www.heraldlive.co.za Open in urlscan Pro
2a00:1450:4001:829::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldlive.co.za/
Effective URL:
https://www.heraldlive.co.za/
Submission Tags: tranco_l324
Submission: On November 14 via api (November 14th 2021, 5:36:39 am UTC) from DE — Scanned from DE

Summary HTTP 190 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 30 domains to perform 190 HTTP transactions. The main IP is 2a00:1450:4001:829::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.heraldlive.co.za.
TLS certificate: Issued by GTS CA 1D4 on November 8th 2021. Valid for: 3 months.

This is the only time www.heraldlive.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2013	15169 (GOOGLE) (GOOGLE)
1	2.16.107.83 2.16.107.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:210... 2600:9000:2104:7c00:17:2922:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.218.38.30 54.218.38.30	16509 (AMAZON-02) (AMAZON-02)
1	54.72.188.165 54.72.188.165	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.83.54 65.9.83.54	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3034::ac43:c16a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	157.245.20.41 157.245.20.41	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 6	52.214.10.122 52.214.10.122	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:210... 2600:9000:2104:9800:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	34.251.13.38 34.251.13.38	16509 (AMAZON-02) (AMAZON-02)
3 9	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	52.202.90.208 52.202.90.208	14618 (AMAZON-AES) (AMAZON-AES)
15	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:8191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2600:9000:210... 2600:9000:2104:fe00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	23.20.18.198 23.20.18.198	14618 (AMAZON-AES) (AMAZON-AES)
1	144.76.255.154 144.76.255.154	24940 (HETZNER-AS) (HETZNER-AS)
190	44

2 2001:4860:4802:38::15 (United States) 2 redirects

ASN15169 (GOOGLE, US)

heraldlive.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.heraldlive.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-83.deploy.static.akamaitechnologies.com

middycdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:7c00:17:2922:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.38.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-38-30.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.188.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-188-165.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.83.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-83-54.ams1.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::ac43:c16a (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 157.245.20.41 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

embed.iono.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iframe.iono.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p2.iono.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.214.10.122 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-10-122.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:9800:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.13.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com

ad2.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.90.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-90-208.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:8191 (United States)

ASN13335 (CLOUDFLARENET, US)

forecast7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:fe00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.18.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-18-198.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.255.154 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.154.255.76.144.clients.your-server.de

dl.iono.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	256 KB
21	heraldlive.co.za 2 redirects heraldlive.co.za www.heraldlive.co.za	722 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	225 KB
15	ampproject.org cdn.ampproject.org	306 KB
15	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	224 KB
11	youtube.com www.youtube.com	744 KB
10	googleusercontent.com lh3.googleusercontent.com	484 KB
10	iono.fm 1 redirects embed.iono.fm iframe.iono.fm p2.iono.fm dl.iono.fm	143 KB
10	google.com 3 redirects adservice.google.com www.google.com	16 KB
10	effectivemeasure.net 1 redirects t.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	11 KB
9	weatherwidget.io weatherwidget.io	74 KB
6	googleapis.com fonts.googleapis.com	5 KB
5	google-analytics.com www.google-analytics.com	40 KB
4	2mdn.net s0.2mdn.net	579 KB
4	facebook.net connect.facebook.net	198 KB
3	googletagmanager.com www.googletagmanager.com	167 KB
3	vic-m.co static.vic-m.co ad2.vic-m.co	23 KB
2	facebook.com www.facebook.com	446 B
2	google.de adservice.google.de www.google.de	802 B
2	browsiprod.com events.browsiprod.com yield-manager.browsiprod.com	234 B
1	chartbeat.net ping.chartbeat.net	202 B
1	nr-data.net bam.nr-data.net	322 B
1	chartbeat.com static.chartbeat.com	14 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	ytimg.com i.ytimg.com	26 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	forecast7.com forecast7.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	akamaihd.net middycdn-a.akamaihd.net	11 KB
190	30

	Domain	Requested by
20	tpc.googlesyndication.com	www.heraldlive.co.za securepubads.g.doubleclick.net ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com
19	www.heraldlive.co.za	www.heraldlive.co.za
15	cdn.ampproject.org	securepubads.g.doubleclick.net
11	www.youtube.com	www.heraldlive.co.za www.youtube.com
11	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
10	lh3.googleusercontent.com	www.heraldlive.co.za
9	www.google.com	3 redirects www.heraldlive.co.za ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com www.youtube.com tpc.googlesyndication.com
9	weatherwidget.io	www.heraldlive.co.za weatherwidget.io
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	www.heraldlive.co.za securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	www.heraldlive.co.za www.youtube.com ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
6	collector.effectivemeasure.net	1 redirects www.heraldlive.co.za t.effectivemeasure.net
6	fonts.googleapis.com	www.heraldlive.co.za securepubads.g.doubleclick.net ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
5	www.gstatic.com	ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com www.youtube.com www.gstatic.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com iframe.iono.fm
5	iframe.iono.fm	www.heraldlive.co.za iframe.iono.fm p2.iono.fm
4	s0.2mdn.net	www.heraldlive.co.za cdn.ampproject.org
4	connect.facebook.net	www.heraldlive.co.za connect.facebook.net
3	p2.iono.fm	iframe.iono.fm
3	www.googletagmanager.com	www.heraldlive.co.za www.googletagmanager.com iframe.iono.fm
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	www.facebook.com	www.heraldlive.co.za
2	ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	static.vic-m.co	www.heraldlive.co.za
2	heraldlive.co.za	2 redirects
1	dl.iono.fm	p2.iono.fm
1	ping.chartbeat.net
1	bam.nr-data.net	js-agent.newrelic.com
1	static.chartbeat.com	www.heraldlive.co.za
1	js-agent.newrelic.com	iframe.iono.fm
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagservices.com	ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
1	forecast7.com	weatherwidget.io
1	www.google.de	www.heraldlive.co.za
1	ad2.vic-m.co	static.vic-m.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	embed.iono.fm	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	t.effectivemeasure.net	www.heraldlive.co.za
1	yield-manager.browsiprod.com	middycdn-a.akamaihd.net
1	events.browsiprod.com	middycdn-a.akamaihd.net
1	cdnjs.cloudflare.com	static.vic-m.co
1	middycdn-a.akamaihd.net	www.heraldlive.co.za
190	47

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
forecast7.com
sacoronavirus.co.za

Subject Issuer	Validity	Valid
www.heraldlive.co.za GTS CA 1D4	`2021-11-08` - `2022-02-06`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.vic-m.co Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.gobrowsi.com Amazon	`2021-01-14` - `2022-02-12`	a year	crt.sh
*.browsiprod.com Amazon	`2021-09-21` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.iono.fm Sectigo RSA Domain Validation Secure Server CA	`2021-10-14` - `2022-11-05`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
ad2.vic-m.co Go Daddy Secure Certificate Authority - G2	`2020-08-24` - `2022-08-24`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.heraldlive.co.za/
Frame ID: D76768066E2B339CFFDA63CE9A86F09B
Requests: 113 HTTP requests in this frame

Frame: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B02F1357C9987694942301BBE47CBAB5
Requests: 1 HTTP requests in this frame

Frame: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Frame ID: 6F6023A19CCD203207C939D27733D45A
Requests: 13 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: DA2DBD8BAF9760202CC64595876B1A9B
Requests: 9 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
Frame ID: 22BFAC5957F87C411F992E9A0C5A8BB8
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs
Frame ID: DA2F5B8588698F64979BF9EEDB4FBEEB
Requests: 16 HTTP requests in this frame

Frame: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A9028B1641FEC2D27CAF92EE634FEBF1
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs
Frame ID: 531ACF8F83E4BE2C2E3323174C29C23E
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs
Frame ID: 0C8116A9EDCA377188F0ACC6FF9D5FB0
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BDC8AA39714A1347397F3C2DBF852EF1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B3D8AEA037577245905CC0D89E2D2FF9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4F8FB81362D211B34AA6EF453A771BB3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D21098B323DCD0DDB07E1641B565917
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HeraldLIVE

Page URL History Show full URLs

http://heraldlive.co.za/ HTTP 302
https://heraldlive.co.za/ HTTP 302
https://www.heraldlive.co.za/ Page URL

Page Statistics

190
Requests

98 %
HTTPS

70 %
IPv6

30
Domains

47
Subdomains

44
IPs

4
Countries

4324 kB
Transfer

10445 kB
Size

35
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HeraldLIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/HeraldNMB

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldlive

Search URL Search Domain Scan URL

URL: https://forecast7.com/en/n33d7125d52/port-elizabeth/
Title: PORT ELIZABETH WEATHER

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?hashtags=&text=BIG%20OIL%20UNDER%20FIRE%20%7C%20Activists%20speak%20out%20against%20seismic%20Shell%27s%20Wild%20Coast%20survey&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fnews%2F2021-11-13-go-to-court-environment-minister-creecy-tells-57000-stop-shell-on-wild-coast-petitioners%2F&via=HeraldNMB

Search URL Search Domain Scan URL

URL: https://sacoronavirus.co.za/
Title: online coronavirus portal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldlive.co.za/ HTTP 302
https://heraldlive.co.za/ HTTP 302
https://www.heraldlive.co.za/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://embed.iono.fm/chan/3189 HTTP 307
https://iframe.iono.fm/c/3189?layout=legacy&download=1

Request Chain 86

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1636868193269_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1636868193269_1

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 207

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

190 HTTP transactions
38 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldlive.co.za/
Redirect Chain

http://heraldlive.co.za/
https://heraldlive.co.za/
https://www.heraldlive.co.za/

231 KB
35 KB

718ms
651ms

Document
text/html

2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

25bb8b7c54f751f233f2aeaef5cf7661f0322dc1432e1ad06420663fab58e2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
content-encoding: gzip
x-cloud-trace-context: 595cd8f418e79b22702520c0e90f44ae
vary: Accept-Encoding
date: Sun, 14 Nov 2021 05:36:32 GMT
server: Google Frontend
content-length: 35749
expires: Sun, 14 Nov 2021 05:36:32 GMT

Redirect headers

location: https://www.heraldlive.co.za/
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
content-encoding: gzip
x-cloud-trace-context: 7ab3d9d94a2df40eb6131a5a1cb0890f
vary: Accept-Encoding
date: Sun, 14 Nov 2021 05:36:32 GMT
server: Google Frontend
content-length: 35753

GET
H/1.1 200
OK bootstrap.js Show response
middycdn-a.akamaihd.net/bootstrap/ 38 KB
11 KB 100ms
10ms Script
application/javascript 2.16.107.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-83.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 325d617db2fca03e37c30904b620539367d9223b36a0e61e59cf70b1c94826d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: zusDjbpjUwTUlRyU2.Zf4Wf_3ijBorgd
Content-Encoding: gzip
ETag: "4d2571963ed7754497568692609ff171"
x-amz-request-id: KBEVE4YY9X01KX90
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 10785
x-amz-id-2: Z99IscdXNW8xlMBZUNd3NptlmXDXfdTypCG7yYa/TpR3Mz9fDmsDqzaWrSbW/e7HAEYtqnPGEZw=
Last-Modified: Wed, 25 Aug 2021 10:21:47 GMT
Server: AmazonS3
Date: Sun, 14 Nov 2021 05:36:32 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Sun, 14 Nov 2021 06:36:32 GMT

GET
H2 200 vicinity-head-tag-v1.js Show response
static.vic-m.co/ads/ 44 KB
16 KB 69ms
14ms Script
application/javascript 2600:9000:2104:7c00:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7c00:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f70e476e2d760061c6623ee1cf5abd5bf62ba49f391d3df4e18f0295c8d453a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 20:29:45 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 05:47:03 GMT
server: AmazonS3
age: 32808
etag: W/"564194afea29536d9bedab98a9913ef0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: QNA3psgh9Jia7b09H39HTTTA5gUEfaknR6Iyu-tGDnHasHATt3TiRA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 42ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

017aa4f558f70fdc652bef9b0aba526204045ff2b4522fd983af3b4aa21fe7a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1043 / 503 of 1000 / last-modified: 1636758378"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26699
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 05:36:32 GMT

GET
H2 200 priority.c2615d33098d50ee98b0.bundle.js Show response
www.heraldlive.co.za/build/chunks/ 2 KB
3 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/priority.c2615d33098d50ee98b0.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 255720ba60ab5171911d3f7cee92b001fa447e8d176dce7dccc005415902fb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:12:33 GMT
server: Google Frontend
age: 105839
etag: "oB0epw"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: dfba4ad696a6611cb714409e93595c27
cache-control: public, max-age=31536000
content-length: 2515
expires: Sun, 13 Nov 2022 00:12:33 GMT

GET
H2 200 priority.c2615d33098d50ee98b0.bundle.css
www.heraldlive.co.za/build/chunks/ 366 B
317 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/priority.c2615d33098d50ee98b0.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 05:38:31 GMT
content-encoding: gzip
server: Google Frontend
age: 86281
etag: "oB0epw"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: c01075d07458b2aba02115f704019eca
cache-control: public, max-age=31536000
content-length: 198
expires: Sun, 13 Nov 2022 05:38:31 GMT

GET
H2 200 entry.5f32e02d205c1ac57a1e.bundle.css
www.heraldlive.co.za/build/chunks/ 105 KB
24 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 099a16effc4cff4a227211ea44e63f3121a9309c9474cb8e68f8dfff099b8560

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 10:13:24 GMT
content-encoding: gzip
server: Google Frontend
age: 328988
etag: "oB0epw"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 2a436669f516c7b619ffdf8a63d92073
cache-control: public, max-age=31536000
content-length: 24393
expires: Thu, 10 Nov 2022 10:13:24 GMT

GET
H2 200 section.7ba2fb5b37cdafd19e24.bundle.css
www.heraldlive.co.za/build/chunks/pages/ 131 KB
21 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0bad5993e0f677c4ed024a7310e027ad840643181bdd94db1d65e7dfc560fba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:17:36 GMT
content-encoding: gzip
server: Google Frontend
age: 1136
etag: "oB0epw"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 14277f8e2ef51be571e7e9849f051288
cache-control: public, max-age=31536000
content-length: 21700
expires: Mon, 14 Nov 2022 05:17:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb933b5a02678eac282064f543d9452e8e4e3e8b6a5ecc3ddf5c8306f093279f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 05:36:32 GMT
server: ESF
date: Sun, 14 Nov 2021 05:36:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 05:36:32 GMT

GET
H2 200 TheWeekendPostLogo.png
www.heraldlive.co.za/publication/custom/static/logos/ 27 KB
27 KB 17ms
15ms Image
image/png 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/TheWeekendPostLogo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 02:46:43 GMT
server: Google Frontend
age: 10189
etag: "oB0epw"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 7a61ec86b9acd1a77054109279a244d9
cache-control: public, max-age=86400
content-length: 27673
expires: Mon, 15 Nov 2021 02:46:43 GMT

GET
H2 200 vicinity-v13.js Show response
static.vic-m.co/ads/ 18 KB
6 KB 14ms
12ms Script
application/javascript 2600:9000:2104:7c00:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-v13.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7c00:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38c1264fb63db6ba309c46da366d8b0ac5855573f8d81d43b42c6472a8d9b883

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:32:12 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 07:30:08 GMT
server: AmazonS3
age: 7461
etag: W/"a572a2f47e0883779ffe693a355f9ea6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: mHXOCV0E4Z88xDUOLX0TLXgWs-t_zRNqh_PvK76j3P7Krbxi62JgGQ==

GET
H2 200 300x180subscribebutton2.png
www.heraldlive.co.za/publication/custom/static/logos/ 114 KB
114 KB 18ms
16ms Image
image/png 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/300x180subscribebutton2.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8bba8ec140e854e97376105ad3edeea04253a68051eed5e335c2953e01a5af67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:51:17 GMT
server: Google Frontend
age: 6315
etag: "oB0epw"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 2c2b4f11ed65eb01d2864fe3a2f6ffbf
cache-control: public, max-age=86400
content-length: 116258
expires: Mon, 15 Nov 2021 03:51:17 GMT

GET
H2 200 arena-holdings.logo.png
www.heraldlive.co.za/publication/custom/static/logos/ 17 KB
17 KB 19ms
17ms Image
image/png 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/arena-holdings.logo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 00:01:45 GMT
server: Google Frontend
age: 20087
etag: "oB0epw"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 92bf92c26fbc192fcdd47225626698b7
cache-control: public, max-age=86400
content-length: 17624
expires: Mon, 15 Nov 2021 00:01:45 GMT

GET
H2 200 entry.5f32e02d205c1ac57a1e.bundle.js Show response
www.heraldlive.co.za/build/chunks/ 271 KB
103 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d82abfcddc40cea6c4f0bf29d66674383b57d8c5c2fcc21c3252fe5922ce3352

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 00:43:02 GMT
content-encoding: gzip
server: Google Frontend
age: 17610
etag: "oB0epw"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: fcf0a6b18cba0578f7b3afc09352600e;o=1
cache-control: public, max-age=31536000
content-length: 105466
expires: Mon, 14 Nov 2022 00:43:02 GMT

GET
H2 200 section.7ba2fb5b37cdafd19e24.bundle.js Show response
www.heraldlive.co.za/build/chunks/pages/ 457 KB
141 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2fd297f348724a9a9213eb573af150b7b9041787c6e64e76b3f201ae46a4d5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 00:19:08 GMT
content-encoding: gzip
server: Google Frontend
age: 451044
etag: "oB0epw"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: 7782e92222b9d9c381ad92a5fc5c8eba
cache-control: public, max-age=31536000
content-length: 144514
expires: Wed, 09 Nov 2022 00:19:08 GMT

GET
H2 200 pubads_impl_2021111001.js Show response
securepubads.g.doubleclick.net/gpt/ 342 KB
115 KB 23ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 14 Nov 2021 05:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 117754
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 05:36:32 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
6 KB 35ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1429108
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4996
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GegOKDl96JVP0x%2Fwf%2BAwjuX%2BD65kPJOwYpgftGJ6twRoJ4d%2B9pZokmDcnZNeVa7Ru%2FrcOntlsQE2SbstfL%2BU%2FWU5BpTrjFUsWuadIA1J6bmTyvqlGUnC4f6sY4BLsRM0BzSj0ngIppvrM1xrbsmTFMC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6adde1fe1cef5c4a-FRA
expires: Fri, 04 Nov 2022 05:36:32 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
107 B 478ms
157ms XHR
text/plain 54.218.38.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=laztcQgrkR
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.38.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-38-30.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.heraldlive.co.za
date: Sun, 14 Nov 2021 05:36:33 GMT
access-control-allow-credentials: true

GET
H2 204 v5 Show response
yield-manager.browsiprod.com/supply/ 0
127 B 108ms
35ms XHR
text/plain 54.72.188.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=heraldlive&url=https%3A%2F%2Fwww.heraldlive.co.za%2F&bid=laztcQgrkR&at=HeraldLIVE&sw=1600&sh=1200
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.188.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-188-165.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.heraldlive.co.za
date: Sun, 14 Nov 2021 05:36:33 GMT
access-control-allow-credentials: true
server: akka-http/10.2.1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: lgkEET3iL3FcN7fU6WJiL59RZhDWsRsnIEUEwrQS0I919VktXvcxMB94Hngx4gj5ygw5tDMFqrc5I92qYmw4kw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 14 Nov 2021 05:36:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 49ms
12ms Script
application/javascript 65.9.83.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1636
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.83.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-83-54.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 412322
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Tue, 09 Nov 2021 11:04:31 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: So7xVY_Y7bbzncFSUWkth2qbyxYiodo8_KYac1qW6RzOMbcxhrvzHg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
46 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5e19523d9226addb6cfc0f7baa8134d2bc33ade45c7e44594167f11673a3800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46459
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Nov 2021 05:36:32 GMT

GET
H2 200 Herald-LIVE.png
www.heraldlive.co.za/publication/custom/static/logos/ 4 KB
4 KB 19ms
18ms Image
image/png 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/Herald-LIVE.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a4fc478877ae31d55a00ccd0a0aba78740623e34400b5417ef38b5ee2456e439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 16:59:22 GMT
server: Google Frontend
age: 45430
etag: "oB0epw"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: e4e0b0ef7040eaa18a7c9c9e4df97d85
cache-control: public, max-age=86400
content-length: 4105
expires: Sun, 14 Nov 2021 16:59:22 GMT

GET
H2 200 fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
www.heraldlive.co.za/build/publication/fonts/ 75 KB
76 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/publication/fonts/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.css
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 02:43:23 GMT
server: Google Frontend
age: 10389
etag: "oB0epw"
vary: Accept-Encoding
content-type: font/woff2
x-cloud-trace-context: c1dfcf114e1b83ff79d9aef909672d2e
cache-control: public, max-age=31536000
content-length: 77160
expires: Mon, 14 Nov 2022 02:43:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
425 B 69ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldlive.co.za

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
425 B 38ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldlive.co.za

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 398 KB
67 KB 565ms
565ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1094993924116336&correlator=4176956320193542&output=ldjh&impl=fifs&eid=31063705%2C21068766%2C31062930&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=5963%2CHeraldLive%2Chome%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x2%2C1x1%2C1000x90%7C1000x250%7C970x90%7C970x250%7C728x90%2C1000x90%7C728x90%2C1000x90%7C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C320x50%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&prev_scp=Pos%3Dthirdparty-1%26platform%3Ddesktop%7CPos%3DSkin%26platform%3Ddesktop%7CPos%3Dbanner-1%26platform%3Ddesktop%7CPos%3Dbanner-2%26platform%3Ddesktop%7CPos%3Dbanner-3%26platform%3Ddesktop%7CPos%3Dblock-1%26platform%3Ddesktop%7CPos%3Dblock-2%26platform%3Ddesktop%7CPos%3Dblock-3%26platform%3Ddesktop%26context%3Dvideo-block%7CPos%3Dnative-1%26platform%3Ddesktop%7CPos%3Dinterstitial&cookie_enabled=1&bc=31&abxe=1&lmt=1636868193&dt=1636868193009&dlt=1636868192806&idt=135&frm=20&biw=1600&bih=1200&oid=2&adxs=0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=880131872%2C2120079087%2C3652417828%2C1581442279%2C1581442278%2C1348728147%2C1348728148%2C971810254%2C3917333699%2C2010424278&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldlive.co.za%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=921131964.1636868193&ga_sid=1636868193&ga_hid=2101265763&ga_fc=false&fws=0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

21c23539cffc382b2d3c13a5c3d850a9e14bf1f439f780ed87ba03197b6cedb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 68117
x-xss-protection: 0
google-lineitem-id: -2,-2,-1,5823305977,-1,-1,-1,5828398712,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-1,138369310424,-1,-1,-1,138370163922,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldlive.co.za
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B02F 6 KB
3 KB 53ms
17ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 05:36:33 GMT
expires: Mon, 14 Nov 2022 05:36:33 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: clear

GET
H2 200 pubads_impl_page_level_ads_2021111001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 15ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111001.js?cb=31063705

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

bfbea78c426825e6e56e322e4d1553d42613b699ab038fc717368f5808163109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13477
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
DATA 200
OK truncated
/ 491 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78ec227f53d248811eb951e38805d5ca23ad43630451383bdc06a3b9af7cecfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 465 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 255d92513722640cf6a6784e977d12e9b4de7d551631c103b7024de5798cc173

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58f0cc6fed02006b732008de1d30f9163c2e326830278cd8a3efed17d25c791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 161d031be64ed20b4fc2f1984d73fdf09eda48812d646c56ae8399a3882d162a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4eac165d3122e552c2639bd063b477234e3ef53fa0f4c8a105edf8d97eb1624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 955acce2effede2eb693397d46b8b2dbece6100859442b5a0f275bb24f83df8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36d6d38ed839fe5f001f8cc2e4616daf1f726865c6043ae49ea565f87d63cfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 435 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7424abf978b498c6b5c8f35a3fc9b289947504ad5a2c93ce2706a2d21a23b5f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 399 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c13105fab8145dd26abb07c1087f47a9b91d246c8a8ad1f0f601879c1d22d72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 976 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f87175b01571ee5876ce400cf3e7926e61ec9dc61b90ab22c309e79e7e30c8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 341816d58fd99739553872fea9f7f5551e9c93530689349ecc6e7f472570044c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 975 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7c8e61941a4f767940d284844e8421c7f95eea3bb466c2fde74a35dec2aef09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fb0abafabc1b256870c227ba0cc0260e077937a2be7c85a669b00f1373002d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5363d8ed31b2259ef0dd6437cbd78d30baad8e9746a7ae21385fa1bb8171389b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 999 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4df6a6f6ecd85445b8b3e55cfa2ec5528efca82397bd684e4d0e6415d0685ec7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 991 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a66566f8f37bd3778ccc7a410e83f6bf675f9a1c599f26221f4fbdcb17312ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e19f1411c521f445e6c4a363ec8a594254c281a707a892969b7ab9577798c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 445 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f936151fc249eeecc5e42d4700112082baa163bb442356233478553b8fdad5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32cc2d91442fbc38e30b1e62609b3f9f20f79ef1d7103cb1f52b80d0b15f80a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 04:48:55 GMT
x-content-type-options: nosniff
age: 262058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 04:48:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 474072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 17:55:21 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 205468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 20:32:05 GMT

GET
H2 200 icomoon.ttf
www.heraldlive.co.za/publication/shared/app/icomoon/fonts/ 2 KB
1 KB 15ms
15ms Font
font/ttf 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/publication/shared/app/icomoon/fonts/icomoon.ttf
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 21794e8763e15a90285cfcc1227af99df078f424c8ebe69f79fc4b3983a91cd9

Request headers

Referer: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:20:14 GMT
content-encoding: gzip
server: Google Frontend
age: 72979
etag: "oB0epw"
vary: Accept-Encoding
content-type: font/ttf
x-cloud-trace-context: bec5d5d11af22e67776eec06b1103c64
cache-control: public, max-age=86400
content-length: 990
expires: Sun, 14 Nov 2021 09:20:14 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:40:44 GMT
x-content-type-options: nosniff
age: 186949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21352
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 01:40:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 145111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:18:02 GMT

GET
H2 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
2 KB 46ms
14ms Script
application/javascript 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
server: cloudflare
age: 7305
etag: W/"5d9d0124-a4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avvDDFq4LfTvjf1HhOVERCLtO1yLMc%2FbiqZ2OKI63O0eumWVAcHug4e5Nbx99T7KwQs%2FWkpotvYbFQmHAApmpIiKmqTNeY7MU5%2FfshEME6LbWfaGeZ%2BdCv9lITbr%2BC3V6AHZz7xRG7Ym6LgHk8vy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde1ff4bb468f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

3189 Show response
iframe.iono.fm/c/ Frame 6F60
Redirect Chain

https://embed.iono.fm/chan/3189
https://iframe.iono.fm/c/3189?layout=legacy&download=1

6 KB
2 KB

16ms
7ms

Document
text/html

157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ca7b3c15b4597f01651ec96f8b23dd4f286ace181c1dcabc54c455f5259b573

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

server: nginx
date: Sun, 14 Nov 2021 05:36:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: HIT
x-country-code: DE
p3p: CP="This site does not have a p3p policy."
cache-control: public, max-age=1800, no-transform
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip

Redirect headers

server: nginx
date: Sun, 14 Nov 2021 05:36:34 GMT
content-type: text/html; charset=UTF-8
location: https://iframe.iono.fm/c/3189?layout=legacy&download=1
x-cache: MISS
x-country-code: DE
p3p: CP="This site does not have a p3p policy."
cache-control: no-cache no-transform
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS

GET
H2 200 loading.gif
www.heraldlive.co.za/publication/custom/pages/video/ 7 KB
7 KB 15ms
15ms Image
image/gif 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/pages/video/loading.gif
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2b1763d24e3acf050e8250cd24653fcd1e3901ff058d05fb06aa7da3cf362d53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:25:13 GMT
server: Google Frontend
age: 680
etag: "oB0epw"
vary: Accept-Encoding
content-type: image/gif
x-cloud-trace-context: 6d6284b0ac822ba34bfda6fbaaf19e89
cache-control: public, max-age=86400
content-length: 7332
expires: Mon, 15 Nov 2021 05:25:13 GMT

GET
H2 200 BhiPz9SlaqUS5edudtSuNy2FR0nP0Wg6k5qMTm9wTrbDTBnL0agd7-_7CJoIWLuE-A3lJONYW2ZWE6vf86J-XzeMzhy-CjXQwxZXHq1E-s6ggAs
lh3.googleusercontent.com/ 25 KB
26 KB 40ms
13ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BhiPz9SlaqUS5edudtSuNy2FR0nP0Wg6k5qMTm9wTrbDTBnL0agd7-_7CJoIWLuE-A3lJONYW2ZWE6vf86J-XzeMzhy-CjXQwxZXHq1E-s6ggAs

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6586e2e1922d24bc7658537cdc7acd461bd8eaf4ba51892f7e6d8c116018d634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:00:26 GMT
x-content-type-options: nosniff
age: 9367
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 26053
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 12 Nov 2021 11:06:46 GMT

GET
H2 200 uIAaNJrpmv1Gc52ZEStKo6vue8j53QHwLMnXoeJTZYvTaTgkOpD8aa7eIxts7gmUv9cQsDZL8h_MfO9EJanDjHzIjyvENNHkrWCT-OwYOYMD
lh3.googleusercontent.com/ 25 KB
25 KB 34ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/uIAaNJrpmv1Gc52ZEStKo6vue8j53QHwLMnXoeJTZYvTaTgkOpD8aa7eIxts7gmUv9cQsDZL8h_MfO9EJanDjHzIjyvENNHkrWCT-OwYOYMD

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c6e415f681cca39fb4c2571a1cde2abf416366fd3a372876d359c72c62bb154b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:02:13 GMT
x-content-type-options: nosniff
age: 2060
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 25429
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 13:19:13 GMT

GET
H2 200 Gdlxv1jegpFcysOsVtqHM8NoNQ04BaPoHB2vmQWEgMli6CWzSvV1nbSqCER2G4JlC16KmCtV_IO336C_vkz1z7oUK_I-okxQdwllSExUW_3yVw
lh3.googleusercontent.com/ 25 KB
25 KB 46ms
19ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Gdlxv1jegpFcysOsVtqHM8NoNQ04BaPoHB2vmQWEgMli6CWzSvV1nbSqCER2G4JlC16KmCtV_IO336C_vkz1z7oUK_I-okxQdwllSExUW_3yVw

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac6c400640734183d824e98f6fc88ca64d856ca90ff07fe9d111c073eccffc3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 25121
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 13:28:54 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92c529cf0f0d3fc3e40155d90c2b18fc9c4a92cdddb75dd9e38587b45ea34fa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 416 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78622316d56b092dc30ac4348312fa66a753760878e8f8fd0d7bf46850c333e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 453 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98f0e161374744d8704de5e65cd0bef03194940be26d2153cddf180d5fd8277c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 image_fallback.jpg
www.heraldlive.co.za/publication/custom/static/logos/ 9 KB
9 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/image_fallback.jpg
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b8d94b2f8e9978b3ce65fa1a0d7ec81815c8abc53da8fb69f87263ac70485ddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/build/chunks/pages/section.7ba2fb5b37cdafd19e24.bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 17:28:42 GMT
server: Google Frontend
age: 43671
etag: "oB0epw"
vary: Accept-Encoding
content-type: image/jpeg
x-cloud-trace-context: 4eec8a5e954fa1ca2b8102ab7c385134
cache-control: public, max-age=86400
content-length: 9411
expires: Sun, 14 Nov 2021 17:28:42 GMT

GET
DATA 200
OK truncated
/ 413 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b574c1700ee835003e8b69479c6245863f3d804f67d84904ff6b515c10937e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8356305a310f0403b316bd38f61f55588c05ee88837fb2b69daa257bc1aed38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec158380700b06d8473ae099ce4f465ec71815bfcb12510cadbf46a47d18930

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 420 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87731029a84f4975732076cc70761494fc1f7632666fb0e5d6940fa7725cbfd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 459 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb0b1844d02e42da1979c7c8520b2926dc129feab244c40be10577d09f4d4608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 444 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bba7d7fb8ae083d8ec4476db9580a2b27b5a5d3bec6b04fd87f729686e4872ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 490 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c0bbaf10bcabef9cfb8ba16cff2d4293fe311e22a656786c2b05e1481f78c95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2516507e89d2e2629141ab15c1d921bcabd5bdb3092f8a4ef3dbc7041fd299b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc12f908384ac79da75a855fb4de99548c2ca5f439ba9bb173b3acaebde26e5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 996ffd400ff1616afcdde56f9aa87871657ad2c1e99ccd7ebef032de952bebf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 399 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cecb5bc2f37ae449588c0ae7fc3b70106b3edde05ebd1f93486e41b6867f2436

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 2837651136267650 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 124ms
123ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2837651136267650?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9eb6e0f726037516375305750facfedf783cba1d6a1f7310d7abe10301f39f9b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: sLfzeBQVRH+1k53CXzpVDlRbpZjhu8OPl9ZQWGAJ8OYFDE/ntuDZbQprNsSej6zYnVcysRGDWx2kMN1bgg57Ww==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 05:36:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ea3904b3f2bb34c1c6ec3bc89dfc63fbd2a242d039effcaa62ae0a1f6f8c904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: V9w1B6DUmrus6lLQGoOO5w==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: M9gmJe+bZ5fr8+CwCawTLVnf2UCiTzRXZyLs7cdM86FImmIObmoeHcj+jhcvYWcfULzancI0jabgn2aAeCf9+w==
x-fb-trip-id: 917726464
x-fb-content-md5: 00aca14115e108e7062e78e89ef2463a
x-frame-options: DENY
date: Sun, 14 Nov 2021 05:36:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4c2ced3d73ce3243d517f084078bd224"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 14 Nov 2021 05:54:47 GMT

GET
H2 200 qYT-fk_JvWPPpYWIEa0JXJXsHHkTPeIDyZtYswy4P7Wsr7ljFX30ZplmTEc63Y5PfaIV91LbSYFTO5WWEz5MidR-LLhgCnF5HVMd7ZhQQ_MG=w460
lh3.googleusercontent.com/ 64 KB
64 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/qYT-fk_JvWPPpYWIEa0JXJXsHHkTPeIDyZtYswy4P7Wsr7ljFX30ZplmTEc63Y5PfaIV91LbSYFTO5WWEz5MidR-LLhgCnF5HVMd7ZhQQ_MG=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8a3d62119fccf9580dc3be5dce1bd09e47fa00acacea4ec8d58f9d7b3b1dcfd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 65854
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Nov 2021 15:02:25 GMT

GET
H2 200 xMki2ZAIQV1bh0d5lq5jB7UQsrXax-Lqos9Gx_6t3viS3FrnG_73vSHhAjXEWWQlTz4glKr5oRo-u5GDZrD8DISveyVDXFfLK2KirJdOqKMi=w460
lh3.googleusercontent.com/ 58 KB
58 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xMki2ZAIQV1bh0d5lq5jB7UQsrXax-Lqos9Gx_6t3viS3FrnG_73vSHhAjXEWWQlTz4glKr5oRo-u5GDZrD8DISveyVDXFfLK2KirJdOqKMi=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f6df960060fc9664e26740cdaa333747841b696028e037c5de9bbb2c3ef1fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 59031
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Nov 2021 15:02:25 GMT

GET
H2 200 UI_y4uHCMcNYY0UxW-T5_MUob64Mq_HGSwsZNatXbFReQOjU7r5S_MmkbPX6GshG-jaBQ7cGXcux498UwZ3DNzCG32cAm16QayzQfK45c3VUiw=w460
lh3.googleusercontent.com/ 69 KB
69 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/UI_y4uHCMcNYY0UxW-T5_MUob64Mq_HGSwsZNatXbFReQOjU7r5S_MmkbPX6GshG-jaBQ7cGXcux498UwZ3DNzCG32cAm16QayzQfK45c3VUiw=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f52420e26989541a55b668cc1bff5a245d2207e4cf92e10211fb00424f1a42ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:02:13 GMT
x-content-type-options: nosniff
age: 2060
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 70586
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Nov 2021 04:16:36 GMT

GET
H2 200 KM0dzfHRGNKyMtnDnWPofMoWrqOegs9L6SnJqCa2f4HtyblJEnqNfTno9ZaWam2IGElemgQm8ilgAMAeBfFrAwI9FCEwMve94UgKEavIyaB3=w460
lh3.googleusercontent.com/ 50 KB
50 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/KM0dzfHRGNKyMtnDnWPofMoWrqOegs9L6SnJqCa2f4HtyblJEnqNfTno9ZaWam2IGElemgQm8ilgAMAeBfFrAwI9FCEwMve94UgKEavIyaB3=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8a38ec6ff99d8594f11192c6a69d21f3c89c426a3516f381f143acfac5f0263f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 50943
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Nov 2021 06:11:29 GMT

GET
H2 200 T3t97owD6UIKev554Lx4hLrEalQph_RiYISBNjsbTTkAOlvVn9aUoGferE8XKHlhNfNE0JnFp3T9TRV91U-EH2DCZorVIQvZvYCkaLcOZ8A=w460
lh3.googleusercontent.com/ 114 KB
114 KB 32ms
32ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/T3t97owD6UIKev554Lx4hLrEalQph_RiYISBNjsbTTkAOlvVn9aUoGferE8XKHlhNfNE0JnFp3T9TRV91U-EH2DCZorVIQvZvYCkaLcOZ8A=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

463f791a00c3fa3600cee46cf5dae8036a0618c7511ffa526a1ac09b0103ba77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: clear
content-length: 116628
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 05 Nov 2021 10:47:27 GMT

GET
H2 200 ccsYNq93Wv33yWYyWmxenItcwKPXphOcWOYPHDZzod4XK-swfGTAdkjRZc5Y1Shg71i_HrEHGWXJ790AcPbGnL5G2IOltadrGgLCKxxNzIC_=w460
lh3.googleusercontent.com/ 40 KB
40 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ccsYNq93Wv33yWYyWmxenItcwKPXphOcWOYPHDZzod4XK-swfGTAdkjRZc5Y1Shg71i_HrEHGWXJ790AcPbGnL5G2IOltadrGgLCKxxNzIC_=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5a3e171f31670a576e35e089d3a13d08633c6baf5e56884cdcd81cedf8b9aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 41117
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:19:24 GMT

GET
H2 200 jlICyICOqJuDiX8mY4jQSr_qco5P6BTEhzkmhdV4ZYPzYz4FCnQcyO9wSndQhKKwUloRkNbKQcdXsNLOGlM_7awR8mPQOGRFrPiqLabzljFZcQ=w225
lh3.googleusercontent.com/ 13 KB
13 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jlICyICOqJuDiX8mY4jQSr_qco5P6BTEhzkmhdV4ZYPzYz4FCnQcyO9wSndQhKKwUloRkNbKQcdXsNLOGlM_7awR8mPQOGRFrPiqLabzljFZcQ=w225

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1155972eac3a99573fc89b9079a3da4d0d610d1ef5ebada7e671a3d1c90cabbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 13298
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 27 Oct 2021 21:09:30 GMT

GET
H2 200 7.95be07127c6ee365f9a2.bundle.css
www.heraldlive.co.za/build/publication/ 29 KB
29 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/publication/7.95be07127c6ee365f9a2.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 65a22a800722d4fdfe2318c1bd1c20b8e0cb976e1ee7bd1b496d20ea0311e169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:11:15 GMT
server: Google Frontend
age: 5118
etag: "oB0epw"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 20e38ec90603cc24c66e5c6e41a5c2a3
cache-control: public, max-age=31536000
content-length: 29691
expires: Mon, 14 Nov 2022 04:11:15 GMT

GET
H2 200 entry.shell.js.95be07127c6ee365f9a2.bundle.js Show response
www.heraldlive.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/ 194 KB
62 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js.95be07127c6ee365f9a2.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 87a26462c1e26a360f4efbab3a78a6df20f62e6981a2c9ee63126d5092f39ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 00:54:20 GMT
content-encoding: gzip
server: Google Frontend
age: 16933
etag: "oB0epw"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: 0f621bbc904628f9758d221c59633c24
cache-control: public, max-age=31536000
content-length: 63665
expires: Mon, 14 Nov 2022 00:54:20 GMT

GET
H2 200 entry.shell.js.dbccb9c4188be2d513bf.bundle.js Show response
www.heraldlive.co.za/build/chunks/base/app/entry/ 42 KB
42 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js.dbccb9c4188be2d513bf.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4545e6c6c9fb76d1317c5e9d18399944748851dec9691c51257abc30de930da5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 10:20:13 GMT
server: Google Frontend
age: 328580
etag: "oB0epw"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: b0747202602d73c835dd82143518e17a
cache-control: public, max-age=31536000
content-length: 42977
expires: Thu, 10 Nov 2022 10:20:13 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1636868193269_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1636868193269_1

143 B
741 B

33ms
32ms

Script
text/javascript

52.214.10.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1636868193269_1

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

HTTP/1.1

Server

52.214.10.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-10-122.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

70d33dbaa02340c6fa990a469c9aa95b72c294ad9cf66f174ed519e391b936cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 05:36:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 135
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 05:36:33 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1636868193269_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8782da69f5b02981b6e2e33e3df78717d784a510be57c80ad97fcd31d5cbf32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 62003
x-xss-protection: 0
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5727
date: Sun, 14 Nov 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sun, 14 Nov 2021 06:01:06 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
83 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f9989e15cd8856caabee44f90aca1af5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84ecd6633a03f3fc1667194b774078124a28243e7d9d48ccfb328bb20f27254a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.heraldlive.co.za/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: d+aapvIjVdOns0bDtTbesw==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84321
x-fb-rlafr: 0
x-fb-debug: C6956F5qc3AKJjp2mPF/ECy/hBJtAhh8dFGhGof2RBSfNvQDelwdJDwp3oUErMgzFpiFcNr+JKRsDGcQDwrbog==
x-fb-trip-id: 917726464
x-fb-content-md5: cd895471c1f767009769ad06dcef3156
x-frame-options: DENY
date: Sun, 14 Nov 2021 05:36:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ccac07c739e6017674b6b7c70d1e3ffa"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 14 Nov 2022 05:34:47 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
1 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js.dbccb9c4188be2d513bf.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Sun, 14 Nov 2021 05:36:33 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
176 B 13ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JNNJWFKJ2E&gtm=2oeba1&_p=2101265763&sr=1600x1200&ul=en-us&cid=921131964.1636868193&_s=1&dl=https%3A%2F%2Fwww.heraldlive.co.za%2F&dt=HeraldLIVE&uid=&sid=1636868193&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.uid=&ep.publish_date=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.heraldlive.co.za%2F&rl=&if=false&ts=1636868193445&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1636868193443.1937080013&it=1636868193201&coo=false&exp=p1&rqm=GET

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 / Show response
weatherwidget.io/w/ Frame DA2D 3 KB
1 KB 17ms
17ms Document
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62aba3546baccac5aba72413337f0216c67f8354349e8306dd208d4fcf4cb4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public; max-age=14400
last-modified: Sun, 14 Nov 2021 02:43:57 GMT
cf-cache-status: HIT
age: 7306
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNR2S4fXRJcEju3V57Qhw8UP3KL0Vs006YoijuJCemqf5zbx5aTRZ04KZEauQV8JyyRJBbsHsoPAZg76yFiQecyVPvXxYmfuvP2UrzQiME%2FW6fgTfobsFdJKsd1l7NHO0XBnYAP1VA6wbXfjGiCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6adde2015eb068f2-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
93 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2101265763&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldlive.co.za%2F&ul=en-us&de=UTF-8&dt=HeraldLIVE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=647175474&gjid=95890531&cid=921131964.1636868193&tid=UA-2619645-1&_gid=452651669.1636868193&_r=1&gtm=2wgba1T2RR9NN&cd1=&cd2=no&cd3=&cd4=n%2Fa&cd5=&cd6=&cd7=&cd8=Home&cd9=no&cd10=&cd11=&cd12=&cd13=eastern%20province%20herald%20sports%2C%20port%20elizabeth%20news%20paper%2C%20ep%20herald%2C%20eastern%20cape%20news%20headlines%2C%20the%20ep%20herald%20online%2C%20port%20elizabeth%20herald%20classifieds%20social%2C%20lifestyle%2C%20my%20herald%2CCompetitions&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=1636868192950&cd27=0&cd28=&z=1939227177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldlive.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/ 140 KB
46 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 21:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29222
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46909
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 13 Nov 2022 21:29:31 GMT

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
460 B 68ms
12ms XHR
application/json 2600:9000:2104:9800:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1636
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:9800:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 703698fdddee88c290aad95747206c6aba8ad651f68172d2d52feedca0456d09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 15:16:35 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 310798
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 19
X-Amz-Cf-Id: Z5Vy7MUUoFhVngeK33-oz_3e-A72fMzCxz-xIZ9N9rgLefCN0jivqQ==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 2 B
308 B 124ms
32ms XHR
application/json 52.214.10.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.heraldlive.co.za%2F&vt=ff9987bb-73cd-4b12-8dc7-1d6c392de024-17d1cf27cbc-15521ab3
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1636
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.10.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-10-122.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 05:36:33 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 33ms
33ms Image
image/gif 52.214.10.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=0&pu=https%3A%2F%2Fwww.heraldlive.co.za%2F&vt=ff9987bb-73cd-4b12-8dc7-1d6c392de024-17d1cf27cbc-15521ab3&vi=ed73de1d-034c-4397-8f49-e8e486f59acc-17d1cf27cfe-2a766c9c&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=HeraldLIVE&te=266&sh=1200&sw=1600
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.10.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-10-122.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 05:36:33 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
322 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2619645-1&cid=921131964.1636868193&jid=647175474&gjid=95890531&_gid=452651669.1636868193&_u=YADAAEAAAAAAAC~&z=797053721

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldlive.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Nov 2021 05:36:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gtm.php Show response
ad2.vic-m.co/adserver/delivery/ 0
176 B 105ms
33ms Script
text/html 34.251.13.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.vic-m.co/adserver/delivery/gtm.php?t=11%2F14%2F2021%2C%205%3A36%3A33%20AM&z=2228&m=desktop&l=&r=https%3A%2F%2Fwww.heraldlive.co.za%2F&c=0.997&v=76b604a1-226b-4e3b-830c-07d1bbd5d11f&w=1600&h=1200&e=11065dc47c49f2b3f196e5cf1e319454&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 05:36:33 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/7.1.33
Content-Type: text/html; charset=UTF-8

GET
H2 200 if_w.css
weatherwidget.io/w/css/ Frame DA2D 17 KB
2 KB 26ms
26ms Stylesheet
text/css 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/css/if_w.css
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2c51e1528f4f0f0a900c9c041a720a25f4a27ea6f60eb7e1ecaf16a5813cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weatherwidget.io/w/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Oct 2019 12:55:20 GMT
server: cloudflare
age: 7303
etag: W/"5d9892b8-42a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGAkrvNPMtW%2FM1rHUNxpXhY7y0qew3K%2FHBSpOoUaaaN7uLSp50F5ViOOIdOMWZg5qlxdYtVS02BEN%2BMtmzPCUV4Us7KMLHMKeybFyQqoU%2B1ma3h3NYnlVeGvzGSBNi%2BSJe2aWfXMVJblcpzp2a54"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde201bf4a68f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 angular-1.5.8.min.js Show response
weatherwidget.io/w/js/ Frame DA2D 160 KB
57 KB 27ms
27ms Script
application/javascript 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e37bad01d25cbecb3e6f6d477725ce6ea43637a94510cd27baf1068e319826ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weatherwidget.io/w/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Jun 2018 12:51:56 GMT
server: cloudflare
age: 7303
etag: W/"5b2a4dec-28026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2ppceyFBiTuKDQ7lQTqhh4T6lOJQ6g2ofLpJjwOXiYQsZiTrEftNDal7K4BCW3rwpKPDtNlGrv41hh%2FArrFpjazG%2FZWqNRE78fuuzEJD9RUEENEiuY5PTiji1wiwxRNcjeTcQWZrExzO%2BnvIB4T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde201bf4d68f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 iApp.min.js Show response
weatherwidget.io/w/js/ Frame DA2D 37 KB
8 KB 25ms
25ms Script
application/javascript 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/js/iApp.min.js
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c590b7f35f60c3d58265b235066ecc42d07f6a6c2edad989e788faa0d444fa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weatherwidget.io/w/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 04:04:02 GMT
server: cloudflare
age: 7304
etag: W/"600f94b2-94da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40VNxIm9njD7incv%2F6R%2B0h9e6bQmDkLZxEF%2BhzBhtkgJ8ePAyLcg4D4w4j1hIPpWFQ4nWZEA5wZY9zHotR6dMAQVyODCVUuZHW7%2B8bbk9mXN1YkbEiuueA7X25TDljQ2endjZXotKyi1uuQGndDP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde201bf5168f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 entry.shell.js.a7fbe9bb2de2295a034b.bundle.js Show response
www.heraldlive.co.za/build/chunks/custom/app/entry/ 4 KB
4 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/custom/app/entry/entry.shell.js.a7fbe9bb2de2295a034b.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.5f32e02d205c1ac57a1e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: eb14782ba3b2f52d966e65f665663b46343c38233bfdbeffc586404fdfb8c757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:57:35 GMT
server: Google Frontend
age: 81538
etag: "oB0epw"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: 5b8930ab7eb1734b2d53b3b4979ddd04
cache-control: public, max-age=31536000
content-length: 3816
expires: Sun, 13 Nov 2022 06:57:35 GMT

GET
H2 200 YHk_QvhhA6Q Show response
www.youtube.com/embed/ Frame 22BF 60 KB
25 KB 53ms
53ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba1debdec08d6cb6410047e0a80d0bda61fb702bea2eae6f64cd3bd14244035a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 14 Nov 2021 05:36:33 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: clear

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
377 B 40ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2619645-1&cid=921131964.1636868193&jid=647175474&_u=YADAAEAAAAAAAC~&z=1208171972

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
377 B 40ms
17ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2619645-1&cid=921131964.1636868193&jid=647175474&_u=YADAAEAAAAAAAC~&z=1208171972

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 69ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=heraldlive.co.za&host=www.heraldlive.co.za&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 open.svg Show response
weatherwidget.io/w/img/ui/ Frame DA2D 524 B
651 B 23ms
23ms XHR
image/svg+xml 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/ui/open.svg
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb3bbe91d293ec0b30bf7834648ccaded81fd6a27fa6dbb3f06941b28a6d12a

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Jan 2018 03:49:23 GMT
server: cloudflare
age: 7303
etag: W/"5a6aa543-20c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRpwz%2FpF8N7nTfsfML1TaC5gB%2BtGbsEZ%2BQ3CicEL9OE4FMELAByiXAIpsRehFRt3ZhZEWhb1eqp12IebV%2BuNLI8%2FRMRLXu6TTi2KSQwDTgA4HYnSZ4FKQ7yUasx7SbTPV%2FfvQrIJGOo6viVst1z3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde202380d68f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 32ms
32ms Script
text/javascript 52.214.10.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22GB%22%2C%22mb%22%3A%220%22%7D&callback=cb1636868193269_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1636

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.10.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-10-122.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

16eb5b2492c188314192dd83748e48b04b70b78e1cc0de8ba09059a7a17f0e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 05:36:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
123 B 101ms
101ms XHR
application/json 52.202.90.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1636
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.90.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-90-208.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.heraldlive.co.za/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 14 Nov 2021 05:36:34 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 329ms
102ms Preflight 52.202.90.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.90.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-90-208.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032111011823000/ Frame DA2F 189 KB
54 KB 60ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5acfea16c5a768b49594dbc1714a8144980558c381bae811706662661cf26a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55538
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1a4c5283c8e948b1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame DA2F 13 KB
6 KB 59ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458589
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame DA2F 89 KB
28 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame DA2F 5 KB
2 KB 68ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458589
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame DA2F 40 KB
13 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DA2F 3 KB
677 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 03:57:38 GMT
server: ESF
date: Sun, 14 Nov 2021 05:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA2F 2 KB
3 KB 44ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 17:51:59 GMT
x-content-type-options: nosniff
server: cafe
age: 42274
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 2502
x-xss-protection: 0
expires: Sun, 14 Nov 2021 17:51:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA2F 295 B
398 B 44ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 02:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 9533
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Nov 2021 02:57:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DA2F 0
0 16ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP5ee_AVgPUSZEDeAz0rbRhT3Aq11ROLOD5y74X3UbKotBFD32Bi5YhHSIICfIui130mAL
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA2F 0
0 38ms
38ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyAltYaCQYd-iBJeNrATm3Zv4BtjS1KFms4fGs9gMxLvrvZQeEAEgvNDhFmCVypmCrAegAfD27pEDyAEJqQILlPdm_jKzPuACAKgDAcgDCqoEjQJP0CaTJPPLbxWElIcnsSFSVw9tWd3RF_a9oaAAcvzp34wew144xWFiCPZiOvi1WutthULaCg0U0ri1uCKWc2UQSTDaCBPKV0RgwGEBz3tggxk1t6qV_Z0kwxIJztV4yLKcbggooNBg4a5xyWmJJvGxE5gu11XsZE1fXx2sgm-9ZdRx8d7-X3yfTPOKXdw8COc_BwEW_JKICpzdzK7EWBaGaLqZ7iSOb9cQ2HnHUqCsDMiRyxqgFPgFA1eGmWjoR-sSWYcR840BvJpwo2b3SNT_YkQ-U0SLlJ2yfHzId_w6s7qMsYyhkCcrOrA7cYdMHEQxpqNEIXDWThp_SpnayyrggFVuOOVZYIkTeu3HysAE3OzYu4sD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_iIkW6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCsh0HSCAkIiOGAcBABGB2ACgPICwG4E4gn2BMMiBQF0BUBgBcBshceChwIABIUcHViLTQyMTA1NDg2NTE5OTA1MjEYtv8V&sigh=lUguO4-UhMU&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 container.html Show response
ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A902 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 05:36:33 GMT
expires: Mon, 14 Nov 2022 05:36:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

GET
H2 200 / Show response
forecast7.com/en/n33d7125d52/port-elizabeth/ Frame DA2D 5 KB
2 KB 188ms
107ms XHR
application/json 2606:4700:3036::ac43:8191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forecast7.com/en/n33d7125d52/port-elizabeth/?format=json

Requested by

Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34377e831d4ebaf3c466110d883414f388cac226e36cea8ee33fa8aa5b06becc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"12b7-2DPyF7qIZEuLhpVnPh7W1N/70XA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qecn5FUOIHzmxikPp%2BtwmctJt%2BjtmM49B8mWbbiqIUtXYGRKoKLvYFh2fp1gpopT%2FO8APhDZV%2FKOMhPA2m0q3yyKyOwpAkWVdpGwNSoKa1WN2n1yPfwpQ8BvJVXP7mC%2FFIrFMNTMMAOJX0lJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://weatherwidget.io
cache-control: public
cf-ray: 6adde2036c1b4e43-FRA
x-proxy-cache: MISS
expires: Sun, 14 Nov 2021 06:11:03 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
551 B 32ms
32ms Script
text/javascript 52.214.10.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221636868193741%22%7D&callback=cb1636868193269_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1636

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.10.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-10-122.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

cbbcb7ceadb7eb8b5f3e02d73b423f9b03f40768771c20d03d9b7b950870b4e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 05:36:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 95
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14042229187969217859/ Frame DA2F 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14042229187969217859/downsize_200k_v1?w=600&h=314

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361a6c619a58707e58539ac3de1f7b7fd647783bfa470f413609d0c5ad72ff67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:13:55 GMT
x-content-type-options: nosniff
age: 177758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 18353
x-xss-protection: 0
last-modified: Mon, 23 Nov 2020 16:46:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 04:13:55 GMT

GET
DATA 200
OK truncated
/ Frame DA2F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a173d8150457ee37e064ca7ee2f33fc8e4f38ade47a9197f82f42dd1a0c68095

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DA2F 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103e203ed739444fd4bce908ad393952b6fcababf6e3be17f85f575053c06ec7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DA2F 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 271254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 02:15:39 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DA2F 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 472507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/8d287e4d/ Frame 22BF 335 KB
46 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5657
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 47155
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Nov 2022 04:02:16 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/ Frame 22BF 207 KB
68 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50029
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 69543
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 13 Nov 2022 15:42:44 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/ Frame 22BF 2 MB
517 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf68424ddac709c40c15412cb5cdae3c95f7ddf7ed720b4874e1ffc5e81dfeee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179527
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 528903
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 03:44:26 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/ Frame 22BF 8 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167952
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 06:57:21 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032111011823000/ Frame 531A 189 KB
54 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5acfea16c5a768b49594dbc1714a8144980558c381bae811706662661cf26a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55538
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1a4c5283c8e948b1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 531A 13 KB
5 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458589
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 531A 89 KB
28 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 531A 5 KB
2 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458589
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 531A 40 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 531A 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 17:51:59 GMT
x-content-type-options: nosniff
server: cafe
age: 42274
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 2502
x-xss-protection: 0
expires: Sun, 14 Nov 2021 17:51:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 531A 295 B
353 B 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 02:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 9533
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Nov 2021 02:57:40 GMT

GET
DATA 200
OK truncated
/ Frame 531A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01dceb28610bad12edf9247feca9a600f309c957bfa32594466879ab59552106

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10488210750993858249
tpc.googlesyndication.com/daca_images/simgad/ Frame 531A 78 KB
78 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10488210750993858249

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d1c78f538750ec92cfc4cd174ef81f513b1c4fc3ba17ee7c598e3ce6f6c909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:14:52 GMT
x-content-type-options: nosniff
age: 231701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 80159
x-xss-protection: 0
last-modified: Thu, 06 May 2021 13:06:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 13:14:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 531A 0
0 14ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKHRa1RLevHXVA-dAbiNltbH9jcL_fmCjnUnBcombNx6S7ekrha4FAzPiFx8BiUAp0LVyG
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 531A 0
0 34ms
34ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-18nYaCQYeOiBJeNrATm3Zv4BubGks9lnpmhqvYNsJAfEAEgvNDhFmCVypmCrAegAdfcnMcCyAECqQJfaGHw1zSyPuACAKgDAcgDCKoEjQJP0PQgoMw-xJqzX0c-Ixuxe2Z33-uSr_ZpGECuU_nxx085BTLBAoleunhagPsngQw1uIvjALJnhN8RJlOez-R-5js-KKb6dvWvs4hCabfBKZN570aiMUSIhlz-cQJfiuho9ti3eYQ-g_Ri4A3CUF73b1DBOHKUBPMKFJexhKBrXimsfwN2aUCkJvNX0oHmnYK8QOYfEkiv9RXvJsOlnweQwwTULs7ZLtTiH1T7h4Av_NgQ7zyIbLz_Zc_IMF4dOg6Rjzkg-51E9I1i_tzuhB6pMnhK6ZiOQEQbI4O0O6QP4MEV80r6yQHw3QOfmYfZyr0IabiSuyxmK72AzdY7ST-nDIGK3kJ0mFoBHymV_cAEq7us_sYC4AQBkgUECAQYAZIFBAgFGASgBgKAB5Gj47gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ3LQp0ggJCIjhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTQyMTA1NDg2NTE5OTA1MjEYtv8V&sigh=mq5UWUNnMJI&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032111011823000/ Frame 0C81 189 KB
54 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5acfea16c5a768b49594dbc1714a8144980558c381bae811706662661cf26a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55538
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1a4c5283c8e948b1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 0C81 13 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458589
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 0C81 89 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 0C81 5 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458589
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032111011823000/v0/ Frame 0C81 40 KB
13 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 458590
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 22:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 22:13:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C81 12 KB
981 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:300,400,700|Roboto+Condensed:300,400,700&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1fa71984bc1e12c09fb7e3f56361f99085f99f809ab0332984c4cd9fc4b85ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 05:36:33 GMT
server: ESF
date: Sun, 14 Nov 2021 05:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C81 12 KB
957 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700|Roboto+Condensed:300,400,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1fa71984bc1e12c09fb7e3f56361f99085f99f809ab0332984c4cd9fc4b85ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 05:36:33 GMT
server: ESF
date: Sun, 14 Nov 2021 05:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C81 2 KB
3 KB 15ms
5ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 17:51:59 GMT
x-content-type-options: nosniff
server: cafe
age: 42274
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 2502
x-xss-protection: 0
expires: Sun, 14 Nov 2021 17:51:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C81 295 B
353 B 16ms
3ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 02:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 9533
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Nov 2021 02:57:40 GMT

GET
H2 200 16840926707985673088
s0.2mdn.net/simgad/ Frame 0C81 288 KB
288 KB 51ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16840926707985673088

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da42a553221af53faa2e2140af0e03ff721c98bc32a6bf88b9c636d304954857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:09:34 GMT
x-content-type-options: nosniff
age: 178019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 295094
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 14:49:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 04:09:34 GMT

GET
H2 200 11107184533922566823
s0.2mdn.net/simgad/ Frame 0C81 790 B
1 KB 49ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11107184533922566823

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5aa3ebfb8e3a3e4fb5c31f8abf598f3e85d3a7e12fd2a703442c24133d23fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:42:33 GMT
x-content-type-options: nosniff
age: 438840
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 790
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 12:34:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Nov 2022 03:42:33 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 0C81 42 B
409 B 63ms
25ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMpKaQ2Fcny3mcHn0SvkjC-vGMxEoXZfAWzkOzoCDKkUfHxMNbKy0UzY4Mpgrj_5BBRCvCNDiXpyjwOt6TNcTar-vtI1fIpYJFCyx1y7VOlQQsMKmJngPRcbcJm2cJvQ6JxhDx5OpwOixCQGC0MWKrIacjrQ&dbm_d=AKAmf-Bxt_t3QUu2ZoWtP-PkI-2__RsQdNZrt4sq4hM0p8L36vgB-uhHCSJ5VcjgEHB2yysGedr3X9Bofg_hGUeNQ2NA3bDl2hLA_h0zHVEEWXPCgdngDEg89tbXx9d6_WP4e-o4-1RFJCgAMCPkI9c3GDAZqYghevzcp2ogsdoVz59R881wjyLfy3FProe5pzijzlXEBh63szMu1cSeFTEFW9vuuIhXvLSg4_hnFq2gneXSxvYsBf1h2OUEVFSUh8acNWp5bo102iGmaznrSakzIKnZTwaJ4G0gSHzjqL-NtzVIeJczcHVgFLaBG1oeTC9JfJjuVk379LbkPzaSOx6AVPIEm-6TPFMEH23F6Ogpkd3eIrIL_PnZuWFwl6emkK3hWp7VP4OFI62lSXpazobooaj29OO1xiQ2hGFdVfVhumXlP6irNz6Y_WwXiMIR03UvmTXGjpYB-nE8VC6ljjm6thlsloco_hm23f5IfT6QU4NipR4mPaIl9BR_wHJxzjKdcNqGr-hBp4o-Hx2iPMR_x7HJebSL1p21V2tpQ_VmCRjmFsZNtfQyLDbbdRy6-Ckj3KNSwFZAbPimBgLTmqrMEoN8cBjWjEgH09iSw8kwbO3n4KH91KqTCWlXYIDGlHGFvMfmdecEsLfmAt1PRSzs8fFDuCRE67TyfrafLx-Mej-lbzbjz8WBSbDo0Ga7nGu4-3o4YxU5M-82OY4cLmwD8o88cBlX2XLRS119-oEf0-q2Gw7eGR1Alz8CM_8KAw-Wk7YcqUBciyCa0wKCdne7GRhs_3_toddIw1CpsaBsLio3SFkU2fBiTdr1YQtbsjOI7flOm5btniwzP3SyHe9-Q6WwqXhton4MDNf_prcs8c4ypVKEUDS6aRxE3OC01stscde1EphdnRB8aFlLI_HHfqhZomInv0VHRkhYzsjtebfjHDlMZMFOkM-Ls9ekz6e458nMCLko93WKbrWS_xa38OQUJZ4o_B3r9GvnrFj5iipZkQp1QmLsl86CA-eiV38K4GvbL8t-_Wr3rY3S-9yFKGGC5losuhkX0IEuaIP4nzQjOJwRvkfSZdlOb8maXZLsN-O4o0CDg5DRjw6osDIAuXUEml9bligh7wSujPUG4pb76Ba3i7QbBk6JLC7Lh21sxBDHTLldj3g-zMEb2XpdTngT1cSLvg815n9OQqd6e7UfHp7IuZNO5DNGvPzVQjMddypm6fTPeeF4EL4d2ISidZUoKSMzEV7Hqi136JU-0kXgJuUmM8IrYmtjmEO9x-cZxA_UBFg6EIMELTo23MmEtxPxs8Hv4CTNHScSZLMAZcuK_-VuRFwlEOaEWbo_6XxlVI4KyAoBM8L_w86KkNUmR7JWsfAZRJzq8t4UVrOYYwSaGCD4zgRAdoOHicD662KMc_eAHd0TwQIhz6SCC0cfeCDsf9hKV03GT3GsyWLG89PG1uHd2lwpREqPvSJea4agQHnuj4OyX7lwbl5e8epBpUK29nll3HMBcySPDqzNFlXchAU8L-VukzZX1Y2kjwgYETAZmnX2uBllm_6uIt3rb714AGHbWsozZBR80Pt5NNW-5who0lYH_5Yta7-zpepC7xDIbSPnxPnX0dqwA1Cbolyc8jpt5UM23NDTsjGdyobHh7VuE21ZlA2w8c89C7xFMsnGv8hJRZK4DnFMgqX5MvoYs1ZWhgaIewtn4AH0U58jeKHAxEg_zILEJgE1q-dkePYUoDUy454QfYHHM7QKx0IT6khbnARVAbRF11CSioxPeoK3pm4d9qMhwH2iYhzeRAMclUVpXoFJ-sLsiChmjsYjYRG23yLi6YYOkmbTOMwvDW7yKEwQbL0uyevPzvIhBtG-81xaHh969ewY59iTJsGlp3C0NQdXJVmg8bXHLG8zYTVWEwl1LVLj3OLS82x1H3Q8Ig3v8uo1xqxn8Dqwk1K6NUDdsRD72MDKEb3P5fqpJ1Jh6mRlZxkpw1kXMmHQbnr0LfNqjN5YoqDQgRXl8Tadk2CraBU4I3JQe0Fkouc-I0JY4GSpGs4KDqkWI-rOruNcZ4RRYUfD_ARlP6v4iEBvS3KszsGJs7zeNXBuYVXHHDcH1_0DHKokZHQlM8pzhX9s6xtzvDoGNO0YAUcfE_BBdfLHgmyaOwNjVjlgXDD3ch9pKi6iZ8Nm5Ei4MJm9BxxB7jL0GVRqEVvhXZzXpI-9b6w0Y_K36tUxnv-j33Xv5h9z4WQcKZhzfg-xl4BV0MSDPUCw2U0ejHlsq1LlesYIfDA1WFTAKUQC4Iuah-Rm9RlahH4iM7lvA3xhvd_SE0mITTqNF2iornmbeRnXaRTtEAmDFsbO4a7C9U8m9mGkeCLw0hJ6X0QEXHvPvbCb9cLOutZeu9WiLRIJRuQC_MfVdnrEVmPKVSTfPJyDb1cijNmMEsiTZqEBn7cU8o7oueyif6YMbLaRJIfKCPxna1MTwAIXVDhX0essCvLXmpyRo51700aOav2cz27Y7j02MTB-Eon4xJzDDiVqslDjwvmz7agcyTEuJhYplg42Q3moquOqMIfkB1nSmQ4KhRHgZeD6vbVfNxxr0yWXMg-qg3o8elpCM4OIEHn7vjlFkeaalzy7-RFv-Nm4mub_bc6SRwxvtQlz0MWRD181Z1ENKfoYChxJufYL3YnGhi2JNuPS8hfY9W3yVyGimxcqxURzACvGa_ltIsUFmk3eCeG0YGGYsi7pMRHywCx1A_X1Ih1OENb4sDmAa5DuG5cM84ek9pMb5Kp2elN3i83aSG57tmid9IPLi2L08fkgt0u8Efp5OeLjaqzZkhsu0z8N4OSuFmxFNUCQh6hh7cuXajAj4zvFSvg8hO1K2m4PYep5HjNzLfQvHobBQYEskjlacsnGHnWppFhyHyShgpaJ5GGBA-bG_djGKpNytgVi9hIf10AZj7EhpKgibHiWy8Z5VcG6cj63WuV4n7YO1hMnRG7NgfsGfKN4w7ToYF9Lh82xWBj5_It5sLud_ps7CH5HoE3R25hKtFKLZ4crLUem8H5iCEAQkm2KNM2F46euyWdy9AtrizgI2rjpy3t4a0z0cgwq2OWdvwnzrVgyaVaMs8AqfWrlapQQ4LCkd_f_ywgFChm8aAPOMqmVtyPMo7YVwpctKDhEH1DimnZ1E_OEaJt7n4chyXoc0DGS3k5su8-iTDBiyVankTQAC2KwBmkrY65yHcNKbTsTjl_meoBT2NPts_0TFoo5Cihvojf_EKIeknHlx9hLa5Adtv6gZpkUtw9pHxMrmEKPcJ5rx7RyVHRlZ04WjlmJf1umh48etfWZoogH1Zwvc1aIFnpOzo7JZsWySO9MSx6VShe11rHeC0sfec5dnxa2GwYR9VRKho6oTOJIAlfPyAw&cid=CAASPeRoIS11Quh0ym9m7TW4pyyADP5BXXNkNla4o5yNsc4D23Tn79P68vyLkPiBOIu6Y15mSS8MpUUnfS8PKgg&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0C81 0
0 39ms
27ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9u3yYaCQYeKiBJeNrATm3Zv4BoD0wJBkh43XnKIOnriItoMDEAEgvNDhFmCVypmCrAegAZXIibkCyAEGqQILlPdm_jKzPqgDAaoEiwJP0F3ZJfbOIgFHPGo29d8e71bKCFZ-Xf_GpdC1HAdpbkvzJ2HfjbjbhJOP02xIVQ55VZVsvbdfenae8gbFMLXZciL3YnytoxkxnHtRQVbuxZS7iZW3JpviLHHW_gyEUxh2Ue71DGgD2ZojXj9Jm2kd91hrTG_PouAur_zD1hi3p0v8AfsD1YvMvxfnvgzMK4wWSJAm0PTOzodcBudD16Cp8nA_5r4I44FaOVnVlU77r1mJcatBnbJmGW6FTk6YTqD5ogz8zKsWy--9K_JTJUbmF_HXOWrvavQcGoQ9UpiPu7PE5g8Vl1hesexkQ9bpEr65GY_wB4KBAG4qhQ7sy4l3Eb3UfOKKgwJ8MJPABMbChs7WA-AEA4gFs9SJ0DSSBQYIAxAFGAGSBQYIGxACGAGSBQoIIhAFGAFIgpFikgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfTt_bGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEK3qTBi58O6tAdIICQiI4YBwEAEYHYAKA8gLAbAThN2jDcgTwpuv3QPQEwDYEw2IFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDIxMDU0ODY1MTk5MDUyMRi2_xU&sigh=w3VYtVWVBKE&uach_m=[UACH]&cid=CAQSPgCNIrLMbzByqjuTiggcKM6c5LPqNksESXTuAOx0bVk686rlNXRQUESngSpI9sGQyQxYJHQR6sPtY9FsJHon&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 22BF 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 255278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 06:41:55 GMT

GET
DATA 200
OK truncated
/ Frame 0C81 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb90c73f400929bd8e73332faa241a4fd1931376d18d43a02b35a81bd71e1637

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0C81 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:300,400,700|Roboto+Condensed:300,400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 143805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0C81 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:300,400,700|Roboto+Condensed:300,400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:40:20 GMT
x-content-type-options: nosniff
age: 269773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 02:40:20 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 0C81 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:300,400,700|Roboto+Condensed:300,400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 474072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 17:55:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A902 4 KB
707 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 04:01:25 GMT
server: ESF
date: Sun, 14 Nov 2021 05:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BDC8 3 KB
652 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 04:00:48 GMT
server: ESF
date: Sun, 14 Nov 2021 05:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame BDC8 1 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 05:34:05 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame BDC8 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 05:33:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame BDC8 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 05:17:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDC8 119 KB
37 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 05:36:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame BDC8 15 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 05:31:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BDC8 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX5MWiDSFIPUOLWSW4vnrvzs5FditgOkKtwpfs63ai_gjmYSxpUUqqTAd9iqmpgbtqmsZ9
Requested by: Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame BDC8 27 KB
12 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame A902 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 8107
x-xss-protection: 0
server: cafe
etag: 4972561305884240788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 04:15:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A902 205 B
520 B 29ms
8ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:30:40 GMT
x-content-type-options: nosniff
age: 205553
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 20:30:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A902 604 B
696 B 29ms
8ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:30:29 GMT
x-content-type-options: nosniff
age: 216364
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 17:30:29 GMT

GET
H2 200 cloudy.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame DA2D 949 B
857 B 16ms
16ms XHR
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/cloudy.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 666b81a3d37a051f35c544d975cfcf22a988d3990166d9d91a68ac6f9d6b5edb

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Nov 2021 00:03:05 GMT
server: cloudflare
age: 7301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob%2Fao7RQtLTOx7BaTlxM5bOt21lKUpWD5PZPCAAzishjNDmOsmlRrav8DjodDQm5oc2fiDzcgk%2FzBiKLUSYi6ArjW0kOb9h%2FK4SyS7CpsKbBH2f1cEyqi912BWhFZdpXPVRcw%2Fqojhpoj8qkqNHW"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde2045b4068f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 rain.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame DA2D 2 KB
1 KB 17ms
17ms XHR
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/rain.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b550bc1fe6527e0f74ec28d2ca79e8324b7a2f6ad5077e8888671b58216cd324

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Nov 2021 03:06:52 GMT
server: cloudflare
age: 7300
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxRT0W6GdZkGlau%2FEykGukPjT%2FwnMn5dIfztH39K3msGk6u9HUK4BszRSNoss6DFZQrYxBJeovcOOXWCWv%2BEXjOi1f4EQFrc9%2Fd%2FN8QGzyNC2Gc3BGO4HaX2q3BGrJNDbj2OCilEkN8xITYFtWDg"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde2045b4468f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 partly-cloudy-day.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame DA2D 2 KB
1 KB 20ms
19ms XHR
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/partly-cloudy-day.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e106d25cdf7267e5ece3fcff97c51482281dc4626dde5b6463163784a25056

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Nov 2021 03:34:17 GMT
server: cloudflare
age: 7300
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsR2FAydtXDE%2BY1VKLMwK8gi9b8Jlq9%2BwzM7rJPflawu3%2BdrpXXGlw49q21hPUhUdROFbZmC%2FMBAJJZqzu0GiSLIdmbsnw77GaCFcP8wEe7PMs1ljXdbTz2iTQ%2F8lsYOCl7w8cWOWu3Zo%2FjmCwZQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adde2045b4668f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
149 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2837651136267650&ev=Microdata&dl=https%3A%2F%2Fwww.heraldlive.co.za%2F&rl=&if=false&ts=1636868194004&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HeraldLIVE%22%2C%22meta%3Akeywords%22%3A%22eastern%20province%20herald%20sports%2C%20port%20elizabeth%20news%20paper%2C%20ep%20herald%2C%20eastern%20cape%20news%20headlines%2C%20the%20ep%20herald%20online%2C%20port%20elizabeth%20herald%20classifieds%20social%2C%20lifestyle%2C%20my%20herald%2CCompetitions%22%2C%22meta%3Adescription%22%3A%22HeraldLIVE%20-%20The%20Voice%20of%20Nelson%20Mandela%20Bay%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heraldlive.co.za%2F%22%2C%22og%3Atitle%22%3A%22HeraldLIVE%22%2C%22og%3Adescription%22%3A%22HeraldLIVE%20-%20The%20Voice%20of%20Nelson%20Mandela%20Bay%22%2C%22og%3Atype%22%3A%22landing%22%2C%22og%3Asite_name%22%3A%22HeraldLIVE%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.heraldlive.co.za%2Fpublication%2Fcustom%2Fstatic%2Flogos%2Flogo.herald-live.png%22%2C%22og%3Alocale%22%3A%22en-ZA%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22HeraldLIVE%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldlive.co.za%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.heraldlive.co.za%2Fpublication%2Fcustom%2Fstatic%2Flogos%2Flogo.herald-live.png%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FHeraldLIVE%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fheraldlive%22%2C%22https%3A%2F%2Ftwitter.com%2FHeraldNMB%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FTheHeraldPE%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1636868193443.1937080013&it=1636868193201&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 14 Nov 2021 05:36:34 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 22BF 113 B
325 B 27ms
27ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ba0502d19ec84db4aa179e4b1333159bdd7b1b6ca763baf28075dc8eae22e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 131
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 22BF 29 B
463 B 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:28:00 GMT
x-content-type-options: nosniff
age: 514
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 05:43:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 531A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

25ms
25ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 14 Nov 2021 05:36:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 10488210750993858249
tpc.googlesyndication.com/daca_images/simgad/ Frame 531A 78 KB
78 KB 6ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10488210750993858249

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d1c78f538750ec92cfc4cd174ef81f513b1c4fc3ba17ee7c598e3ce6f6c909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:14:52 GMT
x-content-type-options: nosniff
age: 231702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 80159
x-xss-protection: 0
last-modified: Thu, 06 May 2021 13:06:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 13:14:52 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 531A 2 KB
3 KB 17ms
16ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 17:51:59 GMT
x-content-type-options: nosniff
server: cafe
age: 42275
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 2502
x-xss-protection: 0
expires: Sun, 14 Nov 2021 17:51:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 531A 295 B
357 B 17ms
17ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 02:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 9534
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Nov 2021 02:57:40 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C81
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

58ms
58ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 14 Nov 2021 05:36:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 remote.js Show response
www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/ Frame 22BF 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0e0f871b01bb539a4716e6dc53c8f1e59fb1985d9422169c082e432153db3e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179380
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 29836
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 03:46:54 GMT

GET
H2 200 xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js Show response
www.google.com/js/th/ Frame 22BF 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13555
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 13:35:02 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/ Frame 22BF 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a158a9cbe6178caba51f4567c57684933795e769f02d00073ed7f9a3ea2804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179331
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7365
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 03:47:43 GMT

GET
H2 200 16840926707985673088
s0.2mdn.net/simgad/ Frame 0C81 288 KB
288 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16840926707985673088

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da42a553221af53faa2e2140af0e03ff721c98bc32a6bf88b9c636d304954857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:09:34 GMT
x-content-type-options: nosniff
age: 178020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 295094
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 14:49:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 04:09:34 GMT

GET
H2 200 11107184533922566823
s0.2mdn.net/simgad/ Frame 0C81 790 B
857 B 17ms
17ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11107184533922566823

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5aa3ebfb8e3a3e4fb5c31f8abf598f3e85d3a7e12fd2a703442c24133d23fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:42:33 GMT
x-content-type-options: nosniff
age: 438841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 790
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 12:34:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Nov 2022 03:42:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C81 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 17:51:59 GMT
x-content-type-options: nosniff
server: cafe
age: 42275
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 2502
x-xss-protection: 0
expires: Sun, 14 Nov 2021 17:51:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C81 295 B
353 B 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 02:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 9534
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Nov 2021 02:57:40 GMT

GET
DATA 200
OK truncated
/ Frame 22BF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQABP2aAeNZJTq0iQCPKSvo8AJhMil0JbT53f71gQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 22BF 2 KB
3 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQABP2aAeNZJTq0iQCPKSvo8AJhMil0JbT53f71gQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1cfaed5e07cd45ae76d89b51be41f721b9e5ecad8fe06e6365a877ab969cb683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:37:21 GMT
x-content-type-options: nosniff
age: 7153
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 2507
x-xss-protection: 0
server: fife
etag: "v453"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 19:15:32 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/YHk_QvhhA6Q/ Frame 22BF 25 KB
26 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YHk_QvhhA6Q/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6586e2e1922d24bc7658537cdc7acd461bd8eaf4ba51892f7e6d8c116018d634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:32:50 GMT
x-content-type-options: nosniff
age: 224
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 26053
x-xss-protection: 0
server: sffe
etag: "1636627678"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Nov 2021 05:37:50 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3D8 143 B
222 B 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 04:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3202
alt-svc: clear

GET
H2 200 newrelic.iframe.js Show response
iframe.iono.fm/js/ Frame 6F60 7 KB
3 KB 8ms
7ms Script
application/javascript 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://iframe.iono.fm/js/newrelic.iframe.js
Requested by: Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c8b61485fcaad0a1729b7034c89ad9ce302b91beb0ae6a9762a5b38d3c853c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 11:04:22 GMT
server: nginx
etag: W/"61641a36-1c8c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, no-transform

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6F60 163 KB
60 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VPD4RSZGP6

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c03d8f13b5678147c3c73a241a282fac7b6e908937f9ed078a605976c42e3048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 61738
x-xss-protection: 0
expires: Sun, 14 Nov 2021 05:36:34 GMT

GET
H2 200 waveform-data-2.1.2.min.js Show response
iframe.iono.fm/js/ Frame 6F60 8 KB
2 KB 8ms
7ms Script
application/javascript 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://iframe.iono.fm/js/waveform-data-2.1.2.min.js
Requested by: Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 796cb93bbe68ef65236b9efa5006b285a79db067308e0b6a0fabf57404aef00d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 11:04:22 GMT
server: nginx
etag: W/"61641a36-1e87"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, no-transform

GET
H2 200 player.js Show response
p2.iono.fm/bundle/0.8.22/ Frame 6F60 221 KB
63 KB 40ms
8ms Script
application/javascript 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p2.iono.fm/bundle/0.8.22/player.js

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6da572f5c86657f0d3103f4fc05dc2c956db9bb7d9907837709ad32862e6b97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Origin: https://iframe.iono.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 14:47:03 GMT
server: nginx
etag: W/"017d91a802492309916770bea32c72ad"
x-cache-status: HIT
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5184000
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload

GET
H2 200 player-ui.js Show response
p2.iono.fm/bundle/0.8.22/ Frame 6F60 141 KB
39 KB 54ms
23ms Script
application/javascript 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p2.iono.fm/bundle/0.8.22/player-ui.js

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a30372a92d9e5008a063fd5b8f29a7977664dad20e7343b1e1623bc3fba38a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Origin: https://iframe.iono.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 14:47:03 GMT
server: nginx
etag: W/"6ec576e80aec8e7ac18422a69f6c3655"
x-cache-status: HIT
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5184000
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload

GET
H2 200 legacy.js Show response
p2.iono.fm/bundle/0.8.22/layouts/ Frame 6F60 87 KB
23 KB 58ms
27ms Script
application/javascript 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p2.iono.fm/bundle/0.8.22/layouts/legacy.js

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cfc9cec7ed826ee612e44489e5481f159bd0f987f0e70a919cc4a744c5ae6fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Origin: https://iframe.iono.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 14:47:01 GMT
server: nginx
etag: W/"a16c89929e7493b48d36105b5c102e98"
x-cache-status: HIT
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5184000
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6F60 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5728
date: Sun, 14 Nov 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sun, 14 Nov 2021 06:01:06 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 22BF 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 05:36:34 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 22BF 0
40 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ngBH7Q
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
alt-svc: clear
content-length: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
146 B

27ms
27ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
URL: https://ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 05:36:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 05:36:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 05:36:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2 200 license Show response
iframe.iono.fm/ Frame 6F60 64 B
309 B 7ms
7ms XHR
application/json 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://iframe.iono.fm/license?key=iono-test-key
Requested by: Host: p2.iono.fm
URL: https://p2.iono.fm/bundle/0.8.22/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c5a95ad7d4243c08dc5e709add0ce5ea9f2dab3fdb6b814caa6250cb61f3a81a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json, application/json
access-control-allow-origin: *
cache-control: public, max-age=86400, no-transform
x-cache: HIT
x-country-code: DE

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame 22BF 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sun, 14 Nov 2021 08:59:50 GMT

GET
H2 200 nr-1153.min.js Show response
js-agent.newrelic.com/ Frame 6F60 26 KB
10 KB 24ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1153.min.js
Requested by: Host: iframe.iono.fm
URL: https://iframe.iono.fm/js/newrelic.iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "d3b942e7c79a167d59ed590feee5e193"
x-amz-request-id: ZQ9SVZQSBAAHVBV5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10041
x-amz-id-2: gmw7Cxzxrf6PviPyXvs6/rBZ/zl9UyQXGOGIp15/il34prcGK/C8eLOA6BEeuT/tZ5z6sTUh/ZA=
x-served-by: cache-fra19145-FRA
last-modified: Fri, 08 Nov 2019 16:26:28 GMT
server: AmazonS3
x-timer: S1636868194.449931,VS0,VE0
date: Sun, 14 Nov 2021 05:36:34 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 3189 Show response
iframe.iono.fm/playlists/chan/ Frame 6F60 80 KB
10 KB 449ms
449ms XHR
application/json 157.245.20.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://iframe.iono.fm/playlists/chan/3189?limit=20&sort=latest&skip=0
Requested by: Host: p2.iono.fm
URL: https://p2.iono.fm/bundle/0.8.22/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.20.41 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b3116fedfbe1ed93b93d1ddc2b602d379391e497e10e7b3f3ae37950eac53a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json, application/json
access-control-allow-origin: *
cache-control: public, max-age=60, no-transform
x-cache: EXPIRED
x-country-code: DE

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 40ms
19ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8770864a15992f56021d1d8f9e77cd0e05866f4f64a0f3e8c0ce2977811f988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9307
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 41ms
14ms Script
application/x-javascript 2600:9000:2104:fe00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:fe00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:27:28 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 4146
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: iXj_OBaXwxP6cQGhjYeY4dShovcUpPDVjfszUBJwrKV5xNjHiyLCdQ==
expires: Sun, 14 Nov 2021 06:27:28 GMT

GET
H/1.1 200
OK 41aa45f871 Show response
bam.nr-data.net/1/ Frame 6F60 57 B
322 B 440ms
108ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/41aa45f871?a=214730062&sa=1&v=1153.61ee9ba&t=Unnamed%20Transaction&rst=1340&ref=https://iframe.iono.fm/c/3189&be=1122&fe=1294&dc=1291&perf=%7B%22timing%22:%7B%22of%22:1636868193137,%22n%22:0,%22f%22:908,%22dn%22:908,%22dne%22:908,%22c%22:908,%22ce%22:908,%22rq%22:917,%22rp%22:924,%22rpe%22:925,%22dl%22:1007,%22di%22:1291,%22ds%22:1291,%22de%22:1291,%22dc%22:1294,%22l%22:1294,%22le%22:1294%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2101265763&t=timing&_s=2&dl=https%3A%2F%2Fwww.heraldlive.co.za%2F&ul=en-us&de=UTF-8&dt=HeraldLIVE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3365&pdt=11&dns=42&rrt=977&srt=651&tcp=25&dit=2147&clt=2147&_gst=1790&_gbt=2383&_cst=1843&_cbt=2174&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=921131964.1636868193&tid=UA-2619645-1&_gid=452651669.1636868193&gtm=2wgba1T2RR9NN&cd1=&cd2=no&cd3=&cd4=n%2Fa&cd5=&cd6=&cd7=&cd8=Home&cd9=no&cd10=&cd11=&cd12=&cd13=eastern%20province%20herald%20sports%2C%20port%20elizabeth%20news%20paper%2C%20ep%20herald%2C%20eastern%20cape%20news%20headlines%2C%20the%20ep%20herald%20online%2C%20port%20elizabeth%20herald%20classifieds%20social%2C%20lifestyle%2C%20my%20herald%2CCompetitions&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=1636868192950&cd27=0&cd28=&z=1784273674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:19:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1002
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 14 Nov 2021 05:36:34 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
202 B 304ms
101ms Image
image/gif 23.20.18.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldlive.co.za&p=%2F&u=8uIzmD17zXuC0ZQkz&d=heraldlive.co.za&g=54086&g0=desktop-herald-live-home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7672&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3365&t=CyFh48BoTAiKJ_br3M9hiDJy3pK&V=129&i=HeraldLIVE&tz=0&sn=1&sv=BBm-kZBdDIZPBUIV1ZDGZ6VwC0Vt9E&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.18.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-18-198.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:34 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4F8F 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 13 Nov 2021 22:07:26 GMT
expires: Sun, 13 Nov 2022 22:07:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26948
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D21 783 B
962 B 16ms
15ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c72ec4281964b39e00ed96d5a6ddd1b7158aab48a2161b78060157016c3194a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uyycllIPH0li2xom4kGOsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 14 Nov 2021 05:36:34 GMT
date: Sun, 14 Nov 2021 05:36:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uyycllIPH0li2xom4kGOsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: clear

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F8F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 12:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 12:13:14 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D21 0
0 31ms
31ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111001&jk=1094993924116336&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111001&jk=1094993924116336&bg=!SkmlSQ3NAAZQLpa_UC47ACkAdvg8WuX2D_a5iKl-QvufcfdNjVEae5hyiOybndfwCGVarKjrSJzXnwIAAABbUgAAAAxoAQeZAqnjreuOGw8DB3SEjhz954toToO8vlPipk-OyS72XLZQtecTx9_MCjSCx-KQpV6mGUi_Bls8gHPrNOEd-sU9YW_7fa3I6F15pmOiEOg6GCf-m6Ze-c9tiRnShFntfNSwoDeVpY3Goz9qRWO1o097Y37Ou3nuVl9CWpcadjUmlU3c-fQyCUDB8grUJYsf4-T87j15mbqkUir5wxICTZa0c2OohrGdN6BgIW89HoKbRgKIabhNM_IQ9bTDAfpICmIG0RomO4cqyd59HJKcDguo9zUNJvVMLzvv-vrMUP1i01SlZ7UNKrdSiXvwX9Wdd31GRLmw35MRoF34QB738SEkzgx3Y0XeZBria0gdgHIZ-4zZHNizMICxa9WKvktmCxTa6S7AhhkDprIVo7fKQXCz-GG7KzlBTquV_o4ft4Qloadja5ySEQrTHfG5XT_2m0ETpra-Ip13iuPofOTmMag41lxk9_o9q4pU8cUyvXTakGncUmqM8_ZW0yha9N_5oQcIWkw6efW41Ymc2oIeAtxDvKgIsTuRjQFHJy3ixJwFpHOGANs-d3cXT318sy2hJ73U554k-eo0mf7CTSaY5QgFFIrpDDlfeCVjN-54nzC1Dhnw08A_F7HWuS4zESpXezTzI7FxK6hDsyi_Hhq4WJrH7qpPg9tQFz8_7j3fHvPZshDBRqzXR21HD5F3izc55xel3yufLWw5nWARjkQdVWU7aKTbRWO56kzh-Sfmxonbs64FoujZYwYebKA3Ktp8in4PzqKsau4gB5G45h0CSWBaW-v1i59Kt4yRoTKk2Dni44_m0yR454ipJQXMG8WXfeEnrX2LhstlHk3HpmcpYAhOMrCi45h-BohKNTKrkr6uJRxEVLX2WWaa_JQfuTDZ9mrD_8hABcch4RS6qBI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 164ba99e7c2abe441da35eb21fd3613749abea0b.dat Show response
dl.iono.fm/dat/372/3189/1125837/ Frame 6F60 284 B
760 B 66ms
26ms Fetch
application/octet-stream 144.76.255.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.iono.fm/dat/372/3189/1125837/164ba99e7c2abe441da35eb21fd3613749abea0b.dat
Requested by: Host: p2.iono.fm
URL: https://p2.iono.fm/bundle/0.8.22/layouts/legacy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.255.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.154.255.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 4f9c67d962cbc50567704c1be9e5b8d1304ed04ce201dd5003d4bd9388bc1c6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:36:34 GMT
server: nginx
x-content-tag: podcast-file
vary: Origin
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://iframe.iono.fm
expires: Mon, 15 Nov 2021 05:36:34 GMT
cache-control: max-age=86400, no-transform, private
access-control-allow-credentials: true
accept-ranges: bytes, bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 284
x-proxy-cache: HIT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DA2F 42 B
114 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHUb-IBLjtNJoH7AJbLVyNnjHPlSUE6lwYOx-Q3XWcakqS8-8vT-l-X22ECA5zQq7J6_u_5A-MG-RWvjOFgPMxUp8iYRt_tf9NQkpIEic4-9rH6mbJKw&sai=AMfl-YSXFvooMtsY7DIQJrq4A-yC9Lj0en9_BhA07iUygzjxhExply28ys22O6xDJAECZ9-tYkwmmhQnG-gffcDXy4u1j0naRTYZ-Dvi1ifq2FHzVgAS_O6CSbNl3FByprs&sig=Cg0ArKJSzJPzxppK4YzXEAE&cid=CAASPeRoEn7bGmlWXE91QdmnNwDhxcQ1qK8Uzzz22E237DTGMIwR8IiI6ygs09N3UHFLqHHCFdLlOo0QQOM9vN0&id=ampim&o=300,192&d=1000,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=234&tls=1234&g=100&h=100&tt=1234&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3652417828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0C81 42 B
109 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3q6BPv6zs5ZN-v3ECsvhZtnSgUY1QKDlfZF-8dpcprkxCjK05M55MrCBgF8T-M8UzByItjNsHtMYrhOurEVIfY46nYc0pef9TWZ_rW_1TR3kDI1D0DQ&sai=AMfl-YTIF2V44oqnDvlYJqoPIO1dX6xX22VgKqv-aAflRE-vhTIZZJr9HAiNidYasnAmJIEyhPBhAwNDpWSFhkkvV0_SW8TESYChuUa0-tJRYFdg1rnHmgIlaCNhGHrXg4M&sig=Cg0ArKJSzNZkx6PHhX5lEAE&cid=CAASPeRoIS11Quh0ym9m7TW4pyyADP5BXXNkNla4o5yNsc4D23Tn79P68vyLkPiBOIu6Y15mSS8MpUUnfS8PKgg&id=ampim&o=983,684&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=268&tls=1268&g=100&h=100&tt=1268&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1348728147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 05:36:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 22BF 28 B
274 B 21ms
20ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/YHk_QvhhA6Q?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.heraldlive.co.za&widgetid=1
X-YouTube-Client-Version: 1.20211110.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1MzNBaVFsOUp0ZyjhwMKMBg%3D%3D
X-YouTube-Ad-Signals: dt=1636868194022&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C637%2C300&vis=1&wgl=true&ca_type=image&bid=ANyPxKoLYA11ZundFxERW2e9ebezdOwrVtS9hHRXPHq1r1yrGiHq1q7xvbEJjqVLWMZ0iqGV8-yQ95Dfahuqlg6Dsc9WrbYLpQ

Response headers

date: Sun, 14 Nov 2021 05:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 31
x-xss-protection: 0
expires: Sun, 14 Nov 2021 05:36:36 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
collector.effectivemeasure.net/beacon	1970-01-20 07:19:32	Name: c3 Value: 1
collector.effectivemeasure.net/beacon	1970-01-20 07:19:32	Name: gc Value: GB
collector.effectivemeasure.net/beacon	1970-01-20 07:19:32	Name: mb Value: 0
collector.effectivemeasure.net/beacon	1970-01-20 07:19:32	Name: dmp Value: 1636868193741
heraldlive.co.za/	1969-12-31 23:59:59	Name: session Value: eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly9oZXJhbGRsaXZlLmNvLnphLyJ9\|1636868192\|5e4830c4d10fbbe3c9867fded2734bc76beffdb0
www.heraldlive.co.za/	1969-12-31 23:59:59	Name: session Value: "eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkbGl2ZS5jby56YS8ifQ\075\075\|1636868192\|7a71092836808de788068a7883c2463ea5df0c74"
.weatherwidget.io/	1970-01-19 22:41:09	Name: __cf_bm Value: xYd1doe4u9hOnV95a3c47TTExXyvxrG9q._zSr3P4iE-1636868193-0-AWzepLvy4hdKLM/0nA4i/cUXJXnRqj9WM8wWkhBHr05qXwhPDvdDzaNWYLtucTfC29Wrc+Q/wmoLFAM3CZ8ohEI=
.heraldlive.co.za/	1970-01-20 16:12:20	Name: _ga_JNNJWFKJ2E Value: GS1.1.1636868193.1.0.1636868193.0
.heraldlive.co.za/	1970-01-20 00:50:44	Name: _fbp Value: fb.2.1636868193443.1937080013
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4VNaCQtGfxk
.youtube.com/	1970-01-20 03:00:20	Name: VISITOR_INFO1_LIVE Value: u33AiQl9Jtg
collector.effectivemeasure.net/	1970-01-20 07:19:32	Name: vt Value: ff9987bb-73cd-4b12-8dc7-1d6c392de024-17d1cf27cbc-15521ab3
.heraldlive.co.za/	1970-01-20 16:12:20	Name: _ga Value: GA1.3.921131964.1636868193
.heraldlive.co.za/	1970-01-19 22:42:34	Name: _gid Value: GA1.3.452651669.1636868193
.heraldlive.co.za/	1970-01-19 22:41:08	Name: _gat_UA-2619645-1 Value: 1
.heraldlive.co.za/	1970-01-20 07:19:32	Name: _em_vt Value: ff9987bb-73cd-4b12-8dc7-1d6c392de024-17d1cf27cbc-15521ab3
.heraldlive.co.za/	1970-01-19 22:41:09	Name: _em_c3 Value: 1
.heraldlive.co.za/	1970-01-19 22:41:09	Name: _em_vi Value: ed73de1d-034c-4397-8f49-e8e486f59acc-17d1cf27cfe-2a766c9c
.heraldlive.co.za/	1970-01-19 22:41:09	Name: _em_lt Value: 1636868193534
.heraldlive.co.za/	1970-01-19 22:41:09	Name: _em_ft Value: 1636868193534
.heraldlive.co.za/	1970-01-19 22:41:09	Name: _em_pc Value: 1
www.heraldlive.co.za/	1970-01-20 15:21:08	Name: vicinity_id Value: 76b604a1-226b-4e3b-830c-07d1bbd5d11f__1696868133541
www.heraldlive.co.za/	1970-01-19 22:41:08	Name: vic_loc_error Value: desktop__1636868793553
.heraldlive.co.za/	1970-01-20 08:02:44	Name: __gads Value: ID=052e802fdd86c8f3-2223585fb0cb0015:T=1636868193:S=ALNI_Ma3ikB3LeM6vqqNRGG4wHuYhC_FwQ
.heraldlive.co.za/	1970-01-20 07:19:32	Name: _em_gc Value: GB
.heraldlive.co.za/	1970-01-20 07:19:32	Name: _em_mb Value: 0
.doubleclick.net/	1970-01-20 08:02:44	Name: IDE Value: AHWqTUkXPxCl0xp3mUexX6zbyZH_KJ3YI47nDTD7oFeHW2J8iLVvDIzJ7xWnPjOIBgQ
.heraldlive.co.za/	1970-01-20 07:19:32	Name: _em_dmp Value: 1636868193741
.heraldlive.co.za/	1970-01-19 22:41:09	Name: _em_scf Value: []
.doubleclick.net/	1970-01-19 22:41:11	Name: DSID Value: NO_DATA
www.heraldlive.co.za/	1970-01-20 08:09:56	Name: _cb_ls Value: 1
www.heraldlive.co.za/	1970-01-20 08:09:56	Name: _cb Value: 8uIzmD17zXuC0ZQkz
www.heraldlive.co.za/	1970-01-20 08:09:56	Name: _chartbeat2 Value: .1636868194522.1636868194522.1.BBm-kZBdDIZPBUIV1ZDGZ6VwC0Vt9E.1
www.heraldlive.co.za/	1970-01-19 22:41:09	Name: _cb_svref Value: null
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: bc4f1eee3a9fd9a7

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/032111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/032111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/032111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad2.vic-m.co
adservice.google.com
adservice.google.de
bam.nr-data.net
cdn.ampproject.org
cdnjs.cloudflare.com
ce61ca6564f3f7fb9d88d45c5f418250.safeframe.googlesyndication.com
collector.effectivemeasure.net
connect.facebook.net
detect-survey.effectivemeasure.net
dl.iono.fm
embed.iono.fm
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
forecast7.com
googleads.g.doubleclick.net
heraldlive.co.za
i.ytimg.com
iframe.iono.fm
js-agent.newrelic.com
lh3.googleusercontent.com
middycdn-a.akamaihd.net
p2.iono.fm
pagead2.googlesyndication.com
ping.chartbeat.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.chartbeat.com
static.doubleclick.net
static.vic-m.co
stats.g.doubleclick.net
survey.effectivemeasure.net
t.effectivemeasure.net
tpc.googlesyndication.com
weatherwidget.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldlive.co.za
www.youtube.com
yield-manager.browsiprod.com
yt3.ggpht.com
142.250.186.98
144.76.255.154
151.101.66.137
157.245.20.41
162.247.242.21
2.16.107.83
2001:4860:4802:38::15
23.20.18.198
2600:9000:2104:7c00:17:2922:12c0:93a1
2600:9000:2104:9800:1f:612c:5a80:93a1
2600:9000:2104:fe00:18:1fcd:34f:cdc1
2606:4700:3034::ac43:c16a
2606:4700:3036::ac43:8191
2606:4700::6810:135e
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2016
2a00:1450:4001:811::2006
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2013
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:400c:c06::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.251.13.38
52.202.90.208
52.214.10.122
54.218.38.30
54.72.188.165
65.9.83.54
017aa4f558f70fdc652bef9b0aba526204045ff2b4522fd983af3b4aa21fe7a9
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
01dceb28610bad12edf9247feca9a600f309c957bfa32594466879ab59552106
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
099a16effc4cff4a227211ea44e63f3121a9309c9474cb8e68f8dfff099b8560
0b574c1700ee835003e8b69479c6245863f3d804f67d84904ff6b515c10937e5
0bad5993e0f677c4ed024a7310e027ad840643181bdd94db1d65e7dfc560fba9
0c0bbaf10bcabef9cfb8ba16cff2d4293fe311e22a656786c2b05e1481f78c95
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
0f6df960060fc9664e26740cdaa333747841b696028e037c5de9bbb2c3ef1fb0
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
103e203ed739444fd4bce908ad393952b6fcababf6e3be17f85f575053c06ec7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1155972eac3a99573fc89b9079a3da4d0d610d1ef5ebada7e671a3d1c90cabbe
161d031be64ed20b4fc2f1984d73fdf09eda48812d646c56ae8399a3882d162a
16eb5b2492c188314192dd83748e48b04b70b78e1cc0de8ba09059a7a17f0e76
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c8b61485fcaad0a1729b7034c89ad9ce302b91beb0ae6a9762a5b38d3c853c
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b3116fedfbe1ed93b93d1ddc2b602d379391e497e10e7b3f3ae37950eac53a3
1cfaed5e07cd45ae76d89b51be41f721b9e5ecad8fe06e6365a877ab969cb683
1e19f1411c521f445e6c4a363ec8a594254c281a707a892969b7ab9577798c12
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
21794e8763e15a90285cfcc1227af99df078f424c8ebe69f79fc4b3983a91cd9
21c23539cffc382b2d3c13a5c3d850a9e14bf1f439f780ed87ba03197b6cedb7
2516507e89d2e2629141ab15c1d921bcabd5bdb3092f8a4ef3dbc7041fd299b5
255720ba60ab5171911d3f7cee92b001fa447e8d176dce7dccc005415902fb90
255d92513722640cf6a6784e977d12e9b4de7d551631c103b7024de5798cc173
25bb8b7c54f751f233f2aeaef5cf7661f0322dc1432e1ad06420663fab58e2d1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b1763d24e3acf050e8250cd24653fcd1e3901ff058d05fb06aa7da3cf362d53
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2e2c51e1528f4f0f0a900c9c041a720a25f4a27ea6f60eb7e1ecaf16a5813cee
2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa
2fd297f348724a9a9213eb573af150b7b9041787c6e64e76b3f201ae46a4d5be
325d617db2fca03e37c30904b620539367d9223b36a0e61e59cf70b1c94826d7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32cc2d91442fbc38e30b1e62609b3f9f20f79ef1d7103cb1f52b80d0b15f80a8
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
341816d58fd99739553872fea9f7f5551e9c93530689349ecc6e7f472570044c
34377e831d4ebaf3c466110d883414f388cac226e36cea8ee33fa8aa5b06becc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
361a6c619a58707e58539ac3de1f7b7fd647783bfa470f413609d0c5ad72ff67
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37e106d25cdf7267e5ece3fcff97c51482281dc4626dde5b6463163784a25056
38c1264fb63db6ba309c46da366d8b0ac5855573f8d81d43b42c6472a8d9b883
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4545e6c6c9fb76d1317c5e9d18399944748851dec9691c51257abc30de930da5
463f791a00c3fa3600cee46cf5dae8036a0618c7511ffa526a1ac09b0103ba77
4a66566f8f37bd3778ccc7a410e83f6bf675f9a1c599f26221f4fbdcb17312ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df6a6f6ecd85445b8b3e55cfa2ec5528efca82397bd684e4d0e6415d0685ec7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f9c67d962cbc50567704c1be9e5b8d1304ed04ce201dd5003d4bd9388bc1c6a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
5363d8ed31b2259ef0dd6437cbd78d30baad8e9746a7ae21385fa1bb8171389b
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
54f936151fc249eeecc5e42d4700112082baa163bb442356233478553b8fdad5
59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c590b7f35f60c3d58265b235066ecc42d07f6a6c2edad989e788faa0d444fa6
627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327
6586e2e1922d24bc7658537cdc7acd461bd8eaf4ba51892f7e6d8c116018d634
65a22a800722d4fdfe2318c1bd1c20b8e0cb976e1ee7bd1b496d20ea0311e169
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
666b81a3d37a051f35c544d975cfcf22a988d3990166d9d91a68ac6f9d6b5edb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ca7b3c15b4597f01651ec96f8b23dd4f286ace181c1dcabc54c455f5259b573
6da572f5c86657f0d3103f4fc05dc2c956db9bb7d9907837709ad32862e6b97b
6fb0abafabc1b256870c227ba0cc0260e077937a2be7c85a669b00f1373002d2
703698fdddee88c290aad95747206c6aba8ad651f68172d2d52feedca0456d09
70d33dbaa02340c6fa990a469c9aa95b72c294ad9cf66f174ed519e391b936cf
7424abf978b498c6b5c8f35a3fc9b289947504ad5a2c93ce2706a2d21a23b5f4
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
78622316d56b092dc30ac4348312fa66a753760878e8f8fd0d7bf46850c333e2
78ec227f53d248811eb951e38805d5ca23ad43630451383bdc06a3b9af7cecfb
796cb93bbe68ef65236b9efa5006b285a79db067308e0b6a0fabf57404aef00d
7ba0502d19ec84db4aa179e4b1333159bdd7b1b6ca763baf28075dc8eae22e5f
7f87175b01571ee5876ce400cf3e7926e61ec9dc61b90ab22c309e79e7e30c8d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ecd6633a03f3fc1667194b774078124a28243e7d9d48ccfb328bb20f27254a
87731029a84f4975732076cc70761494fc1f7632666fb0e5d6940fa7725cbfd8
8782da69f5b02981b6e2e33e3df78717d784a510be57c80ad97fcd31d5cbf32d
87a26462c1e26a360f4efbab3a78a6df20f62e6981a2c9ee63126d5092f39ebf
8a38ec6ff99d8594f11192c6a69d21f3c89c426a3516f381f143acfac5f0263f
8a3d62119fccf9580dc3be5dce1bd09e47fa00acacea4ec8d58f9d7b3b1dcfd1
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bba8ec140e854e97376105ad3edeea04253a68051eed5e335c2953e01a5af67
8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442
8ea3904b3f2bb34c1c6ec3bc89dfc63fbd2a242d039effcaa62ae0a1f6f8c904
92c529cf0f0d3fc3e40155d90c2b18fc9c4a92cdddb75dd9e38587b45ea34fa9
955acce2effede2eb693397d46b8b2dbece6100859442b5a0f275bb24f83df8d
98f0e161374744d8704de5e65cd0bef03194940be26d2153cddf180d5fd8277c
996ffd400ff1616afcdde56f9aa87871657ad2c1e99ccd7ebef032de952bebf7
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9eb6e0f726037516375305750facfedf783cba1d6a1f7310d7abe10301f39f9b
a173d8150457ee37e064ca7ee2f33fc8e4f38ade47a9197f82f42dd1a0c68095
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a158a9cbe6178caba51f4567c57684933795e769f02d00073ed7f9a3ea2804
a30372a92d9e5008a063fd5b8f29a7977664dad20e7343b1e1623bc3fba38a29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fc478877ae31d55a00ccd0a0aba78740623e34400b5417ef38b5ee2456e439
a5aa3ebfb8e3a3e4fb5c31f8abf598f3e85d3a7e12fd2a703442c24133d23fcf
a5e19523d9226addb6cfc0f7baa8134d2bc33ade45c7e44594167f11673a3800
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a62aba3546baccac5aba72413337f0216c67f8354349e8306dd208d4fcf4cb4f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8356305a310f0403b316bd38f61f55588c05ee88837fb2b69daa257bc1aed38
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac6c400640734183d824e98f6fc88ca64d856ca90ff07fe9d111c073eccffc3c
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b550bc1fe6527e0f74ec28d2ca79e8324b7a2f6ad5077e8888671b58216cd324
b58f0cc6fed02006b732008de1d30f9163c2e326830278cd8a3efed17d25c791
b7c8e61941a4f767940d284844e8421c7f95eea3bb466c2fde74a35dec2aef09
b8d94b2f8e9978b3ce65fa1a0d7ec81815c8abc53da8fb69f87263ac70485ddb
ba1debdec08d6cb6410047e0a80d0bda61fb702bea2eae6f64cd3bd14244035a
bb0b1844d02e42da1979c7c8520b2926dc129feab244c40be10577d09f4d4608
bb90c73f400929bd8e73332faa241a4fd1931376d18d43a02b35a81bd71e1637
bba7d7fb8ae083d8ec4476db9580a2b27b5a5d3bec6b04fd87f729686e4872ab
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
bf68424ddac709c40c15412cb5cdae3c95f7ddf7ed720b4874e1ffc5e81dfeee
bfbea78c426825e6e56e322e4d1553d42613b699ab038fc717368f5808163109
c03d8f13b5678147c3c73a241a282fac7b6e908937f9ed078a605976c42e3048
c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23
c13105fab8145dd26abb07c1087f47a9b91d246c8a8ad1f0f601879c1d22d72b
c1fa71984bc1e12c09fb7e3f56361f99085f99f809ab0332984c4cd9fc4b85ef
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5a3e171f31670a576e35e089d3a13d08633c6baf5e56884cdcd81cedf8b9aad
c5a95ad7d4243c08dc5e709add0ce5ea9f2dab3fdb6b814caa6250cb61f3a81a
c6e415f681cca39fb4c2571a1cde2abf416366fd3a372876d359c72c62bb154b
c72ec4281964b39e00ed96d5a6ddd1b7158aab48a2161b78060157016c3194a0
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
cb933b5a02678eac282064f543d9452e8e4e3e8b6a5ecc3ddf5c8306f093279f
cbbcb7ceadb7eb8b5f3e02d73b423f9b03f40768771c20d03d9b7b950870b4e6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cec158380700b06d8473ae099ce4f465ec71815bfcb12510cadbf46a47d18930
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cecb5bc2f37ae449588c0ae7fc3b70106b3edde05ebd1f93486e41b6867f2436
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc9cec7ed826ee612e44489e5481f159bd0f987f0e70a919cc4a744c5ae6fbc
d0e0f871b01bb539a4716e6dc53c8f1e59fb1985d9422169c082e432153db3e5
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d82abfcddc40cea6c4f0bf29d66674383b57d8c5c2fcc21c3252fe5922ce3352
da42a553221af53faa2e2140af0e03ff721c98bc32a6bf88b9c636d304954857
dc12f908384ac79da75a855fb4de99548c2ca5f439ba9bb173b3acaebde26e5f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e2d1c78f538750ec92cfc4cd174ef81f513b1c4fc3ba17ee7c598e3ce6f6c909
e37bad01d25cbecb3e6f6d477725ce6ea43637a94510cd27baf1068e319826ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
e5acfea16c5a768b49594dbc1714a8144980558c381bae811706662661cf26a9
eb14782ba3b2f52d966e65f665663b46343c38233bfdbeffc586404fdfb8c757
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36d6d38ed839fe5f001f8cc2e4616daf1f726865c6043ae49ea565f87d63cfb
f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90
f4eac165d3122e552c2639bd063b477234e3ef53fa0f4c8a105edf8d97eb1624
f52420e26989541a55b668cc1bff5a245d2207e4cf92e10211fb00424f1a42ac
f70e476e2d760061c6623ee1cf5abd5bf62ba49f391d3df4e18f0295c8d453a2
f8770864a15992f56021d1d8f9e77cd0e05866f4f64a0f3e8c0ce2977811f988
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
ffb3bbe91d293ec0b30bf7834648ccaded81fd6a27fa6dbb3f06941b28a6d12a

www.heraldlive.co.za Open in urlscan Pro 2a00:1450:4001:829::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

190 Requests

98 %HTTPS

70 %IPv6

30 Domains

47 Subdomains

44 IPs

4 Countries

4324 kBTransfer

10445 kBSize

35 Cookies

6 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 38 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldlive.co.za Open in urlscan Pro
2a00:1450:4001:829::2013 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

98 %
HTTPS

70 %
IPv6

30
Domains

47
Subdomains

44
IPs

4
Countries

4324 kB
Transfer

10445 kB
Size

35
Cookies

190 HTTP transactions
38 data transactions