:37:07 GMT
cf-cache-status: HIT
age: 344740
cf-polished: status=not_needed
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5104
cf-request-id: 0443415ff4000097ead1aad200000001
last-modified: Fri, 01 Dec 2017 07:39:26 GMT
server: cloudflare
etag: "13f0-55f4277cda780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
expires: Mon, 26 Jul 2021 21:51:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5bb238132bdc97ea-FRA
cf-bgj: imgq:100

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
59 B 41ms
40ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200729&jk=3121985828060987&bg=!cHOlc2tYLdEADfudFHQCAAAAnlIAAAATmQGHbFJMieT103Kf3zowLsZmp8Ym7RBYd0-s1AoZqNSSp-WWSJGXYQJZIk3wn87CwNK1dgX1bwaXQV8wM93tUZcA6ZzFgzlHABuanVXvjH36zxhb7JRfTOUA9ql2kVK2Zgmm1J8jIJfb0o4zi35t3Rd1dOMTcZ2jI1HJLcKyW6UEYoGnS6nacp3sH8zpBEDXj6AwYpuZfUEVcRckU79oQ_Gp48ynyTYeYIX4nw6LErbfSQ4PcEaZf15ab6Tb5qxb1rx7FGOnTcqlXGrNKNUNShNzIP2pkQ_Pnjgo56w_Tj1ngD8dkE3bgN1hlsW_gVBPs6r6r_covhWh2keks9M1GJEOOypxpCU7l3D5mu_Z7UYkgAfxcKv6ZSyl5zNvXWGzQhh3xtAzDezjIDnp2gxSEaFhs-jWU2UZt5R-9paz2G4zNb-cXenbMX-adWTEoDRkoom8yI9Ep5kvJDiJ-hMH9sDTFOZOsRKRkOm-6Vfm7NsAzOwZw1LABDZN8FkdEzS-f1y-0pToEQYnog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald.co.zw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 21:37:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:44:01	Name: IDE Value: AHWqTUlG1e5rFJxmhJEGSmVnlGrYI336sx_Fx3K_qs0aUx8JjUdex6nVfPvhhrKD
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NLn6R7vi0Ik
.herald.co.zw/	1970-01-19 12:05:37	Name: __cfduid Value: d975f169d6d6c5e0e214fe7c022e5429a1596145022
.youtube.com/	1970-01-19 15:41:37	Name: VISITOR_INFO1_LIVE Value: kHTFDPFPqaw
.herald.co.zw/	1970-01-19 11:22:25	Name: _gat_UA-28980530-1 Value: 1
.youtube.com/	1970-01-19 11:22:26	Name: GPS Value: 1
.herald.co.zw/	1970-01-20 04:53:37	Name: _ga Value: GA1.3.287475671.1596145026
.herald.co.zw/	1970-01-19 11:23:51	Name: _gid Value: GA1.3.552781677.1596145026

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.herald.co.zw/wp-content/themes/sirius/js/sirius.min.js(Line 1) Message: sidebar height/count @ WINDOW-load - 4794.94/3
console-api	log	URL: https://www.herald.co.zw/wp-content/themes/sirius/js/sirius.min.js(Line 1) Message: sidebar height/count @ DOM-load - 4794.94/3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
apis.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
bc.marfeelcache.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
herald.co.zw
heraldlive.disqus.com
i.ytimg.com
pagead2.googlesyndication.com
pixel.quantserve.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
widget.surveymonkey.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.herald.co.zw
www.youtube.com
13.225.87.65
13.35.254.3
151.101.112.134
151.101.114.207
172.217.16.130
2600:9000:2057:3200:6:44e3:f8c0:93a1
2600:9000:214f:5c00:9:46dc:4700:93a1
2600:9000:21f3:7600:3:a4cd:8380:93a1
2606:4700:10::6816:2ef
2606:4700:10::ac43:1d7e
2606:4700::6810:85e5
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:808::2016
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:400c:c03::9c
35.156.249.121
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07ef76751d974b7e0ce6993dd07047e76bb36ce4002ecd40ae26288419abbe34
08488d175ed222ebe005013e57c4394f1cd0aaf4cb7261c697bbd24be7a1d2ba
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e1f0ab8e1f15897d74debff8813ea45721702ae882d9106ad54ceade7eb30f7
10a8c25fe06211de274f0e3797007fa0113ee9cfdd2db9101b28406532c68206
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
2369e54bf923ac56ec28b8fd440770eb9e9e44ca8430cb83aedef3f59d7cc618
2c833842f9675f8de1bfeface3798dc4f71ef33dd459d56596f07edc058e21cc
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e3325db456620e768bfa6a930c1015b6fd4e8b967cbb88d07867883c9e5fa6d
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3548d726a559ad5d4ffe6bd6de83fe67986b46f9cbbb1ec4b0ba5fcc9d08fa3f
36ac8e24642e32152f30143f2733243f6fdb3e0cffa8739c48eaa8e802b621d5
39714c3d549ac52384586c13e5418f46f47b78b08529b97b3ea086c3e808c066
3d42fc1c349e1ff511ae471d2fce211a3787212180217093d826e2f30006a10d
50d10db69939a23ba6a205c3ec6f400c4edde433469cae77056b29bec5371dc8
56697048bdd3f3abc036c8307413d93148ea7c00006b2339daee70a0ce7a1f05
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4
6f3fb250b806213e5ae6757fa1d721e6e10abe8539f5356a5dac3e0b47a5bebe
71b22ccffec9bb50b55b52c0296a5b48b1c696bcf70ea6236655aa794800f73a
74cce62e23cee80e0c3223a7f562806ed7954183efd408fef0c5592e7918ff1d
779031b89f5cdb999d37598edd81cc9af2bb147fcf3376bbfda78bee1ed5dcc0
77f11e0c1d71f2cbd311e9a55a6b5a7ad99ec84a5a0e39fb6b656814975b6afb
79a83d35a00a12ce6f99deb5b41500b4428aaad4496ed92f12c0ee9cfc577377
7d6af564a066837aed5f9639ced9d98bd645b1033786f42e7e6a7a6fe8e7c805
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
832b01798d3505ffdd094079a9f9181eb7496653ca69d8c16cdb0382866aa739
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872fdbf1d445fc24148a4025a848e9c9e7eee31730e98fc218f58b13d28461da
8831b93cea52b57dc0e7861ed4e833aaca6423fb8f2fde1d7e53a30a1fe2a99a
8d250a41566147c1dbfdca4fa17e9971b2a3c0c2a37c43fc50dc63b37a6473f5
91d5aee8f0faa85b2ea0c29a0ade99e67256834feed8fd87fb801461061d874c
9329dfa20c5fca3d69cbb559d42ae92b83b1d52b66a287f654d59791b55f579c
944e73ee642f988cd5852de70806a0a1c2436f8c78aa78034d0f367a26e15905
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
95c745d27196bd9f6bb5a99cdb8c74db3ce1d0f5bffbc500d9d12e1ae325d9f2
9c4f0dc1f3e275297e306e204d1fb0b9ede47429924bb8a1dbb5aa5c83c3244b
9eb0dfb4cac02ee153045c07ede53d5b19e7b93be74e152108fc2dfd04cc0eb7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aa19126b9780d64eb404ef69200cf0d1b4fd8e1cdce41665dc3450c392c9d0d7
abacfa18472a4ace0034615d9219c5d3585292b5920881c434f7a3382f7cfc57
ac1dff1accc994a2a64efd22f8374e7d64914e2f7b215816393b1bd52679a3ef
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b282a8addc38e45f16f401cde8810e5f06a2fd6e48ae56372f2cba199cbd93fa
b6d39508164d7015990a918eb8f035aa7040f943a834f028f843046855991fcd
bae2652b1cbb2a36d9e4ba862d874a5a453fe1802f04ba3c6e3cf4c33d8a302d
c5537b8e22d98409891207b8fcdc960a93ac332726529bc8b49a0d161354c0aa
c7d3ad9dcb910afa916f421ccebc7a7f0602208c7d5d7ea1728cdf8e10c97b5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf360ff0048b8cdd76df69219041b75ccfe53270014f8bb18594238fb59fbbb3
d2fb6f79d7a4ab0226ce9634cc960a4430c488459219c956d350868b39f20783
d321b148166a3362f3b726c214f0f5c3ad663fded63c0675342d093411cbf064
d7be0b7ed8c5e80203bc0672b7b8e5ec47b53f7f2f406d0ede2840c5de2867da
d83528012d4e319bcdad0c9c5afbbe521dcc2e2e96f1d06da0ceaabd87f2ffa2
d915c1a38320682d4c8e6fbe119889d26a91958f472d10808c161f938fc14957
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e2b8d15a200c848f062acefcdac008766fca893c6e88848c1b4506fdc771c42b
e37f44861004836e71af56f8899c74e69a934516ad70627112afb89a36fdd111
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e51b8a213ba36235303df692d1653b7a152c5d692709ac360f51bad15e44ac98
e8fcb3079cb44b316e0b00aa6e6f94f43b6f44cd1dc47a0f9ae7d9c0a57b3b5d
edf6ab3553d76573e5d5939c0c4a3ada737c98ee962379b25cbf23c96f17d732
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f189f50787ad564b24accb2825bf45fa42de334afaec9f50a6242bbb02fc30df
f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406
f47f8034b4f08f1c4f05a6a914d7ba6fe966a0112d5ec0cbbae2cd7b35b6407b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ff1b3037a9c4238f1406e16082c90d98a398996ae96d368628edd891f3f3f61d

www.herald.co.zw Open in urlscan Pro 2606:4700:10::ac43:1d7e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

76 %IPv6

19 Domains

29 Subdomains

22 IPs

3 Countries

1780 kBTransfer

3573 kBSize

8 Cookies

51 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.herald.co.zw Open in urlscan Pro
2606:4700:10::ac43:1d7e Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

76 %
IPv6

19
Domains

29
Subdomains

22
IPs

3
Countries

1780 kB
Transfer

3573 kB
Size

8
Cookies

84 HTTP transactions
0 data transactions