www.theherald.co.za
2a00:1450:4001:80f::2013 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://www.theherald.co.za/ 6yr old
Submission: On May 20 via api (May 20th 2025, 1:21:22 pm UTC) from US — Scanned from DE

Summary HTTP 393 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 108 IPs in 13 countries across 53 domains to perform 393 HTTP transactions. The main IP is 2a00:1450:4001:80f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.theherald.co.za. 6yr old
TLS certificate: Issued by WR3 on March 25th 2025. Valid for: 3mo.

This is the only time www.theherald.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
17	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:d4ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:205... 2600:9000:2057:e400:17:2922:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:ca3... 2a02:6ea0:ca3a::4	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	172.67.212.172 172.67.212.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
9	172.67.181.105 172.67.181.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	209.38.182.90 209.38.182.90	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	164.90.242.8 164.90.242.8	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.8.2.179 34.8.2.179	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
76	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
3	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	216.58.206.78 216.58.206.78	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	188.40.16.162 188.40.16.162	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	172.67.129.169 172.67.129.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
11	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	142.251.173.155 142.251.173.155	15169 (GOOGLE) (GOOGLE)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	216.58.206.65 216.58.206.65	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 1	172.217.132.166 172.217.132.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:15::7	15169 (GOOGLE) (GOOGLE)
1	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1 2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	212.36.83.216 212.36.83.216	15699 (AS_ADAM A...) (AS_ADAM Adam EcoTech)
2	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
4	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.129.4.74 108.129.4.74	16509 (AMAZON-02) (AMAZON-02)
1	74.125.162.71 74.125.162.71	15169 (GOOGLE) (GOOGLE)
8 16	2607:ae80:4::50 2607:ae80:4::50	26558 (FREEWHEEL) (FREEWHEEL)
3	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam EcoTech)
17	2.19.105.41 2.19.105.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.77.207.102 54.77.207.102	16509 (AMAZON-02) (AMAZON-02)
1	35.156.131.204 35.156.131.204	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:6800:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	3.223.154.108 3.223.154.108	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:41d0:701... 2001:41d0:701:1000::4c1f	16276 (OVH OVH SAS) (OVH OVH SAS)
1	13.245.71.255 13.245.71.255	16509 (AMAZON-02) (AMAZON-02)
1	13.58.45.4 13.58.45.4	16509 (AMAZON-02) (AMAZON-02)
1	34.251.13.38 34.251.13.38	16509 (AMAZON-02) (AMAZON-02)
2	51.195.127.100 51.195.127.100	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.140.162 135.125.140.162	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.127.115 51.195.127.115	16276 (OVH OVH SAS) (OVH OVH SAS)
3	51.195.73.113 51.195.73.113	16276 (OVH OVH SAS) (OVH OVH SAS)
4	135.125.146.80 135.125.146.80	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.115.36 51.195.115.36	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.126.30 51.195.126.30	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.220 51.195.34.220	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.73.74 51.195.73.74	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.222 51.195.34.222	16276 (OVH OVH SAS) (OVH OVH SAS)
4	2600:9000:223... 2600:9000:223d:8800:19:c363:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1	108.177.96.120 108.177.96.120	15169 (GOOGLE) (GOOGLE)
2 4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	98.82.157.137 98.82.157.137	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.69.181.162 3.69.181.162	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	103.231.98.107 103.231.98.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	103.231.98.110 103.231.98.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	185.64.189.221 185.64.189.221	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:9000:206... 2600:9000:206f:a200:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	217.182.178.228 217.182.178.228	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.89.9.253 51.89.9.253	16276 (OVH OVH SAS) (OVH OVH SAS)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.157.6.232 37.157.6.232	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	35.186.253.211 35.186.253.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.214.177.147 35.214.177.147	19527 (GOOGLE-2) (GOOGLE-2)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.76.77.164 54.76.77.164	16509 (AMAZON-02) (AMAZON-02)
1	52.49.91.193 52.49.91.193	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:2638:3::3a 2a02:2638:3::3a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	44.219.162.104 44.219.162.104	() ()
393	108

34 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.theherald.co.za 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

17 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3034::ac43:d4ac (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2600:9000:2057:e400:17:2922:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.vic-m.co 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:6ea0:ca3a::4 (London, United Kingdom)

ASN60068 (CDN77 Datacamp Limited, GB)

ads.vidoomy.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.67.212.172 (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 172.67.181.105 (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 209.38.182.90 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

embed.iono.fm 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
iframe.iono.fm 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 164.90.242.8 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

p2.iono.fm 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.8.2.179 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 179.2.8.34.bc.googleusercontent.com

spadsync.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

76 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f14.1e100.net

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com.ua 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.40.16.162 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.162.16.40.188.clients.your-server.de

dl.iono.fm 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.67.129.169 (United States)

ASN13335 (CLOUDFLARENET, US)

forecast7.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net

b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

vpaid.vidoomy.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

11 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.173.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wi-in-f155.1e100.net

bid.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 216.58.206.65 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f1.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.132.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s49-in-f6.1e100.net

r1---sn-5hne6nzy.c.2mdn.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:15::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5lzner.c.2mdn.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 216.58.206.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

googleads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net

www.youtube.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 212.36.83.216 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam EcoTech, S.A, ES)
PTR: w4.vdmy.dtic.es

ad.vidoomy.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

jnn-pa.googleapis.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
lb.eu-1-id5-sync.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 108.129.4.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-4-74.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 74.125.162.71 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s18-in-f7.1e100.net

r2---sn-4g5lzner.c.2mdn.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

16 2607:ae80:4::50 (United States) 8 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 212.36.83.245 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam EcoTech, S.A, ES)
PTR: lb1.vdmy.dtic.es

a.vidoomy.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

17 2.19.105.41 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-41.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ads.pubmatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.77.207.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-207-102.eu-west-1.compute.amazonaws.com

vid.springserve.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.156.131.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-131-204.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:2646:6800:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

play.google.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.223.154.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-154-108.compute-1.amazonaws.com

ping.chartbeat.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2001:41d0:701:1000::4c1f (France)

ASN16276 (OVH OVH SAS, FR)

lbs.eu-1-id5-sync.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.245.71.255 (Cape Town, South Africa)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-245-71-255.af-south-1.compute.amazonaws.com

ad.vic-m.co 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.58.45.4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-45-4.us-east-2.compute.amazonaws.com

leo.vic-m.co 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.251.13.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com

ad2.vic-m.co 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 51.195.127.100 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-51-195-127.eu

d0.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
d4.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 135.125.140.162 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip162.ip-135-125-140.eu

d1.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.195.127.115 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip115.ip-51-195-127.eu

d2.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu

d3.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
d2.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
d5.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu

d4.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
d7.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
d3.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
d7.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.195.115.36 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip36.ip-51-195-115.eu

d5.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu

d6.eu-3-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.195.34.220 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip220.ip-51-195-34.eu

d0.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.195.73.74 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip74.ip-51-195-73.eu

d1.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.195.34.222 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip222.ip-51-195-34.eu

d6.eu-4-id5-sync.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2600:9000:223d:8800:19:c363:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.stickyadstv.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 108.177.96.120 (United States)

ASN15169 (GOOGLE, US)
PTR: eh-in-f120.1e100.net

csi.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 142.250.74.194 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 98.82.157.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-137.compute-1.amazonaws.com

s.amazon-adsystem.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.69.181.162 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-162.eu-central-1.compute.amazonaws.com

1f2e7.v.fwmrm.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 103.231.98.107 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 103.231.98.110 (Japan)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:206f:a200:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 217.182.178.228 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip228.ip-217-182-178.eu

ssbsync.smartadserver.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.6.232 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

cm.adform.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.214.177.147 (Groningen, Netherlands) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 147.177.214.35.bc.googleusercontent.com

csync.loopme.me 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.76.77.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-77-164.eu-west-1.compute.amazonaws.com

ad.360yield.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.49.91.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-91-193.eu-west-1.compute.amazonaws.com

ap.lijit.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:2638:3::3a (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

ssp-sync.criteo.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.criteo.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

vidoomy-d.openx.net 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 44.219.162.104 (None, )

ASN- ()

vid-io-iad.springserve.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
89	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 169 10yr old 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com 1yr old tpc.googlesyndication.com — Cisco Umbrella Rank: 236 13yr old b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com 1yr old 58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com 1yr old 175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com 1yr old f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com 1yr old	668 KB
35	pubmatic.com vpaid.pubmatic.com — Cisco Umbrella Rank: 18282 10yr old ads.pubmatic.com — Cisco Umbrella Rank: 807 10yr old image6.pubmatic.com — Cisco Umbrella Rank: 1109 10yr old vid.pubmatic.com — Cisco Umbrella Rank: 18303 10yr old st.pubmatic.com — Cisco Umbrella Rank: 1783 4yr old image8.pubmatic.com — Cisco Umbrella Rank: 1020 8yr old hbopenbid.pubmatic.com — Cisco Umbrella Rank: 847 8yr old	187 KB
34	theherald.co.za www.theherald.co.za 6yr old	977 KB
26	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 307 10yr old stats.g.doubleclick.net — Cisco Umbrella Rank: 299 10yr old bid.g.doubleclick.net — Cisco Umbrella Rank: 2090 10yr old googleads.g.doubleclick.net — Cisco Umbrella Rank: 78 9yr old static.doubleclick.net — Cisco Umbrella Rank: 377 9yr old cm.g.doubleclick.net — Cisco Umbrella Rank: 394 10yr old	263 KB
20	stickyadstv.com 8 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 1000 12yr old cdn.stickyadstv.com — Cisco Umbrella Rank: 18107 13yr old	164 KB
20	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 508 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 509 2yr old	77 KB
16	gstatic.com fonts.gstatic.com 10yr old www.gstatic.com 10yr old csi.gstatic.com 10yr old	197 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 88 10yr old	907 KB
10	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 113 10yr old	562 KB
10	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 42903 9yr old vpaid.vidoomy.com — Cisco Umbrella Rank: 9976 5yr old ad.vidoomy.com — Cisco Umbrella Rank: 41917 3yr old a.vidoomy.com — Cisco Umbrella Rank: 8142 5yr old	348 KB
9	iono.fm 1 redirects embed.iono.fm 8yr old iframe.iono.fm 7yr old p2.iono.fm 7yr old dl.iono.fm 7yr old	228 KB
9	weatherwidget.io weatherwidget.io — Cisco Umbrella Rank: 51469 9yr old	76 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 123 10yr old imasdk.googleapis.com — Cisco Umbrella Rank: 629 10yr old jnn-pa.googleapis.com — Cisco Umbrella Rank: 415 5yr old	188 KB
8	eu-4-id5-sync.com d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 46501 2yr old d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 46425 2yr old d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 46907 2yr old d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 46555 2yr old d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 47039 2yr old d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 46727 2yr old d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 46840 2yr old d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 46680 2yr old	1 KB
8	eu-3-id5-sync.com d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 46596 2yr old d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 47104 2yr old d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 47507 2yr old d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 47320 2yr old d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 46798 2yr old d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 48160 2yr old d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 47454 2yr old d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 46976 2yr old	1 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 267 9yr old www.google.com — Cisco Umbrella Rank: 9 13yr old play.google.com — Cisco Umbrella Rank: 63 10yr old	24 KB
5	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 526 10yr old gcdn.2mdn.net — Cisco Umbrella Rank: 1765 9yr old r1---sn-5hne6nzy.c.2mdn.net 4yr old r2---sn-4g5lzner.c.2mdn.net 5yr old	252 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 127 13yr old	43 KB
5	vic-m.co static.vic-m.co — Cisco Umbrella Rank: 745714 7yr old ad.vic-m.co 5yr old leo.vic-m.co 9yr old ad2.vic-m.co — Cisco Umbrella Rank: 662783 11yr old banner.vic-m.co Failed 6yr old	23 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 654 9yr old cdn.id5-sync.com — Cisco Umbrella Rank: 1026 7yr old	28 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 619 10yr old ssp-sync.criteo.com — Cisco Umbrella Rank: 1377 4yr old dis.criteo.com — Cisco Umbrella Rank: 1086 13yr old	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 266 13yr old	158 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 119 13yr old	499 KB
3	springserve.com vid.springserve.com — Cisco Umbrella Rank: 19959 10yr old vpaid.springserve.com — Cisco Umbrella Rank: 87929 9yr old vid-io-iad.springserve.com Failed 7yr old vid-io-cle.springserve.com Failed 6yr old vid-io-sin.springserve.com Failed 6yr old	533 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 139 11yr old	211 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 910 9yr old vidoomy-d.openx.net — Cisco Umbrella Rank: 61337 7yr old	642 B
2	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 433 13yr old	958 B
2	eu-1-id5-sync.com lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1555 4yr old lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1263 4yr old	536 B
2	rubiconproject.com optimized-by.rubiconproject.com — Cisco Umbrella Rank: 10327 10yr old pixel.rubiconproject.com — Cisco Umbrella Rank: 622 10yr old	880 B
2	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 9308 4yr old	2 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 571 13yr old	183 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1142 10yr old	193 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 1088 13yr old	199 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1245 9yr old	245 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 2062 10yr old	474 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 1151 8yr old	210 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1036 11yr old
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1043 7yr old	45 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 545 10yr old	149 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 7974 9yr old	599 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 2256 10yr old	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 3028 10yr old	15 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 4359 6yr old	277 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 235 9yr old	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117 10yr old	29 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 463 10yr old	657 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1666 12yr old	10 KB
1	forecast7.com forecast7.com — Cisco Umbrella Rank: 58191 9yr old	2 KB
1	google.com.ua www.google.com.ua — Cisco Umbrella Rank: 18140 9yr old	408 B
1	spadsync.com spadsync.com — Cisco Umbrella Rank: 34353 7yr old
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 347 13yr old	6 KB
0	sharethrough.com Failed match.sharethrough.com Failed 10yr old
0	adnxs.com Failed ib.adnxs.com Failed 10yr old
393	53

	Domain	Requested by
76	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.theherald.co.za pagead2.googlesyndication.com 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com tpc.googlesyndication.com ep2.adtrafficquality.google
34	www.theherald.co.za	www.theherald.co.za
17	securepubads.g.doubleclick.net	www.theherald.co.za securepubads.g.doubleclick.net vpaid.vidoomy.com
16	ads.stickyadstv.com	8 redirects vpaid.vidoomy.com cdn.stickyadstv.com
15	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
10	www.youtube.com	www.theherald.co.za www.youtube.com
10	lh3.googleusercontent.com	www.theherald.co.za
9	vpaid.pubmatic.com	vpaid.vidoomy.com vpaid.springserve.com www.theherald.co.za
9	weatherwidget.io	www.theherald.co.za weatherwidget.io
8	st.pubmatic.com	www.theherald.co.za
8	ads.pubmatic.com	vpaid.pubmatic.com
6	csi.gstatic.com	imasdk.googleapis.com
6	tpc.googlesyndication.com	www.theherald.co.za tpc.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	ep1.adtrafficquality.google	securepubads.g.doubleclick.net vpaid.vidoomy.com
5	www.google-analytics.com	static.vic-m.co www.google-analytics.com iframe.iono.fm www.googletagmanager.com vpaid.vidoomy.com
4	vid.pubmatic.com	vpaid.pubmatic.com
4	image6.pubmatic.com	ads.pubmatic.com
4	cm.g.doubleclick.net	2 redirects
4	cdn.stickyadstv.com	vpaid.vidoomy.com cdn.stickyadstv.com
4	play.google.com	www.youtube.com
4	ad.vidoomy.com	vpaid.vidoomy.com
4	jnn-pa.googleapis.com	www.youtube.com
4	www.gstatic.com	securepubads.g.doubleclick.net www.youtube.com www.gstatic.com
4	iframe.iono.fm	www.theherald.co.za iframe.iono.fm p2.iono.fm
4	connect.facebook.net	www.theherald.co.za connect.facebook.net
4	www.googletagmanager.com	www.theherald.co.za iframe.iono.fm www.googletagmanager.com
3	a.vidoomy.com	vpaid.vidoomy.com
3	id5-sync.com	vpaid.vidoomy.com
3	imasdk.googleapis.com	75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
3	www.facebook.com	connect.facebook.net www.theherald.co.za
3	75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	p2.iono.fm	iframe.iono.fm
2	s.amazon-adsystem.com
2	gum.criteo.com	vpaid.vidoomy.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	r2---sn-4g5lzner.c.2mdn.net	75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
2	vpaid.vidoomy.com	ads.vidoomy.com vpaid.vidoomy.com
2	fonts.googleapis.com	www.theherald.co.za 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
2	static.vic-m.co	www.theherald.co.za
2	applets.ebxcdn.com	www.theherald.co.za applets.ebxcdn.com
1	vid-io-iad.springserve.com
1	hbopenbid.pubmatic.com	vpaid.springserve.com
1	vidoomy-d.openx.net	vpaid.springserve.com
1	x.bidswitch.net
1	dis.criteo.com
1	ssp-sync.criteo.com	1 redirects
1	ap.lijit.com	vpaid.vidoomy.com
1	ad.360yield.com	vpaid.vidoomy.com
1	pixel.rubiconproject.com	vpaid.vidoomy.com
1	csync.loopme.me	1 redirects
1	rtb.openx.net	vpaid.vidoomy.com
1	cm.adform.net	vpaid.vidoomy.com
1	pixel-sync.sitescout.com	vpaid.vidoomy.com
1	image8.pubmatic.com	vpaid.vidoomy.com
1	onetag-sys.com	vpaid.vidoomy.com
1	ssbsync.smartadserver.com	vpaid.vidoomy.com
1	vpaid.springserve.com	vpaid.vidoomy.com
1	match.adsrvr.org
1	1f2e7.v.fwmrm.net	1 redirects
1	d7.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d6.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d5.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d4.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d3.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d2.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d1.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d0.eu-4-id5-sync.com	vpaid.vidoomy.com
1	d7.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d6.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d5.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d4.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d3.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d2.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d1.eu-3-id5-sync.com	vpaid.vidoomy.com
1	d0.eu-3-id5-sync.com	vpaid.vidoomy.com
1	ad2.vic-m.co	static.vic-m.co
1	leo.vic-m.co	static.vic-m.co
1	ad.vic-m.co	static.vic-m.co
1	lb.eu-1-id5-sync.com	vpaid.vidoomy.com
1	lbs.eu-1-id5-sync.com	vpaid.vidoomy.com
1	ping.chartbeat.net
1	static.chartbeat.com	www.theherald.co.za
1	optimized-by.rubiconproject.com	vpaid.vidoomy.com
1	vid.springserve.com	vpaid.vidoomy.com
1	id.crwdcntrl.net	vpaid.vidoomy.com
1	cdn.id5-sync.com	vpaid.vidoomy.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.doubleclick.net	www.youtube.com
1	175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	r1---sn-5hne6nzy.c.2mdn.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js-agent.newrelic.com	iframe.iono.fm
1	s0.2mdn.net	75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
1	forecast7.com	weatherwidget.io
1	dl.iono.fm	p2.iono.fm
1	www.google.com.ua	www.theherald.co.za
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	spadsync.com	www.theherald.co.za
1	cdnjs.cloudflare.com	static.vic-m.co
1	embed.iono.fm	1 redirects
1	ads.vidoomy.com	www.theherald.co.za
0	vid-io-sin.springserve.com Failed
0	vid-io-cle.springserve.com Failed
0	match.sharethrough.com Failed	vpaid.vidoomy.com
0	ib.adnxs.com Failed	vpaid.vidoomy.com
0	banner.vic-m.co Failed	static.vic-m.co
393	115

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.timeslive.co.za
www.sowetanlive.co.za
www.businesslive.co.za
www.heraldlive.co.za
www.dispatchlive.co.za
www.wantedonline.co.za
www.sahomeowner.co.za
businessmediamags.co.za
arenaevents.africa
forecast7.com
www.careersarena.co.za
iono.fm
support.google.com
pagead2.googlesyndication.com
adssettings.google.com

Subject Issuer	Validity	Valid
www.theherald.co.za WR3	`2025-03-25` - `2025-06-23`	3mo	crt.sh
*.g.doubleclick.net WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
ebxcdn.com WE1	`2025-04-08` - `2025-07-07`	3mo	crt.sh
*.vic-m.co Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	1yr	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-19` - `2025-08-31`	1yr	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.google-analytics.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-02-26` - `2025-05-27`	3mo	crt.sh
*.gstatic.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
weatherwidget.io WE1	`2025-05-18` - `2025-08-16`	3mo	crt.sh
*.iono.fm Sectigo RSA Domain Validation Secure Server CA	`2024-10-02` - `2025-10-25`	1yr	crt.sh
*.googleusercontent.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
cdnjs.cloudflare.com WE1	`2025-03-24` - `2025-06-22`	3mo	crt.sh
spadsync.com Go Daddy Secure Certificate Authority - G2	`2025-02-21` - `2026-03-25`	1yr	crt.sh
*.google.com WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
*.google.com.ua WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
tpc.googlesyndication.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
forecast7.com WE1	`2025-04-19` - `2025-07-18`	3mo	crt.sh
*.doubleclick.net WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2025 Q1	`2025-01-22` - `2026-02-23`	1yr	crt.sh
adtrafficquality.google WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	1yr	crt.sh
edgestatic.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3mo	crt.sh
id5-sync.com E6	`2025-05-01` - `2025-07-30`	3mo	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	1yr	crt.sh
*.c.docs.google.com WR2	`2025-05-13` - `2025-07-22`	2mo	crt.sh
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-01-07` - `2026-02-07`	1yr	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2024-11-27` - `2025-11-30`	1yr	crt.sh
*.springserve.com Amazon RSA 2048 M02	`2024-08-27` - `2025-09-25`	1yr	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	1yr	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	1yr	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2024-12-06` - `2025-12-29`	1yr	crt.sh
eu-1-id5-sync.com R11	`2025-05-01` - `2025-07-30`	3mo	crt.sh
ad.vic-m.co R11	`2025-04-12` - `2025-07-11`	3mo	crt.sh
leo.vic-m.co ZeroSSL RSA Domain Secure Site CA	`2024-09-17` - `2025-09-17`	1yr	crt.sh
ad2.vic-m.co Sectigo RSA Domain Validation Secure Server CA	`2025-01-20` - `2026-01-20`	1yr	crt.sh
eu-3-id5-sync.com E6	`2025-03-01` - `2025-05-30`	3mo	crt.sh
eu-4-id5-sync.com E5	`2025-03-01` - `2025-05-30`	3mo	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	1yr	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-21` - `2025-12-27`	1yr	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2025-01-16` - `2026-02-01`	1yr	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-27` - `2025-06-18`	1yr	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	1yr	crt.sh
*.360yield.com Amazon RSA 2048 M03	`2025-03-29` - `2026-04-27`	1yr	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-10-21` - `2025-11-20`	1yr	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-06` - `2025-07-01`	3mo	crt.sh

This page contains 38 frames:

Primary Page: https://www.theherald.co.za/
Frame ID: 8A69D043C89AB10756D9A9818E3C9E6E
Requests: 189 HTTP requests in this frame

Frame: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Frame ID: 351FB612E4C562BE4981D55C381882A8
Requests: 12 HTTP requests in this frame

Frame: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Frame ID: DFB1660233A3171CB35847DB6ECA6189
Requests: 1 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: D7C1BB20AF020702F4557C5DAB152646
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/abg_lite_fy2021.js
Frame ID: 45408DA8DD8963807ADCB7668B4A4D5E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Frame ID: E309E728484C503A95949EFBD2BF046A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstpT-fs8CgQgPcKuz0CPRaGzR_f-7nOXU5Xa9JfJ3uQZ-1bnPE5JCCq71gWq2mjjQU5VJLudPHKPwqCCL0FcVSQXCxVwGnrRvO_Q95LbBS0gk1_9qPSyy9VnM7Z2WVbzlvSA2d4OeHJ6wnn8finYRutMbnFcBN2Fayb3XFsjgL99hjYy1j6niZm23fhIdR8ilMxU2bJH7FytNReTUM9i0ZGujRJvlsCzWWHU293Bglk1BSlsaqj37Isfi_MFb1xIAnC3Ac6hbPeVipyIyLw3vKgb0pbbEKTH4UxUOaUtGD3WUjg5Es4tSOqpscsQwo8WyWZgS5zTgEyrGTye23KASzpbbxpMRzorPFBn79pCoZ4EP7R4EzWoqx6xfzjVTC_iUB_JHD0IV9GmxrHM9IV8FCHO2zc1rb7iYV7zvxIVux8mCnd&sig=Cg0ArKJSzFwjfA-c0F8lEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F57494EADD1AAB0BC5AEA67B53772EAF
Requests: 14 HTTP requests in this frame

Frame: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Frame ID: 3FFFD9B10598EE5F7A9E9088C5205AAE
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstT1Qn-1rePEE2r5-DJwNyi8nj4X72Ai4WRgv5hcuuzgmZ6k0qktW6-Up4mG0KbdEvZUup8bZlzNiG2YLbf7liGFJLeYtDqBuLtbsuFTbRqmpz3ZZiZYSlh5sm2m0VU25uWp8bNtME93c0GUQztEeI4RWawRG9tddy6v-CdpZOuEOJdg1nTVocuXkkffKt55SDqT5h8Q8w0rwFp12bIxUfEdJHHwIzoklvdCbyLMI2AqZ5lD_oKzwYYRr4ZKDkKuVQCzTgLmlcUqKjnhtLZF2La8tLYY9EXaP9ngwXFiRMy20XES8iJ3Gbzqfe_4HCdQFCYFL3oJNzjZ-4wms2aJg89xHKgvejTUjcWSduaHDSChINd7o3je9FxVi-XBYgz_ld799Wwd8BDwmMRFAGqeHV7XYZQpS04NIDRjtEdnn66BCNo&sig=Cg0ArKJSzKNcpI-W1szDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F7CB5C8799C381BE748F5B4D923B8596
Requests: 14 HTTP requests in this frame

Frame: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Frame ID: 0121A402EC6854F5244A171B25B58772
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1
Frame ID: 1FF6FC7D20EC916A20759BA3D17733A3
Requests: 24 HTTP requests in this frame

Frame: https://b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=1
Frame ID: D39AC679F08EC0FC9FD69AE62BF1F2C5
Requests: 1 HTTP requests in this frame

Frame: https://58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=1
Frame ID: 26741DF34F1FBD11A150CDCDAB23FC4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D077CF61729670DD95D4A37780CCA438
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvr3BQadKC_d4k83_hc4cojLsR2gqJRjS3AKGSabmfufiZg65eiANPe25EEYMv2uuOjOPQKOGCxFwHvD6vDCDTCKrhnU1omyO140dJ1u40GqPmf1IcJRPDde49HGsfIfE7_fi7sbUg0aaFnmKiL0U4Ze_kxeriOxWPVJHdswCFt2y2zg4TmVQjEjnafET2qfypq9UzmKfXdcii4b6rKiK-Jl_h3bHMx5926bPOQtgvRqJcBW5Gilt1N0BcJhgSOUsVnL7xF_HvYqwy0FXJSgu_pSS1sa9qzyG4aDHjOhEj2YYMDHcOR83UjPQamWS7d9zWme074jI0tK6PrHpusG1yl-PToRiMNU2s6weQzYFj59BB-ITJ9GZt54d90hWqBotIszHTEHEphY7957T6IrSVko8xP4vk8Buo4MY2eTpKucw79&sig=Cg0ArKJSzC95otoa0P_JEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 381341C3FCEB471AD9696F6837D36FE0
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssxi7ytYVx8ozqn5VBEO9R0kVMDjFC559vgaxPcrotFsVAoduqKDaE1l6eDKb6zbVcLxsPL8DSZXPaKeRDuCWfFYjPHWacLvPX39GWWfFernOg-kjK_8l-Ob9zy2S9PNoAwqhHqEAOxo3x4lr8IUdaNILFFeH6F48P4MCw5gMFHmEeYCHanyFQ5IE3kfDiOc_Zg8FRApIOznFIPsd5r37fOb0nip54FP0mX9MrB-P-6USDxUQ_6R2pYyfJB1wUAzd_5393731y87ysgjwXuB2uhCnFK28sLNmCC_GEUfRe8nWd3Mxwu7kRoNCC5ctx3ZF6sWfnQklj2TYY2TYZjOTPy0ywTibPv9TK3LHEf92mqzBQZMJuBsebThpeoXrLM16bC5R7YR-_HkK5be4PFPE2DLmM0SdwY1Bw0CaOQ-5T-&sig=Cg0ArKJSzPdRi5sQZHFREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CAF7932FD9FADA4088A3C09788D8616D
Requests: 14 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: F8A2F4FC32792C4A473EB81822E3ADF5
Requests: 3 HTTP requests in this frame

Frame: https://175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=2
Frame ID: D8B3E5F2C6C7C8284CCB692410CFF87E
Requests: 1 HTTP requests in this frame

Frame: https://f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=2
Frame ID: D7CF52D7065EDD6C884A15ADBC809D28
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A54AC28858997AFD7B4168A2DED5AC38
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsth0-FOqKwF7dynA4CyMeumqvxjJxDmxcho9_wvnqQFJIfiNIRi1nfRLZWjt_qERR5WedDmYuSkIm9-u0D1abKQBPm7Utfr52aV_kjFbN4flTcOqQIimZ10jiI3-JBdpPPo-zuDmFWlRyy7aZxHAE3wxnIVbh0pd9KhK4o2yHtn0RDsHCdtxrFHSBqehcsRQaVaAJDoYyFlHffS0Ww3ZbSU--Rpx3kEcOwbhrcBjwjmKjVcgDQU8lxRYvFqH2wkss_7Zt3yDVbdrWf91pYxZKGUkogbU18mGiJ6kGWVsarYWN4rAGatauVJPDCaKaWgWfxXsv49ZgGfirS2lO7Cn0x0BW9wY07vPgs7Ca8QXFWjpqNdXWNT72xCytI1dImqz6yyQEIlD63hD-hp8IuATOTnBxT1CH6O-JE1VsMpm_Wa6c3cOyDnSUyak5WNV--957yPAg&sig=Cg0ArKJSzE4MfwD9veqLEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E472602538E80CAE5E0B87FEF6344167
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 1A0788FBCE9A2AE0BF7F90958BF895F9
Requests: 3 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 2763021D6E2136D38695DE43909DA8AF
Requests: 3 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: D99FB51B204CC238F779395E8A2EE89B
Requests: 3 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 7AE8CF9F8D809A308794033EA7367454
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B547312E3CC616E6C084D5975638D0A8
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F491F8358655F163EACC7CF4A1B1E132
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=730929&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Frame ID: AEA2F975EB5E65E519D39424EE816571
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5D38F4AB2A974B7598E185C5636309B6
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Frame ID: 1F7B886EE4D12ACAA313EE9A5FADCB23
Requests: 22 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=161&gdpr=&gdpr_consent=
Frame ID: 1BED35047BDD3320B9D9A2C9C5DA19E2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=8e1b1cddf4eb779&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 75BE477B3B9E681BB5F3C84844578789
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1
Frame ID: A26D64B807673434CA52B579B3A44DFF
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 549BBD6E32DB35FE69B7009E49B0179A
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2
Frame ID: 20048A5533E664C3C226E346A6C36EDF
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B2520CEFCA56183E0935367695AB7829
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,
Frame ID: C74434769DDF2711028185E455926EB3
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A56ADFB5F12EC7696DCD32BCA813AF99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Herald - Local Nelson Mandela Bay and Garden Route news

Detected technologies

AngularJS (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

angular[.-]([\d.]*\d)[^/]*\.js
\bangular.{0,32}\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

393
Requests

92 %
HTTPS

34 %
IPv6

53
Domains

115
Subdomains

108
IPs

13
Countries

6469 kB
Transfer

22048 kB
Size

34
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HeraldLIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/HeraldNMB

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldlive

Search URL Search Domain Scan URL

URL: https://www.timeslive.co.za/

Search URL Search Domain Scan URL

URL: https://www.timeslive.co.za/sunday-times/

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/bd/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/fm/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/bt/

Search URL Search Domain Scan URL

URL: https://www.heraldlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.dispatchlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.wantedonline.co.za/

Search URL Search Domain Scan URL

URL: https://www.sahomeowner.co.za/

Search URL Search Domain Scan URL

URL: https://businessmediamags.co.za/

Search URL Search Domain Scan URL

URL: https://arenaevents.africa/

Search URL Search Domain Scan URL

URL: https://forecast7.com/en/n33d7125d52/port-elizabeth/
Title: PORT ELIZABETH WEATHER

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?hashtags=&text=Netanyahu%20Says%20Israel%20Will%20Seize%20Control%20Of%20Gaza&url=https%3A%2F%2Fwww.theherald.co.za%2Fnews%2Fworld%2F2025-05-20-netanyahu-says-israel-will-control-gaza-as-pressure-mounts-on-aid%2F&via=HeraldNMB

Search URL Search Domain Scan URL

URL: https://www.careersarena.co.za/
Title: Careers and Tenders

Search URL Search Domain Scan URL

URL: https://iono.fm/e/1555807

Search URL Search Domain Scan URL

URL: https://support.google.com/adsense/troubleshooter/1631343
Title: Meine Einstellungen für Google Anzeigen aufrufen

Search URL Search Domain Scan URL

URL: https://pagead2.googlesyndication.com/pcs/click?xai=AKAOjssdSp-fDhCc7Yu2PwRzAGR0r-b8dRmPt0Bl6CdoIKKbbg4fCklewpnm6fZ0Zrb9tur_k5J9Ckll5bgcWI8TPEOm3fz2EdEGrZR7kC1huJLFwWpGz5A8VZ41Zpm7S5ccDHzS5oV2xX2Boa54AjOTLg0PTiAtujVo2OTy8MKs0LoswrDxLNi6NDZO4WPXD1_eDDvv0xpIZ-qRCtjY3qeFR4TezFnm9ZNfME5RR5_s-bXQBV47uPzNCJABFUJq9HRV8wIPaV-u4A_xODGUYnCCDqyoEnpfYMfY6zV4pp6JFkMwsI7rTLKibi3GYmvU5unmfkU78V49GoZAR6cbmxYUXyI5EqzfCndPtTLW_amdwiaig6U4QwYFQx9X31nMEvCRNtLMJbtvFWSEwX1xTX9LrdkY7Qzb&sig=Cg0ArKJSzHpdhLrYe4GS&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://sahomeowner.co.za/sa-home-owners-home-and-decor-trends-special-edition-2025/

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJEQYyDih6Vjh-xDkfKvQddXoIOwaG5IQ3P0_56Ar4bjo4KEr0jhA3VxUeUtSPZbhlFWcedzGRSyXLHkOLFdJ4DnhF6QuLJKsVi0HI6I_k9G8tn_wmnaEhGXFybp2fX4XVJJK4O-b3yicZaaa0Ct6TJ9knSYJabdVsi3hftvnY43gWTXqwZJwEoshivC2ED6ZuzzZwxn526geHyspA3haGXq3jOMsYu6Dse5c3s999xA_fvB4vqBGUGy4NyxXob-OufVonako1fpvH8XWd-7ODd2Y2u04E8GGLgFk1GMVSx7uN1u-EBaBfAxSdjLqBzuT9NGx39QtSYFwqQSalkQQRx0I5TvPd0Cn0XJD2mL6CVZLIzH-CK1s0upcUzlX2A6PyHtwnc3N_f6yCti44CaxPrltydtvsxkYB2Qxa-u0Ka9eI14xwxXvpH9kNC1sHVAIdhYs8j32DhuzGYvouBhBe_4BEcwxMyKgAbcNhac_G32oVUN5T2FRkgzpg8K89mM7Em3uAHNGwSGuqiJYL3Kn0PLx6riS4Qzl_lHN9Iun2HVFNDPjD-tMYZQJ5cIU8gP546k76hnYN0ZeNRfP9TWx5F7crjbUG8-nrm2ntwkywMIene429pZyv_Of2Ub-vwbXNaVHrpKdZE4VhdeKCGNyLvaPuDbbBzJukGsK5rVqZRi9dO6plGwCEwu2bAfMvO2s8joA9K9RXj-7cxWiRSvdMimUel7ACl6HN5M6HpscT3uU3j9Jb77UfuLEiqk1FcJt2mNzNh18P1FJVdyLeeBJ2kMyPVWq3h8G07JixHae9KNIjBasghGOowbmn--XlC4VvUmYkSjP0DeiUAn0G0s7Vd791ICDl3BWhaf2i_IRD8zUvRr5oUO-M8fOI5-YIfJbeTAJyqWOzus7qYTcSlUALZa5YmdWHneuUxWftztun4qZrJZdlpRHnHJeEG1ul19U_4DsK7Mh9mPAqLuw6T4JZFLTBw5MOEnn7ec-2K8RHVYlsqHUtniyHXZYo31_1gDw_eNQM4nU8PqKIDDF1GxdM7uC_olNYBrAtIRwASsQtcxqgvXKAPL8nte_ZaUddqd8IpvMBT6_JJ6EmaJvYC1TQyYsaYQK_lSqZtVJWQyoJiJMXTO-6RpyfPhj2GoO9Hmx9wqq6QgH16oL8GTRobDUL3A7G33ndyAUoW4CvHPdPqGGdrixzoWfxY_W83uq4ZOFcVTB7lgIG5R8LlkoOuKMxS9CTb10PZPtNKn-yGFJ5cqsVX4KCb80L74i3WtKHeBd-I2eFXIr&opi=122715837

Search URL Search Domain Scan URL

URL: https://pagead2.googlesyndication.com/pcs/click?xai=AKAOjsulK4Y_35O9MDiw6PUTSjfvDILlRBl2dI9WCp35fdgeqFSJeQ5aNLMV0d_EMWT0s_FNOZPX_QGgN87fnPDmUqb8K-hX-v46mCQJ7A-6V8DvjFQLRamQpXvqdPCTHR2_k39_12aqE7HujWpuX-5Wb6R3__-IdfGePPY5u8VYS3nl0pBm2MHz7iQf4PKCHvIe0-MWJ1pnp50VvVJNSVu97Rs3ARkSyi0TQaPgDL1VoerBaKzzPY5XhvQ2Aj5wltXicHJseR2u0FI32DyiQT0rhfkuuqH0FxqG-R-O22a-iPx4wntvvVRlDdjEZyqWvHwx0qbP_aWbGDmSr6Hb2KYHfjGavYXZlYPo5G_Q0IjRb-6DLzz8E4PcJu0izMDh8ToQtHArpZhtgoGbP0ATYoGCZapaYe50Dm_efCSj09OGTHlhIdWRt18lVBP-yY1qQC9ZnYvL2e6P_WwftQnH4xsrLEy7Aw1numfsPxypMOUq5dNR2tw6_5hTB2z-787tfhtY4P24NSIn_KfoQzjplR5BViiuD9MWZ1YxaMIUPrc6KZYH1o7iFxxGmCrXpkH38iOZgMdnTqAHxwMbiqJt6dPf45CgDEiejzNEdw3aOQLyztCWt3_y_U91ssKrUffeZLPpo0oSXTwrQzpRRrQIxYMV3iuNhzfDi9HoxK5zeYO5piMv1zbUjgteiB9ooaNZgJEAEFSFuF8cCCjSJKwjD7U9X8AtVZgzTSoVoRPfOkJCH_U7ddX7HGbGFxxDahGe3xmvheddBBbqAoGJwwGTsDzRGUn6U-s5VNR9gllc3IVSoTQ0aN1QLpWGqMXzKks6gJFb7OkiciR1sX_PqE3VvjX0oVKIAGNfKzCvvg0srL8S-05IPgqwetkbvUvva9jjYweUUII-oAnARbOsedYbgzTYWd2_RKwtZI9VzO04ItfWH6_7TZ1GUvn7sFQaP-4_HX1V_YEcu5LuIUC26KC0wKX0r7WAx3Flg1xnLDR6hoAmyPzx2fegibI6nUcv80hF4qkAqP1ED0Io-iGc72p13-eKJV79y_1ldB14-LgK--31eN0rqFUcYIyOz3OB105mCKuVbq9_uGkESfbvPa_nqCwgrgafEgQrXrdfNcE4SGLbGv7jKEOXUvEMFufJWBfL9yNkcC4SJqfTLqfr45WBPBFsjTZ75sfI0_rWdrEmmIFV91M_bis5AwpF8lqQUCEqOIuizkevb_jDaibgpP6VPAWybAu-TzMQJ-OclJ7VzpDglQc8aBDojj47bHITwC_vg-bc5hgf87TfOqZue0g9jCDnwVzkG5mT9g6YcP_Pumd_f8DMX2QlORYOxElZDV5E3B6YnYNrLLp0wUcFMKx5AhTqNQw6nJFurvUo0H-LD1T3sbVRfDOo98gW63Hxf8xm9dP_LAvyTvcjO_0KI2q-2YcEgbl7LNsRSxUSR53ETHdfJz08Fk4CJ4orFHr2Gdg3MaLXSUz1AItHudU7foXByuLdt6JTiI5T7KA3xSn1WFahHi-k9_ENEQ-j35EtzKFgaJWD0RMy5R5jPeYgmUrFBhX58mspLwRvDbsSxDVSmg&sai=AMfl-YSUAQQvZf0QrhD2OLLZpXCg9YOI1u_jGdktUXAfq2E11HswpE_KclVvUG4&sig=Cg0ArKJSzJaW9BTvdiHS&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://barutanda.com/de%3Futm_source%3Dprogramatik%26utm_medium%3Dcpm%26utm_campaign%3Derken_rez_ikinci_donem%26utm_content%3Ddv360%26utm_term%3D970x250%26dclid%3D%25edclid!%26gad_source%3D7

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJETSTCbDA4vpZbizGVgWd5saYQV6sYC1Ka3hdzPeIhcm7RnMoNuOA3pEge30HEJgqn8iX5_iQcQmezmjtNyCXp_NNLTapv8mME-rR4tuVBl84u-McN-gLdD91bxcnFQksZ4FixF0cNAui7UJVnSRZQoOaWbo6KO7D0yz0upy4alFFvQIklKo5zAqbUR2hHcial3MxFkdTJ-q2dfexUjcWkNWBerA65k-uuW5JmyCGdWPt53xn5eueQBDKYr8Ujb8BdOaAKXuLG6ZMxXFq5phxZINnz32NtK95L8sb1WKNckdUf3nH4X46C_q4r17wLaK681keE67ySKERyBpCAHrnKsLsynm2SrUfwAgLHt1FUJAANN_o6DgKjn0XLINH1qCM3vWB1RowJPEjCRIEIl7eGzIOiLYgAvJIJYmlT5Kex4kcnnAzRilcZpqh8cymXUt8ntAi16u5K-U8QliD5Ppjl3hI2NSVJDzPeU33pBWzhpvvzEss9DQeJkrVWcTdXBAK13zHrX6MZ6tV07B0wuxWPhv-ncKwuJdP27sQd7CGGfRvheut8KJlcB50EwEpzoVA77VVJdBAbBzTkJIINj-43L2UvkDvQv_OtsiPby7nL7HAf01uE7WcMI_BATIht03Py3_Css4TLnOOHdgg9uAIFnGZeXsYHgGzjYLxKePsDDWiaUgFslHRWJwyx1Zy0wBL4K7g7rwittsRBp51uS1gd35ziuckb7DbhvKvcL33yLGIXtTvLbK3Z0ubAdRJVqLohyMViPouFoEy1XukiMruXALzyZl3oUhzeeCTV2ULXW80OjTfMsmaJszqeOze8VisjxnhouwyRoclSko5sWKqFMpuk_vk4EufDgfHphqm9ZUmGTGGl0LRupgOy3yXptGM4jAKpcNpiRfISXeLqV5h7sdJdTbmtR2mJoZUFNlDUmxjyxqV--c2hpt75wsyq5whQactqhC6vXjVRALhLgluU51m6_wAL_2OrytYmHMQNunRT51k-FMnZ2qhYyjC__96bju1_BR5oZCuydnkir_KbR2JL5UNdYKC3nVDHpEUAbISikKsvAftHZhpngENrGBuIZTYjbq8sCvITD6rYab_kAOmvHJXq9AbC3Nf0-GNCetNj4UdguBrTx0DU1SLYV8per5wLXQqCzQvxFO1sg20lcNDd1sEfCKzyspXU6DVaIhNIVCvQEzPBU0Nkr_P5GHMJPtqGUTGqlALa-Y66SGwdi0jrMiGicXMhrYcrxx0l2NELhrMm8nk1X5yyWs4lKTlqEE1Yk0FNwwLga8YnHbSGpGCM7fzSlCCfI04l3NknpposPJ-E9LXfdJE7FdHyCqk4gZlILZH9GTtRGtMaRAgbLYSBKx7SeZ-fA4VJG8AGHRIHS_8Om5wvv-p9dc5J-c8hvTyvQhL5PN_wAwfIVm6UdiPMSmq6STSxBdP08QJJNXQbVZsJ2eA_CEKEk0LREl-jqwveLlp07siu3krjiKfjwKjMo939_pINOYo737UHU_mv7SdqAKgIZmBX4_MdRCeLEVPN0U9L3BCJZ1VyGbZ2xnEhCV9sesnH-ecyZJ9-EiuH3S1G_O9Tn6ioVSLJpZzVR0tIjW7x8UbJc3hRX9z7ZLQ0EG5yXWQUJdu37CM1uVpQFO2A7iPy6sK3XG0qrymX9Tyy7ckIfpoJ64E7oi1IzF97aCGhIhTswDjUB1icSg_DRQpzBcHaDc94iENi-adtcvBWHEkbs2xeqKb7uMT7DN-Z_g-LPBt30M0KxC2I2T1-9sOsZaY5FmO4RBXQQ9qQYZ8QYY6vUwov_Kd-N7c88FcDmpmlS7oXGH3dFQ4te_99cjRQoEf86SX6YDt4TxldBICj63AZr3CSyjR646HsZ3nULdaosQkaB78uDc6gJY0B32VWwXikwgetGyHu-uf2tKISHdOOxFJQe-S8uN118u0hqt3EcnPLKR

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJER-NOjBjJhCGaeTmsbuGxMyN5HIII3prDJhw5f0IT7HrHz13GIoHjvgnL2FEojLgzO8-3lZedpYN7spfRxb1abt_MBu5aePTGQiXMnyGGddSQ2-l5lBLq7vUg_nP0wPDC-1v-2grYR_E_IqAfCEJ-ksdF4O-lWJNh6j5ZurBLyvjwnyZ9G5UjQgmYi-2qs4D1vUNIUtqkEehoGSOAhaJQTWEbpas0BjNdPKmj45w1Hl1L6nnm-XnY6u3K-Umu0zsZpdIqKBhD8xi-Fy8VXzhidagvbMXrWvSpJLR9IbGpVKWawq1RGpgHvAeIiibXFZK9uotXeeagDXIBwBB_vrlArWq1NoPmItGmWv8QBO2ItEczfDOJeDs54J3_7qZOdhoNxCqWoACX9DOP3uEE2r5o7Q13orTjgBOiuHzREf3cj_7AT4spI5UWqMqojo8nDOneqTxo1JhxNe27dfxQgBDUKyJRFiHyC78A7CBZO4u2F0fbY9X1cMX69e7K3_EZpi8-5nucWP6d5hmIgkWUHoLDuQi4GpnO0DwnI5m7iptpCFM9On8450LELYT-Je-FfCfLH0an3CGlRxYpDgWg8uIj5NaJ7rM2v-VVKzPoag-Xa_sK94AWKO_lYoJ0xbvCqE3pET-Z1vJEmMYJIfjY7GkLZ_02ZbSiIsE5f6zCgUYAsZgvRP_cmDjZ3nYnBhsefOkNE_Lg-nFLyf39lCC7Ye7pwAqdLiEVG6whMcy2hfmbdMi0mExMzh4Tkbt2KZuSZ9ARekJiEiIx0DCtwUFQ_Gfv9PLVSrnSoNZASg6KjKtK1Vvec6cjBQYlZ5eraWk2yYW9OWJySQcumDizNuBXXv63aX0rtanLSZKGc6mXzWW2kSBfr6D55m6NYJEnCB7cZFuf8X2QzYldHaxVBd-sax66zX2wNrQTLGNpug2BEVeNxo5s8EIfNCG2Vgxdw9CpgqQRxpwLIJ3JVC1ye3kqsvmrsrgGSxmBiXPpbkjkw9oc0RPv-2ng6n1spMoOS2FQIXhuzAQ88I520UrsOpecoIRWj4t5vdhxR_4AN4rjvYZAtSZR13Ym358exoA_Chx-zE_t2jrPHjCMSaiex1Hu4cj7CrhJyRUX1T-TdKOw7j1UR5YbQumpqRixCXcCWCAvE-RJtHCK6QwPqsGDLcsyGxGXYO4stb8k1PNu3s5hEql94Q5_xOfLhzqjXxPOlhgrRka490y7KgVr7htEvfIMYyJvQ8cAS0Nw4XR69J0J8MxHifaWwHm48RqWUT8goqCLbmBFB4qb9-oXKOaAxbycfRSlGT_XZCEaeEc3T5c00eBZNBrqw36rSwNs4WFOkYgdO3JzepUxBCpfmTFoAgoo-ul-ZvsqhygA6sraI9cZfBugbZi9dpEgZpEoeBNOI9w0NFa4kjP6O2ssxmT6Qd8CD18bF202a1p9VNzATESWJOzmWjIMTooO8jqYyvEA_AIRw28IXfuQr0StwWxORvouE0LZBpvOT8ETShfnbPxJFlqG1zo7SD5j2u_JPYMqROIOkkU1pe76YUTqbjCJke3Ih2c6iX1yz24RjAg9VRwJmjrI_0Xo0NW7tpqeq72_by4-ukVkE8Rdp154_3K_siboQWpk7QutWhpqi5UsI3jO17v9RDjEyc3THrEoAU5qapV1zhTlV8o622Ap2peIelEH3tBKlnUXeZEzpfU8i89gC3W-nkJM7ZpJbLwyKmred0RCgKqS06acEd6YK0_tht8IOC1JRSJ6gKrPOzFilfeqagYxk_eDnEKnuN9B9J_8J6gCBAlOMqyaXj2RXAi6glFHo1n3kSfeejUrpFX0Ya1Dm1cjnNB_bY1cbq1mt0ZEVV0WeWPrt_zAF_GWCQ3TmjwxKQ9s7hOpTWPeB8HzjJPgOYAdiI-Sancfjm4tBg-PKLmEEbZZfndIZpeqGtjN5XWqXz0iY4e6rRrOYrlnUgt5AbO9eR2M-7n0x11IR7g_eD2Hp7t8Tu6uVtUpwvOG_dWZk6Js5R6GJZMts5HRiu0c6CMjU&opi=122715837

Search URL Search Domain Scan URL

URL: https://pagead2.googlesyndication.com/pcs/click?xai=AKAOjsvce2-OPGKSdEo9b7Dz1w5NKiDtVNfLxsAJyHsTyf6jxMSfuL77RH-TCtOgqOkulTODh8AQQdF-d343X88VDHBR8u0t4rqcuRF-uFV0qTV7pZpvR62IDbSRQnYiM1MTvyJ5I7ylRHlyssQ7IeoLqWWiLqybHCNyuTAQd5D46R6McN-BFidB78jZ1rKxivDeMINhM9jRFokq7K6R8mLe6qs531TPhabMzOVRJFy8D83Cm_SzWq3yv2cu6icSHFtmopskLGyB1ejSQ7t_nXP6mb7D97TYosIGqoPP2XfZ3OhzqN2ADH8DKpk2ICuBtx-H-4222MUIUSy_31jqZMilrz_ZBZzqDt6U7cjlEmugpdKVckQGzo-iz_1-_mv2QQ8jlHn25kjrV7ktmSsdDHFGflHZr205xiJ99omWmB-yL5YabVvIBw&sig=Cg0ArKJSzH3RbCpMzRbn&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://pagead2.googlesyndication.com/pcs/click%3Fxai%3DAKAOjst2HYJRCgnACvR3OIFNaZHALvhD00BPoh2x7DAXEnnZN-ijTXT3BVEOFzdLzXAV3MWMZphTqcqUFS-VcuFcTru8aht3kEmxE0Mim2mxzf14db8G9cGEcAuOe6Og8VuyIWgSXW019pD0QTjAjcmIq9lKdUAkQQj0GxB2fifqbH1Da1haUZgIYygqaI_N6J0Bm8etkED2ddMNV5RYJ_x1pea3IeB6l5M1J94-CNUGYD7m10CtD4ERVZO90joE2kSzTStQ3X8FntQOaTMyLWNxY3nQlZxGSjq4apQDRBY46wW2eetA8ITaVHr3ceETMglhpeair9wrq_CrBJITT4ymlr7-ZDWreYjT_MXkm_Q27IDmxmGezPW9cgmSgiLJpB5r4QWIZiMHbjuh8WIa6LOpC4N_f_c_%26sig%3DCg0ArKJSzJtifwcYp88UEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjsvheiEaweEbaMPrda3isHqCMLv7-aPvHl8Fh80vYeu04vnpTWwh4cOb4czhuGn9Iu2YO6YthDfyjy5TpcVupIsY2hXRBs2EmZFUl78uzausuBwDoZg-fV0aYqks5YV3yodOf0EH_qNsK1Ci_rc7k4LyWe6U0YUgT2slW8wvy9WZkGi1HLStufHJQuFzN4RCIkbKjEX4NxJVdky5ab94qxs8-cwciXRVJrvc1uqG9iFHLHxHNdcMRMNg0FGo_F84Wo23uYz6wHwmF20k1BDrMIPqZElhdy2utXAbRBdBxsmiFoBHGXCVh7e9MK--9dBt8gfTZ1iebLMrYNUK2Z-VIn6Y4p3TBDry00MsUaChye7jf_RuXe34XUb0_EnDag6ooHK-q0XACGmJBN0serismFRSGZBk%2526sig%253DCg0ArKJSzLxE-OAVVFkdEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253Dhttps://sahomeowner.co.za/sa-home-owner-trends-talk-2025/

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJEQRnkJnbWCJH0Jqa5Xlo_JOkY4TgKvhqkKSIK8hnReoz6Yd_EAsbC5uN18TG6ewWkPkaStoe54MSBLV1T2TVO0XP9mScb5GFFKCvLDuCq9RaDXRRLJa8ujc5ClgCkSlbLX_wmGu2mOqXCAmaztQMrQraKo5LjIVlGuxGZKiwp4J35EYIXY4W0vUNxzhmzDk30LFrxwosBEvmEPYrkTeq3kpBYD7kLdlJG1XR8jiNH05xjl25yIYKInhtQSqu9EsCpv6DpuyIqB-kf3AREOS_6tlwkVkul77G5C4baZ4ab403rAFkHjZCt6O-gBrR0MxBR0xwAZtPDpKqWuX8h2xg6_pTb794KMiAw3mHwYRs6bt3SSbNpep52d01P0fuubeSw3iYtnpgEXa5wETqZvnAcPRvr5l486QkWTdriAMS3RbjTAPmed5pd4HS5QE5gEvk6-zVCJBPLwIk2aFJcYF2N_u_vZ2wcO2XqjxPrZKEbbRw8zPmkqnhw1UmRRwfK-J8m9eaZqWp10iwgfDbM8O0O6gWOeVfm255ZqWAW4eES-TLVrFd2BBRZ0XauLgG18AxJ-slynAeQ5tR0XI0Z0AXxnl2oQNo8Pxx5L5xW6mZqqOy_uj1ngqXEp666Zw-KpqlA4yvHbD8h7qxdijD1JM9JO6pDldc_LJ96e1RozZhv5iDH1zHZ7eMvSnpX53ZuZ6Z1mNHqeVJdD7eMDVk2Fielc0vJIz_lji_2hrrpD_zy4s2FehVjlhdbxiKbSawqom9czKgAXnLmC4LyCoX3FK2d41e58gNRmA8BSDUdScnU5bUR_b_K1Ten9Up3GO3t4Z1R3rlAg1INlLmNJSB8S6QhyFcyPenBu7W0sZaY55t-d7LLj9nsfXGIiz2P5kNas563ah2SDOTboFiCMarUwC0kc7rH79oRxQotz2HlqoG178IT__Qx569f3PtRs9YtmgHsDl1HKGueN67xjLrBMFg-MAjQ2NVulFySkMXIXaJxvMfUfzvqC8eRm76j6QE9Zc29Q0_7robLWvdvT6Y4sPcYwEJAoRV-DWD-HPr3IPLSetJq7efnvDRcmoi3L7bvDS2Qf1rBDmYmftERh0jbkySRMF3KQE22ULz1oXItBtFqrdrAEVM93vULYXLpRw5p-DzI9qExEuElsHWEjMAP04QSX78YDWaliXSfoQNu8-teBYrtqbITgK79ISfGKpjFNb8jSpKrFfK3E0KUya0v8QcH1D8tWtVs-2Lbq-CLo3dWEgLj49iE7dXDXz5J9U8dwCuS3KfrjVZLgcpcAJ522Rf10r3hPvPhhLy-PtqA&opi=122715837

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://embed.iono.fm/chan/3189 HTTP 307
https://iframe.iono.fm/c/3189?layout=legacy&download=1

Request Chain 221

https://gcdn.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/3A7F84D36735435907CEA56FCFDE1E6A74DB5D88.64F7B5486197E1FBDE116A3C92ADE5C2C87EFE69/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-5hne6nzy.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/4B9BBBDD86FBEA12F896B7899DC812A6B210C1C6.29C6972819485B38FA244C4EFAA31F048B29B1AE/key/cms1/cms_redirect/yes/met/1747747293,/mh/XY/mip/2a00:c98:2f00:20:a::2/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1747747011/mv/m/mvi/1/pl/51/rms/onc,onc/file/file.mp4 HTTP 302
https://r2---sn-4g5lzner.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/1E98A77D3B5118C93F0FEF375FB7428E898134BC.21F7780A69FA9C4EC0FCE09120A62D8868588EEE/key/cms1/met/1747747294,/mh/XY/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-5hnez77e/rrc/104/fexp/24350590,24350737,24350827,24350961,24351658,24351661,24352023/req_id/2560a072da05a3ee/cms_redirect/yes/ipbypass/yes/mip/78.159.108.10/mm/42/mn/sn-4g5lzner/ms/onc/mt/1747746037/mv/u/mvi/2?file=file.mp4

Request Chain 235

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 354

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

Request Chain 355

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

Request Chain 364

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=null&gpp_sid=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4d98402b53c885ed532f89218ff15b1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv19e0_7507137684706298141&gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=0&gdpr_consent=null&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHv1UCTh915qB1pQNBHYMOM&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 368

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

Request Chain 370

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

Request Chain 382

https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=4d98402b53c885ed532f89218ff15b1&_fw_gdpr=&_fw_gdpr_consent=

Request Chain 387

https://csync.loopme.me/?pubid=13984&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DLM%26uid%3D%7Bviewer_token%7D HTTP 307
https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=7a086b54-f0a6-4124-85a6-9409f6ffc361&gdpr_consent=null&gdpr=null

Request Chain 393

https://ssp-sync.criteo.com/user-sync/redirect?profile=342&gdpr_consent=&gdpr=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCRITEO%26uid%3D%24%7BCRITEO_USER_ID%7D HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d342%26redir%3dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCRITEO%2526uid%253D%2524%7bCRITEO_USER_ID%7d&gdpr=&gdpr_consent=&gpp=&gpp_sid=

393 HTTP transactions
44 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.theherald.co.za/ 238 KB
45 KB 1938ms
1728ms Document
text/html 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ec4a5554ed66f2f1dda37eb1757302b3f10d269a8fbfb288232d80135596ec92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 45436
content-type: text/html; charset=utf-8
date: Tue, 20 May 2025 13:21:28 GMT
expires: Tue, 20 May 2025 13:21:28 GMT
server: Google Frontend
vary: Accept-Encoding
x-cloud-trace-context: 39962f1a3c21e1f5ed28b3874550f192
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 328ms
99ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d3669af58c4904468ec9015af2032d551bb6a1d09dc956204a26038c218f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 495 / 20228 / m202505150101 / config-hash: 15524472431905521952
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33710
x-xss-protection: 0
server: cafe

GET
H2 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
988 B 331ms
81ms Script
application/javascript 2606:4700:3034::ac43:d4ac
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

x-amzn-remapped-content-length: 464
content-encoding: zstd
cf-cache-status: HIT
age: 929
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RmeQj6mO6hSq3lkUuQKWzwPRemCUn%2FJ1c6higgA5IHxoCG2rGU8ASeuWIhRZlJxGPvYRLNoVdGwjraWD%2BFJrnHlTKiO%2BFqOt%2FxtpLogK8bcNk6GPC8cZNWZNtj1LPw%3D%3D"}]}
x-amzn-requestid: 8f3e6dac-849d-4862-a097-5518027d5dcb
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:28 GMT
content-type: application/javascript
last-modified: Wed Aug 30 13:25:09 GMT 2023
cache-control: public, max-age=7200
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-amz-apigw-id: K3iowGhTjoEEWEQ=
x-amzn-trace-id: Root=1-682c7e37-3d607ff809e39b30561406b0;Parent=000738ee1dcd8d91;Sampled=0;Lineage=1:7936cbcf:0
cf-ray: 942c232b3939d2bb-FRA
server: cloudflare

GET
H2 200 vicinity-head-tag-v1.js Show response
static.vic-m.co/ads/ 45 KB
16 KB 339ms
102ms Script
application/javascript 2600:9000:2057:e400:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e400:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2881c67b59c0189eacfad0fb581b084cf47fd66917547a9d2752ddd1a036f255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

x-amz-cf-pop: FRA6-C1
content-encoding: gzip
etag: W/"2a149243bb8420fd119c79ef6baa23e5"
age: 29511
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: rCuPkf-bicARFbXV5ywNZrqA1XQj-JeSDLUzm3bfs-B3RR3SB5Rkjg==
date: Tue, 20 May 2025 12:52:07 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Mon, 12 May 2025 19:34:28 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 heraldlive_21134.js Show response
ads.vidoomy.com/ 4 KB
2 KB 391ms
121ms Script
application/javascript 2a02:6ea0:ca3a::4
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://ads.vidoomy.com/heraldlive_21134.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:ca3a::4 London, United Kingdom, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: /
Resource Hash: 3f08bd4569114a9c6c080d5536ac86b76bb837a169e2e65db67247b27991c5d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=1800
tp-cache: miss
content-encoding: gzip
age: 0
accept-ranges: bytes
content-length: 1417
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/javascript
vary: , Accept-Encoding

GET
H2 200 priority.e8622adf9ff0f90812c0.bundle.js Show response
www.theherald.co.za/build/chunks/ 2 KB
1 KB 207ms
204ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/priority.e8622adf9ff0f90812c0.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8a1c2f4844e8bfd8a1160123da0beafc605588fc1f35624c892318e7a0db9590

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
expires: Wed, 20 May 2026 13:21:28 GMT
date: Tue, 20 May 2025 13:21:28 GMT
x-cloud-trace-context: 8aeca3d884ae7e8bed28b3874550f4b0
vary: Accept-Encoding
server: Google Frontend
content-type: text/javascript

GET
H2 200 priority.e8622adf9ff0f90812c0.bundle.css
www.theherald.co.za/build/chunks/ 366 B
352 B 80ms
78ms Stylesheet
text/css 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/priority.e8622adf9ff0f90812c0.bundle.css
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 12176
expires: Wed, 20 May 2026 09:58:32 GMT
content-length: 198
date: Tue, 20 May 2025 09:58:32 GMT
x-cloud-trace-context: b1414eede13a31b01497fc047ce3951a
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 entry.c1481c978a592da56500.bundle.css
www.theherald.co.za/build/chunks/ 108 KB
24 KB 128ms
126ms Stylesheet
text/css 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.css
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d3157180a31a59715da50cc0ec983c188bf8af2fd3ec427595bf206ecf511a21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 12241
expires: Wed, 20 May 2026 09:57:27 GMT
content-length: 24822
date: Tue, 20 May 2025 09:57:27 GMT
x-cloud-trace-context: 3de2eafd236b3aabe9f32fc283e96c09
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 section.91f9b52acd2c44e5f02e.bundle.css
www.theherald.co.za/build/chunks/pages/ 131 KB
21 KB 80ms
78ms Stylesheet
text/css 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/pages/section.91f9b52acd2c44e5f02e.bundle.css
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 75aecc451658f90995fea2265231e24e1a810b0c3fc051b41cfb92f07fe8623f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 12234
expires: Wed, 20 May 2026 09:57:34 GMT
content-length: 21747
date: Tue, 20 May 2025 09:57:34 GMT
x-cloud-trace-context: d243dc229909ad987be1b737441346e0
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 21 KB
3 KB 339ms
94ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

618a8c9bfb7f0cfa622826e5349fa6195e24ae49f2194907b9aea0c89c1cc0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 20 May 2025 13:21:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 arena.png
www.theherald.co.za/static/icons/ 33 KB
33 KB 80ms
79ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/arena.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 09c1718f98f43e0d4991844650eefac1459a39b3817fa8e09960425e0e3055ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 59018
expires: Tue, 20 May 2025 20:57:50 GMT
content-length: 33449
date: Mon, 19 May 2025 20:57:50 GMT
x-cloud-trace-context: 95539bbfda9da6953143e3575e95c33e
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 times-live.png
www.theherald.co.za/static/icons/ 14 KB
14 KB 151ms
150ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/times-live.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6e1fa095b32380cfc9012d96ac2284c414e1b69800f6449e11bb626955c07e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 63680
expires: Tue, 20 May 2025 19:40:08 GMT
content-length: 13958
date: Mon, 19 May 2025 19:40:08 GMT
x-cloud-trace-context: 02602b84c84b11e5cbec71abc12ca5d5
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sunday-times.png
www.theherald.co.za/static/icons/ 24 KB
24 KB 92ms
91ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/sunday-times.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b453b6018cfeddfee67cd3ab2776a134adfd94ac4424daffa84c0c1abf7b5260

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 65195
expires: Tue, 20 May 2025 19:14:53 GMT
content-length: 24558
date: Mon, 19 May 2025 19:14:53 GMT
x-cloud-trace-context: 5d145baf1f5dafaa32d0d455eaaee83e
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sowetan-live.png
www.theherald.co.za/static/icons/ 37 KB
37 KB 104ms
104ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/sowetan-live.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6b6e5522e848eb470dc2648937f28971b5e29c0e566a7c6535a64573c609573d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 58050
expires: Tue, 20 May 2025 21:13:58 GMT
content-length: 37862
date: Mon, 19 May 2025 21:13:58 GMT
x-cloud-trace-context: 0078f3656d1e8fdfe0ba96c0709045e5
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-live.png
www.theherald.co.za/static/icons/ 13 KB
14 KB 103ms
102ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/business-live.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0dcab0765de8b009361f988cd6784591a5e2c4b4445db4403d30596f3f6e632c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 59152
expires: Tue, 20 May 2025 20:55:36 GMT
content-length: 13696
date: Mon, 19 May 2025 20:55:36 GMT
x-cloud-trace-context: 027fbc452b50241502ba2b89ee80f578
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-day.png
www.theherald.co.za/static/icons/ 39 KB
39 KB 155ms
146ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/business-day.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1bcc8ed415233139faf208a7929bc97d1e66f1bd3255e7e53562b10b8d440aec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 18943
expires: Wed, 21 May 2025 08:05:45 GMT
content-length: 39913
date: Tue, 20 May 2025 08:05:45 GMT
x-cloud-trace-context: 8600f6eec7b7ceede372247709b4852f
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 financial-mail.png
www.theherald.co.za/static/icons/ 11 KB
11 KB 346ms
338ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/financial-mail.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cfe033fc215b52a0b6786b131136351189311622962539948bbff8302da8a21e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 69213
expires: Tue, 20 May 2025 18:07:55 GMT
content-length: 11606
date: Mon, 19 May 2025 18:07:55 GMT
x-cloud-trace-context: 5f0475709f42e2f5f906464f83d518ee
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-times.png
www.theherald.co.za/static/icons/ 23 KB
23 KB 329ms
322ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/business-times.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 06b3b1cf2707a488df2615229eaa8492aea59d069a5f59efdc4a5466951f872b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 57033
expires: Tue, 20 May 2025 21:30:55 GMT
content-length: 23831
date: Mon, 19 May 2025 21:30:55 GMT
x-cloud-trace-context: 59e6050671affc9d58a02373786dfef9
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 herald-live.png
www.theherald.co.za/static/icons/ 16 KB
16 KB 293ms
286ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/herald-live.png?v=2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3e19ed8ad75dcdb7ed0112ac0300650c08a1d6ddddf9cb16db71c707f5ff98fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 16320
expires: Wed, 21 May 2025 08:49:28 GMT
content-length: 16536
date: Tue, 20 May 2025 08:49:28 GMT
x-cloud-trace-context: bef73f7d09ac863c5b1f3b2c777c5fcd
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 dispatch-live.png
www.theherald.co.za/static/icons/ 12 KB
12 KB 284ms
277ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/dispatch-live.png?v=2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7e35b147e8203bc637b05d0ace1da7ee14445f6b700fc5510c989434ebe81cff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 15404
expires: Wed, 21 May 2025 09:04:44 GMT
content-length: 12118
date: Tue, 20 May 2025 09:04:44 GMT
x-cloud-trace-context: eaba81c2f06b3b9338f345e17042576d
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 wanted.png
www.theherald.co.za/static/icons/ 45 KB
45 KB 425ms
419ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/wanted.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3010192f9bb5fe1da34421599bf624e8c31dbb089efbf02f30e65aa445f920d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "B7yMNA"
age: 4526
expires: Wed, 21 May 2025 12:06:02 GMT
content-length: 45984
date: Tue, 20 May 2025 12:06:02 GMT
x-cloud-trace-context: 9941bcde0ae9059329cc3cf367ad3b29
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 sa-home-owner.png
www.theherald.co.za/static/icons/ 28 KB
28 KB 437ms
431ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/sa-home-owner.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8b8d5614a35711901db89c7f421d9822b6d9885ee1836fd6ceec2cad3a6af254

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 22712
expires: Wed, 21 May 2025 07:02:56 GMT
content-length: 28727
date: Tue, 20 May 2025 07:02:56 GMT
x-cloud-trace-context: 1599fac81f91df2676ac52380eeb6095
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 business-media-mags.png
www.theherald.co.za/static/icons/ 27 KB
27 KB 444ms
439ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/business-media-mags.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7b4bf3f11858ab9b179c27c5c503f5e9696a155fa8a822aff952ac039f702cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 13716
expires: Wed, 21 May 2025 09:32:52 GMT
content-length: 27350
date: Tue, 20 May 2025 09:32:52 GMT
x-cloud-trace-context: f99341ddecc8d51a1df942a8d3341fa7
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 arena-events.png
www.theherald.co.za/static/icons/ 21 KB
21 KB 486ms
481ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/static/icons/arena-events.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3055e41635b42441d8ab1d8ae4d93b8eae5e0e0cfe6b1e1e5b062452e55bbe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 63486
expires: Tue, 20 May 2025 19:43:22 GMT
content-length: 21494
date: Mon, 19 May 2025 19:43:22 GMT
x-cloud-trace-context: b52294c9a4613b65cf1ad63c1ce9d8bf
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 TheWeekendPostLogo.png
www.theherald.co.za/publication/custom/static/logos/ 27 KB
27 KB 427ms
422ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/publication/custom/static/logos/TheWeekendPostLogo.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "B7yMNA"
age: 8447
expires: Wed, 21 May 2025 11:00:41 GMT
content-length: 27673
date: Tue, 20 May 2025 11:00:41 GMT
x-cloud-trace-context: 6f46f0d0df2e17a180b5f8490a030a31
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 vicinity-v13.js Show response
static.vic-m.co/ads/ 18 KB
6 KB 343ms
110ms Script
application/javascript 2600:9000:2057:e400:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-v13.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e400:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ebd4167f95a059d52b0b64b69ec1348baf783010f6523be548121398b4ada21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: W/"976804446480c78f557db2ec50f46673"
age: 31073
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: W-bHpaaVi9-h7AqdXLo1fXB4wFC_ipGYySHmQoEyoKnmz9jklWD8Vw==
date: Tue, 20 May 2025 04:43:37 GMT
content-type: application/javascript
last-modified: Thu, 25 Nov 2021 14:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: accept-encoding

GET
H2 200 hl-cta-april.jpg
www.theherald.co.za/publication/custom/static/banners/ 23 KB
23 KB 462ms
458ms Image
image/jpeg 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/publication/custom/static/banners/hl-cta-april.jpg
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4b706e87eb8f1cbc821b60ca8a48fd575343d729ae876ff0a8d3498d0d997a79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "B7yMNA"
age: 3990
expires: Wed, 21 May 2025 12:14:58 GMT
content-length: 23834
date: Tue, 20 May 2025 12:14:58 GMT
x-cloud-trace-context: 9814a909df4aed7a8bea88f2ba9fb7bc
content-type: image/jpeg
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
110 KB 383ms
134ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64d4a16ae0b2252923c12068d68051452f024ec41ee9812cc16eb825019900ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires: Tue, 20 May 2025 13:21:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 20 May 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1317:0
content-length: 112030
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 273 KB
69 KB 315ms
91ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

bc7e9bef63bee8beb9c41c3452ce42e7310564b1feedd70d31120bebc7b5f50c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src data: 'nonce-UrXikfOS' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-UrXikfOS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=107, rtx=0, c=23, mss=1232, tbw=4951, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: IANTe/B0v7jDFBFOFzCpBBJBS99Sy9OapGqJA3SpaTb/vtgr4JeodLCDIo58tuESHwJAYBWgnBf8ZHEqp+c2lQ==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-UrXikfOS' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data:;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 70486
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 arena-holdings.logo.png
www.theherald.co.za/publication/custom/static/logos/ 17 KB
17 KB 455ms
453ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/publication/custom/static/logos/arena-holdings.logo.png
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 59124
expires: Tue, 20 May 2025 20:56:04 GMT
content-length: 17624
date: Mon, 19 May 2025 20:56:04 GMT
x-cloud-trace-context: 047ecc7f1631c742e8b55ddd04da4daf
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 entry.c1481c978a592da56500.bundle.js Show response
www.theherald.co.za/build/chunks/ 326 KB
117 KB 178ms
168ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a8b5056daee7df5afdeb87655defd55952361574b604c82124e11c9dfb102786

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 12175
expires: Wed, 20 May 2026 09:58:33 GMT
content-length: 119809
date: Tue, 20 May 2025 09:58:33 GMT
x-cloud-trace-context: 818fa5c2861266fd1497fc047ce39b10
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 section.91f9b52acd2c44e5f02e.bundle.js Show response
www.theherald.co.za/build/chunks/pages/ 566 KB
168 KB 155ms
146ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/pages/section.91f9b52acd2c44e5f02e.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a314379781e1a6e3e7aac9f94da571a04aa3eb8ce7a0eeb857b9adcd33f47e32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 4233
expires: Wed, 20 May 2026 12:10:55 GMT
content-length: 171355
date: Tue, 20 May 2025 12:10:55 GMT
x-cloud-trace-context: 9b215b00773e787ce6146557e95d465e
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.theherald.co.za/ 0
854 B 274ms
107ms XHR
text/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.theherald.co.za/scripts.js
Requested by: Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cf-cache-status: HIT
etag: 1B2M2Y8AsgTpgAmY7PhCfg==
age: 976
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwqSzVBOUK11xBWJWtarhX5tXQUPO50AxIHrmzjJb7uivFvN6PZo%2FK1QrT4cldEP%2FSNhPP6%2F3LKh6zGxFgV1oPeIWx5%2Bk99RDJa%2FQAGTK7k1pWb0wTrmZSx87N%2FD5YE3HUPS3r8%3D"}],"group":"cf-nel","max_age":604800}
x-amzn-requestid: d2f0cb82-7b64-49ca-8196-67b0ea6e8d93
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=90486&min_rtt=90309&rtt_var=34219&sent=9&recv=7&lost=0&retrans=0&sent_bytes=3687&recv_bytes=3107&delivery_rate=32759&cwnd=12000&unsent_bytes=0&cid=ce0df80c1a17b8aa&ts=176&x=16"
date: Tue, 20 May 2025 13:21:29 GMT
content-type: text/javascript
last-modified: Tue, 20 May 2025 13:05:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=7200, stale-if-error=300, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-apigw-id: K3ihbEhuDoEEd1A=
x-amzn-trace-id: Root=1-682c7e08-154d602813e3536613c19548;Parent=3afca48615789844;Sampled=0;Lineage=1:388d0713:0
cf-ray: 942c232cdaba4f25-AMS
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H2 200 Herald-LIVE.png
www.theherald.co.za/publication/custom/static/logos/ 7 KB
7 KB 297ms
296ms Image
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/publication/custom/static/logos/Herald-LIVE.png?v=1
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8fd9ad35ea3d4074bdf971bedf3d2dfbcde00e923092f7f411bfd1934e8bf0ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.css

Response headers

cache-control: public, max-age=86400
etag: "B7yMNA"
age: 12144
expires: Wed, 21 May 2025 09:59:05 GMT
content-length: 7038
date: Tue, 20 May 2025 09:59:05 GMT
x-cloud-trace-context: 3649eb16c9c0a10d7a7e1edc4cb87f0a
content-type: image/png
server: Google Frontend
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec33cc43d05664f74929cb753cdf04f66ba73473257f082fc7717d7b954e734

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 441 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2173b3cdda0cf2ff27fd43be01305db012504dcce029dd86fffdd6e3bdcec00c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac777ea188e8ccee426d393e7f1342690d46f663b47bae8f91c5c211f1469b43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2a9990b5ab8a3763ea16f7c935ab212973d92e9719afef5b5ca6e6889248216

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c03c4dfbfe553cf0b811a69759fea5f5ac587bbaa13763d0d87f8164db4d185

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8adbcf204a3c826be2a14d6f027cd2b30822b809d78ceb7bdb1430121326a86c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb6c9e0a309ee631c1fa8d1889fe9b8056020450d44b093cc6671eb7e6544de7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 417 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8059d2a16216c431adb7a31895daeeb717894f5568b5c54f3629dea1a4d3112b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1105a0b479a63d5678d955eeac868d9fd5534bd8d4bac6ee72787858e3cdb0c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 846 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c42c5950c2dd21affb3421af2b6b0e60a8e118d89683698fd5f0f15521f39a02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 424 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f05f7a272c98c8f1146999616a7e3eed0ca309aeff8f5e6b246cecef4e7a91e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90ea45cfb4c728d6071c97fd1f65b52bc42668a62cbb3b10b5eaa61bc1783dc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1016 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95682392508016389a0a0fbe3d3d6fc28b189a23ad6324848b3a690977bbfa34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b8fe388977dc868f48e91c2bacf4bc0600d05f8e75bc6261742cf5de824b983

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7c99b139663e6e98d1826be35e26a230e17106884539d79ac4cf4d6e59a3182

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b15697fb57fff965f51d4707fc896fc510f47dee6e9b43f2a8fb3d129560f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 419 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28f84a5da577a1727b91c00ad1e8b55edd66a2fc114badc00ee8bc6c6d64b213

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abe706eca9daab9a1e9ffe89765e99c035f3318ce820b61c9b78fab2f648db8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 435 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9def896b0a1e1a39fa6e33a54b4145b7736a434303be62caad2061a2fda3a8d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccd761a6b6b10aa2699bc7841289c5607feb17b403a1f6fea44b37ac6f2a14cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
H2 200 fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
www.theherald.co.za/build/publication/fonts/ 75 KB
76 KB 89ms
88ms Font
font/woff2 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/publication/fonts/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.theherald.co.za
Referer: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.css

Response headers

cache-control: public, max-age=31536000
etag: "7wba9Q"
age: 18204
expires: Wed, 20 May 2026 08:18:05 GMT
content-length: 77160
date: Tue, 20 May 2025 08:18:05 GMT
x-cloud-trace-context: f9a7d69171da1a6c9742285884752ebf
content-type: font/woff2
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 284ms
137ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.theherald.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 18546
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:12:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 08:12:23 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 228ms
81ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.theherald.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 19828
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:51:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:51:01 GMT
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51404
x-xss-protection: 0
server: sffe

GET
H3 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
1 KB 413ms
99ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "5d9d0124-a4e"
age: 13755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xr8R158%2F7jdAn2BPNuWFhwlRwRXSQ0acp01nYmxGelVwL0OtbMVAEsSESKJmxNymHXVlYgJAhI5ivGO0sXGDTW8OfwM5SJPtSfdxZ8kk%2B%2F%2BZALaoaJ5%2Fxnhh99mltnqOwOC"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c232eb971312a-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=113935&min_rtt=113850&rtt_var=42862&sent=10&recv=7&lost=0&retrans=0&sent_bytes=3649&recv_bytes=3068&delivery_rate=25538&cwnd=12000&unsent_bytes=0&cid=8d84b6585725ec5d&ts=320&x=16"
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

3189 Show response
iframe.iono.fm/c/ Frame 351F
Redirect Chain

https://embed.iono.fm/chan/3189
https://iframe.iono.fm/c/3189?layout=legacy&download=1

6 KB
2 KB

76ms
63ms

Document
text/html

209.38.182.90
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.38.182.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 49a04dd8dc61ba33d0eee579be2dc9e18b6dd7a4b1a3e9aec2de847369453ec9

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=1800, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 May 2025 13:21:29 GMT
p3p: CP="This site does not have a p3p policy."
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-cache: HIT
x-country-code: DE

Redirect headers

access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cache-control: no-cache no-transform
content-type: text/html; charset=UTF-8
date: Tue, 20 May 2025 13:21:29 GMT
location: https://iframe.iono.fm/c/3189?layout=legacy&download=1
p3p: CP="This site does not have a p3p policy."
server: nginx
x-cache: MISS
x-country-code: DE

GET
H2 200 loading.gif
www.theherald.co.za/publication/custom/pages/video/ 7 KB
7 KB 256ms
250ms Image
image/gif 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/publication/custom/pages/video/loading.gif
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/pages/section.91f9b52acd2c44e5f02e.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2b1763d24e3acf050e8250cd24653fcd1e3901ff058d05fb06aa7da3cf362d53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/build/chunks/pages/section.91f9b52acd2c44e5f02e.bundle.css

Response headers

cache-control: public, max-age=86400
etag: "B7yMNA"
age: 2015
expires: Wed, 21 May 2025 12:47:54 GMT
content-length: 7332
date: Tue, 20 May 2025 12:47:54 GMT
x-cloud-trace-context: a178edf9f5c7446f00c58c50117e1df3
content-type: image/gif
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 f4-kRNbfnXAyrTdzSEY5BSVQ3GzwDX2HAaZNnd8mrjtxKjzNbaQjox0g7geBem4c3afVfv16BsNB_8CNOfWQvZyKE0r8dC_J2bE
lh3.googleusercontent.com/ 27 KB
27 KB 381ms
79ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/f4-kRNbfnXAyrTdzSEY5BSVQ3GzwDX2HAaZNnd8mrjtxKjzNbaQjox0g7geBem4c3afVfv16BsNB_8CNOfWQvZyKE0r8dC_J2bE

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a8019dc1a9f5840ba7b8cbd35b2d3ffb2a05d041d2748ca099e1f7ba090b245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 4392
x-content-type-options: nosniff
expires: Wed, 21 May 2025 12:08:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 12:08:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27730
x-xss-protection: 0
server: fife

GET
H2 200 vsxJjFltr1v1JnTAchXOiOpkO84MFK0Xf4JFATvbNW9FP3-w7O2ssFnh5k_bkGavJTBovF2B9c4mgzMTg-dFw0IfyJL3QjdRXPo
lh3.googleusercontent.com/ 13 KB
13 KB 493ms
192ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/vsxJjFltr1v1JnTAchXOiOpkO84MFK0Xf4JFATvbNW9FP3-w7O2ssFnh5k_bkGavJTBovF2B9c4mgzMTg-dFw0IfyJL3QjdRXPo

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3fd0ef658b0f6d6dfc3820cab411b2ceb9ccf298a2b6f1e9c542d4360f3fb922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 8078
x-content-type-options: nosniff
expires: Wed, 21 May 2025 11:06:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 11:06:51 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12880
x-xss-protection: 0
server: fife

GET
H2 200 yHvkkz_ZgwuKCZqqAPSjlLyHUVO2pZzFTQdvy731J5yqwXKxe1Y2G9YKMKznTS502wIgIjswVcCm1Qr38H37kxRh8OOOaqnNn3g
lh3.googleusercontent.com/ 26 KB
26 KB 454ms
154ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/yHvkkz_ZgwuKCZqqAPSjlLyHUVO2pZzFTQdvy731J5yqwXKxe1Y2G9YKMKznTS502wIgIjswVcCm1Qr38H37kxRh8OOOaqnNn3g

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03e1ee9aeba4ad828e28642ba80b4a4e67bf21c7dacf46b6941968be182be4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1203
x-content-type-options: nosniff
expires: Wed, 21 May 2025 13:01:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:01:26 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 26478
x-xss-protection: 0
server: fife

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80a1b22758cebc0f9604c91479d23041a6856ae5cb78a2d0214e581a48f99a3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 824ea7e511e295d4fd1402429e914a65e3c47dd67acab71246e0fd26d0034580

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 129c089c73ec2a7aad58d699f700d4c3b437354405d0bf86981f39cb53789c03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
H2 200 image_fallback.jpg
www.theherald.co.za/publication/custom/static/logos/ 9 KB
9 KB 255ms
253ms Image
image/jpeg 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.theherald.co.za/publication/custom/static/logos/image_fallback.jpg
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/pages/section.91f9b52acd2c44e5f02e.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b8d94b2f8e9978b3ce65fa1a0d7ec81815c8abc53da8fb69f87263ac70485ddb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/build/chunks/pages/section.91f9b52acd2c44e5f02e.bundle.css

Response headers

cache-control: public, max-age=86400
etag: "B7yMNA"
age: 3313
expires: Wed, 21 May 2025 12:26:16 GMT
content-length: 9411
date: Tue, 20 May 2025 12:26:16 GMT
x-cloud-trace-context: 49f13d45022191086fb099aaec3b9989
content-type: image/jpeg
server: Google Frontend
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 413 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b574c1700ee835003e8b69479c6245863f3d804f67d84904ff6b515c10937e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0a2bcd07f115a6d3fd6bb38fac40b07a75227ac5a820c7712c50712f0f7724b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 396 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 384712141f3921b144b82970bb1b742f9bf770229b117e4bfd46052522978a81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 445 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e6fb9dce51290d355e74bbca6c3512f36c284d66d578ed242445c86419cfc6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 424 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c574636afddf21537f796f6e687f6ab9a428a48f453b13f0565c5d1c8751c31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 407 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ee4c81206453ca46bf299eb3cde05ca8a79a00dbfa336c7b31f273173ccd8b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 430 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 332cb6f4bbbbf7bffb2507933ac1b512a0bb67ff68ae509c15403b8740fade38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecdc9b0fb268c7020b8d55e4d71384aa0001c0b2a1c2fc940fae47d4f5e065d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cd7bdfb26a3b9d9d97c007ba439bc241b15debdf25833a7baf29e1686f424e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f5e734cc8790f3deeff2b0cbc949a752c116a3ce59ddc1eb1f68221862d7a9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 943 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdfc439ea8d7a3ece1d97f544f5539d8a0c23df352dbf057be3b3d84449fc560

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 463 B
0 Image
image/jpg

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfae61a3ea95b6942156aba8dd6b6935cc6481509e2480cb15becf8e4d7b1633

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpg

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 229ms
85ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

109736135dc84f02f379825bd2b48998e17068eaf1f085df5f52e80537a4257d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.theherald.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 19831
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:50:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:50:58 GMT
last-modified: Wed, 01 May 2024 20:31:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22744
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/ 536 KB
169 KB 91ms
76ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3634424a32af09c3bb51c3c71085436a4b4bc7a1151ed12f252e6c45c188b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 840089204709235314
age: 19950
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:48:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 172721
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/ 63 KB
23 KB 91ms
77ms Other
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/gpt

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4122429157068215054
age: 19893
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:49:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:49:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23104
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505150101"

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 75ms
73ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

2d0b4d6d6cadd55282ebe57c15b538ce21570435b6354e02930c301ce555ec44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-md5: upiVW+XFPaN+SgB6Ea0W/w==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "b7322b22a9da1708b40a020f9e417229"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:23:27 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 8cf65cfa8855eda33f9454894081dc2e
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=48, mss=1232, tbw=81815, tp=75, tpl=0, uplat=0, ullat=-1
x-fb-debug: PO/AYYX1LLA6utruFU6NPwxSWplMWOrPc0ATMVDnAScpQQhUN4+aZTIcjwfDE9gHeVj+IEkcgVtg1L0jbtpA+A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H3 200 2837651136267650 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 62ms
61ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/2837651136267650?v=2.9.202&r=stable&domain=www.theherald.co.za&hme=1176bfe419ac27e059a43d3ca1b7b749889cd7631eab574b2b915396f4ce500a&ex_m=74%2C129%2C114%2C118%2C65%2C6%2C107%2C73%2C19%2C101%2C93%2C55%2C58%2C184%2C205%2C212%2C208%2C209%2C211%2C32%2C108%2C57%2C81%2C210%2C179%2C182%2C206%2C207%2C192%2C141%2C45%2C197%2C194%2C195%2C37%2C153%2C18%2C54%2C201%2C200%2C143%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C115%2C56%2C117%2C42%2C116%2C33%2C98%2C43%2C90%2C29%2C180%2C183%2C150%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C106%2C109%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C111%2C110%2C112%2C103%2C13%2C23%2C4%2C41%2C78%2C22%2C162%2C137%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C119%2C91%2C5%2C51%2C50%2C102%2C89%2C249%2C177%2C127%2C165%2C158%2C3%2C39%2C67%2C46%2C113%2C49%2C83%2C64%2C63%2C34%2C104%2C62%2C59%2C53%2C82%2C76%2C27%2C105%2C11%2C120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

7ee69efc1b14d90502563b8246f8bfce88b8b3f519a96682693b584d60aad6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-VmcoU6bB' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-VmcoU6bB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=48, mss=1232, tbw=84071, tp=80, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: eHmbiGhhPwJwZYMaafspDNKFnJW8FPL9CKUZeE/khy5Y6ajTxzxF2fnbRbl46z6WEia8b2HC681TBJEgSLmyUw==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-VmcoU6bB' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14095
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 189ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
age: 1029
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 15:04:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:04:20 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H3 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
6 KB 167ms
29ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03faa-43d5"
age: 345508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vpHM28zI70Kwtibuh2x3R1mWJaa5YVRR6MludEZjSzrNO5MABq5W1xcb%2FZ%2BAbJC1ecgPVNh52ZDgXc0ch7eZMhjVtIvAHzUNHVrk6pwGNtVg%2FqmMZm0gW3dL9E5jZ%2FuYW9pgCQSY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 10 May 2026 13:21:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:38 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 942c23314af2170a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4996
server: cloudflare

GET
H2 200 newrelic.iframe.js Show response
iframe.iono.fm/js/ Frame 351F 7 KB
3 KB 59ms
58ms Script
application/javascript 209.38.182.90
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://iframe.iono.fm/js/newrelic.iframe.js
Requested by: Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.38.182.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c8b61485fcaad0a1729b7034c89ad9ce302b91beb0ae6a9762a5b38d3c853c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

cache-control: public, max-age=86400, no-transform
content-encoding: gzip
etag: W/"67ee6937-1c8c"
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Apr 2025 10:55:51 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 351F 423 KB
141 KB 212ms
5ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VPD4RSZGP6

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f56944bd1ef787d13dcfea353fa714c5bcda76c23b77ee92177cfa5ac695c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 20 May 2025 13:21:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 143239
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 waveform-data-2.1.2.min.js Show response
iframe.iono.fm/js/ Frame 351F 8 KB
2 KB 56ms
53ms Script
application/javascript 209.38.182.90
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://iframe.iono.fm/js/waveform-data-2.1.2.min.js
Requested by: Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.38.182.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 796cb93bbe68ef65236b9efa5006b285a79db067308e0b6a0fabf57404aef00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

cache-control: public, max-age=86400, no-transform
content-encoding: gzip
etag: W/"67ee6937-1e87"
date: Tue, 20 May 2025 13:21:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Apr 2025 10:55:51 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 player.js Show response
p2.iono.fm/bundle/0.16.0/ Frame 351F 254 KB
76 KB 249ms
16ms Script
application/javascript 164.90.242.8
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://p2.iono.fm/bundle/0.16.0/player.js?v=2.0.12.0

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.90.242.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bd7354a8872df579fcf9a7b3eb752118e746bb462e9a67cfc3bb8ec333e331ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://iframe.iono.fm
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=5184000
content-encoding: gzip
etag: W/"1390fb130c011e1e7837cc8cc07b2def"
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
date: Tue, 20 May 2025 13:21:30 GMT
x-rgw-object-type: Normal
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
last-modified: Fri, 28 Mar 2025 13:03:01 GMT

GET
H2 200 player-ui.js Show response
p2.iono.fm/bundle/0.16.0/ Frame 351F 193 KB
58 KB 282ms
50ms Script
application/javascript 164.90.242.8
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://p2.iono.fm/bundle/0.16.0/player-ui.js?v=2.0.12.0

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.90.242.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

327ce271c596ddae3cbbf50fd588abec3d1bda149839e65c03b9ba44503999f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://iframe.iono.fm
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=5184000
content-encoding: gzip
etag: W/"dc6cb75c06f35151359e4f563e879009"
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
date: Tue, 20 May 2025 13:21:30 GMT
x-rgw-object-type: Normal
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
last-modified: Fri, 28 Mar 2025 13:03:00 GMT

GET
H2 200 legacy.js Show response
p2.iono.fm/bundle/0.16.0/layouts/ Frame 351F 234 KB
73 KB 297ms
65ms Script
application/javascript 164.90.242.8
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://p2.iono.fm/bundle/0.16.0/layouts/legacy.js?v=2.0.12.0

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.90.242.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e43289f30e7364675b1b39599ab752252f3423d3b4716e2ed8e2b61e650cfd44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://iframe.iono.fm
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=5184000
content-encoding: gzip
etag: W/"e19d59b1059d55bbb1909ef8979b6733"
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
date: Tue, 20 May 2025 13:21:30 GMT
x-rgw-object-type: Normal
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
last-modified: Fri, 28 Mar 2025 13:02:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 363 KB
124 KB 130ms
50ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&cx=c&gtm=45He55g2v78478613za200&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60eb911327a73584c3a051a02604fa83fbbece9f75b1e5ab9219f9a5544afb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 20 May 2025 13:21:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 126070
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 370 KB
125 KB 144ms
68ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BWERR8GS85&cx=c&gtm=45He55g2v78478613za200&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eb19f06a90ae5a40c6b3f027603cdb3e806ddaa1744157d26b18cfb5dd69508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 20 May 2025 13:21:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 127706
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 249 KB
74 KB 42ms
38ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0e954424bba9c2e7001f9615146d548f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

e8fc8b33a1a00837252f75f4c47e81d10c3643cb2244c0cf4eb21fc43e33fba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.theherald.co.za
Referer: https://www.theherald.co.za/

Response headers

content-md5: dnZuEuxItVb5gsZHPLGfFw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "9c4bf2fd09268302c2efa94ccaf9f1be"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 10:27:04 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 309f0c4094890d4de8d3db99b38bd4e8
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=2330, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug: wtFpAov3GpKgzzOj91abTXkBxdvVB+1UlJFb0xgB3Uhd1FrKBBTTVIhIlG7J8UsBbJB3oI+vpwHieFtTKaX1yg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 75305
origin-agent-cluster: ?1

GET
H2 200 JYnmzyRpwLXPR5SCbJh1WHqhV4QtQeezUV_3bkl6ttwZ1m6KbYwhm9aKG5fD2xh4QDUMVgrYjqPICTmc1sb_4z8Vt-0_WElND00rKv3as-2zUA=w460
lh3.googleusercontent.com/ 36 KB
36 KB 38ms
22ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/JYnmzyRpwLXPR5SCbJh1WHqhV4QtQeezUV_3bkl6ttwZ1m6KbYwhm9aKG5fD2xh4QDUMVgrYjqPICTmc1sb_4z8Vt-0_WElND00rKv3as-2zUA=w460

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

648608f9243885b196e13b50367d3d9bd63d22e6b0a0b44c07fee4adf6bde962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1203
x-content-type-options: nosniff
expires: Wed, 21 May 2025 13:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:01:27 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 36800
x-xss-protection: 0
server: fife

GET
H2 200 6U6-rGEuF7aQxiTqsaK6W8lzFm7QxJwiUj1L4pno_rHQKtDjP14b9Duv0xv6f5cciPyUKCWx0S4Yjnc7C2u3zTJB3hlhAuXzjt4zZphAIxQG=w460
lh3.googleusercontent.com/ 28 KB
28 KB 93ms
84ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6U6-rGEuF7aQxiTqsaK6W8lzFm7QxJwiUj1L4pno_rHQKtDjP14b9Duv0xv6f5cciPyUKCWx0S4Yjnc7C2u3zTJB3hlhAuXzjt4zZphAIxQG=w460

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4157f55078136788028c92c1f845ea64c68a77656a6a6dafda3a995fd16da2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1204
x-content-type-options: nosniff
expires: Wed, 21 May 2025 13:01:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:01:26 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 28342
x-xss-protection: 0
server: fife

GET
H2 200 X9EllxbbmO3aLjm-ErIPqKrYOmSzHFXEKdk_wu-lb5b9DLFkwv2lCINMi7E78IH5PL60yoiB6wbKFW4b2VTcyGWKlbTNYplfkf7Wnbf9wbc=w460
lh3.googleusercontent.com/ 46 KB
46 KB 66ms
57ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/X9EllxbbmO3aLjm-ErIPqKrYOmSzHFXEKdk_wu-lb5b9DLFkwv2lCINMi7E78IH5PL60yoiB6wbKFW4b2VTcyGWKlbTNYplfkf7Wnbf9wbc=w460

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c8bc743e40525b54035519687a35ce385942202026977a1dfb4cec0e1311d7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 11809
x-content-type-options: nosniff
expires: Wed, 21 May 2025 10:04:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 10:04:41 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 46797
x-xss-protection: 0
server: fife

GET
H2 200 kqfP_iPvY0tUmyXZHU9L7Ma4k535q0HKzRgv4M0ZYun7-zoXi3SSF_bDnE5hbdS9ImiXrhacz3Uv8bGAlWpkupy0dIWSqOFjBWnrt0HwawQX=w460
lh3.googleusercontent.com/ 34 KB
34 KB 93ms
84ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kqfP_iPvY0tUmyXZHU9L7Ma4k535q0HKzRgv4M0ZYun7-zoXi3SSF_bDnE5hbdS9ImiXrhacz3Uv8bGAlWpkupy0dIWSqOFjBWnrt0HwawQX=w460

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31780750855bad13e6a26bdecb9bec580f758c98218c4de3a01ef1ba054fdfdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 5540
x-content-type-options: nosniff
expires: Wed, 21 May 2025 11:49:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 11:49:10 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 34664
x-xss-protection: 0
server: fife

GET
H2 200 JEEhApHpbvM4w5rljSfQbE3L_7_KG6icrsubXmxdYZE4nwO5YAb86VDRe9FdpscoduS2muaF2l3RHEKkbqNRRpf36fBCkpTVtLntmr80LBMX=w460
lh3.googleusercontent.com/ 261 KB
261 KB 167ms
159ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/JEEhApHpbvM4w5rljSfQbE3L_7_KG6icrsubXmxdYZE4nwO5YAb86VDRe9FdpscoduS2muaF2l3RHEKkbqNRRpf36fBCkpTVtLntmr80LBMX=w460

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

98e2244f00c0d17d2a159556f43a8bf53d3512963fe6ab866419b3abf7ca6ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1204
x-content-type-options: nosniff
expires: Wed, 21 May 2025 13:01:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:01:26 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 267105
x-xss-protection: 0
server: fife

GET
H2 200 KK15QkHGvXwaopPvhC_Y9AurZA9ePhBiZGKb-sR8kf1S2hGyc6VE1DO5n4k4Jjo8YXeHB0P_GsuVhp3YaBdy7F7WJsu_8hcG3UPOKj0hEqc=w460
lh3.googleusercontent.com/ 49 KB
49 KB 123ms
115ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/KK15QkHGvXwaopPvhC_Y9AurZA9ePhBiZGKb-sR8kf1S2hGyc6VE1DO5n4k4Jjo8YXeHB0P_GsuVhp3YaBdy7F7WJsu_8hcG3UPOKj0hEqc=w460

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bd46545f1a794103670b3ad89ebc6af711e6e620c56109703b0d38dd444199ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1204
x-content-type-options: nosniff
expires: Wed, 21 May 2025 13:01:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:01:26 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 50095
x-xss-protection: 0
server: fife

GET
H2 200 WJ-ilPdULR7EPnwr-3CMqIGT86kPuiSpTz5gZAp4Rz6mcTdYf_G9gis6nTPSkC2YnZKa_MP_uhlTpnKpDlhqrtfxtXJPbA3o5zD_I8kdmgd0=w225
lh3.googleusercontent.com/ 43 KB
43 KB 123ms
115ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WJ-ilPdULR7EPnwr-3CMqIGT86kPuiSpTz5gZAp4Rz6mcTdYf_G9gis6nTPSkC2YnZKa_MP_uhlTpnKpDlhqrtfxtXJPbA3o5zD_I8kdmgd0=w225

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f08af3740c291bc09703333d567089bfdd4894f6ca5ead480fce0f3ae8871aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 9201
x-content-type-options: nosniff
expires: Wed, 21 May 2025 10:48:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 10:48:09 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 43594
x-xss-protection: 0
server: fife

GET
H2 204 sync
spadsync.com/ 0
0 393ms
32ms Fetch 34.8.2.179
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://spadsync.com/sync?sptoken=d4262e48-ed55-4140-b533-a8d8ea0b20cc&sspid=MAB&ssphost=www.theherald.co.za
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.8.2.179 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 179.2.8.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:30 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 130 KB
37 KB 345ms
230ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C1x1%2C1x2&ifi=1&dids=gpt_unit_%2F5963%2FHeraldLive%2Fhome~gpt_unit_%2F5963%2FHeraldLive%2Fhome~div-gpt-ad-thirdparty-1&adfs=~~1342090526&sfv=1-0-44&ists=4&fas=8%2C1%2C0&itsi=-1&fsapi=4&dap=4&sc=1&lrm=100&abxe=1&dt=1747747290153&lmt=1747747290&adxs=-9%2C-9%2C0&adys=-9%2C-9%2C-1&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=0x-1%7C0x-1%7C1600x0&msz=0x-1%7C0x-1%7C1600x0&fws=2%2C2%2C0&ohw=0%2C0%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3Dinterstitial%7CPos%3DSticky%26refresh%3Dtrue%7Cpos%3Dthirdparty-1%26refresh%3Dfalse&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=1245907037%2C3578462630%2C880131872&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb9864%2C44313ed6-e96c-4560-adb5-b7d183fb9865%2C44313ed6-e96c-4560-adb5-b7d183fb9866&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3d8a83f5693ae10cf955942743ffb46d43b49bd3d0eb6eebd1aad3327bf772a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 5938000942,-2,-2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:30 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138517323759,-2,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 37777
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame DFB1 7 KB
3 KB 161ms
26ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:30 GMT
expires: Tue, 20 May 2025 13:21:30 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/ 54 KB
18 KB 27ms
25ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7e5e352e5d8df49fe0434fc6441abfd989bfbc31e021260e8ee42479fa0da800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 16352673308402665248
age: 6206
x-content-type-options: nosniff
expires: Wed, 20 May 2026 11:38:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 11:38:04 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 18240
x-xss-protection: 0
server: cafe

GET
H2 200 5.f12aac413596fe1aa54a.bundle.css
www.theherald.co.za/build/publication/ 29 KB
6 KB 40ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/publication/5.f12aac413596fe1aa54a.bundle.css
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6929bd28b251e2f2422e60ea53fe985df8c7810a7292d762160f7310966e8e8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "7wba9Q"
age: 87293
expires: Tue, 19 May 2026 13:06:37 GMT
content-length: 6051
date: Mon, 19 May 2025 13:06:37 GMT
x-cloud-trace-context: f6fde6aaa144bdc349c01c28e5e6e125
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 oo~d9aca0d0.f12aac413596fe1aa54a.bundle.js Show response
www.theherald.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/ 196 KB
63 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/oo~d9aca0d0.f12aac413596fe1aa54a.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 67751df0cd95c23ee77f9373949057a88d936658eeb43381dd33c0ea13b68e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "7wba9Q"
age: 86980
expires: Tue, 19 May 2026 13:11:50 GMT
content-length: 64111
date: Mon, 19 May 2025 13:11:50 GMT
x-cloud-trace-context: 2afcd0d3ce321745687b6f89d9a35c69
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 oovvuu-edit-dialog-index-js.0e033137595305200a72.bundle.js Show response
www.theherald.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/ 48 KB
10 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.0e033137595305200a72.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f70676a9f819a4f001f4ebf27e678f965a1b07302728537529316c0d5ebb82df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "7wba9Q"
age: 188054
expires: Mon, 18 May 2026 09:07:16 GMT
content-length: 9987
date: Sun, 18 May 2025 09:07:16 GMT
x-cloud-trace-context: 51fbc269f4ad4a9eab634b3dff211204
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 entry.shell.js.4f37a76422de731e0f1f.bundle.js Show response
www.theherald.co.za/build/chunks/base/app/entry/ 18 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/base/app/entry/entry.shell.js.4f37a76422de731e0f1f.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b0c92c4124c23232551b1d819429c696a5b8fb09a11c10f7af7a6c925c585297

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 12235
expires: Wed, 20 May 2026 09:57:35 GMT
content-length: 7016
date: Tue, 20 May 2025 09:57:35 GMT
x-cloud-trace-context: 54785bff614eb9ce7be1b73744134e1f
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 / Show response
weatherwidget.io/w/ Frame D7C1 3 KB
2 KB 71ms
42ms Document
text/html 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62aba3546baccac5aba72413337f0216c67f8354349e8306dd208d4fcf4cb4f

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 14290
alt-svc: h3=":443"; ma=86400
cache-control: public; max-age=14400
cf-cache-status: HIT
cf-ray: 942c233519b83441-AMS
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 20 May 2025 13:21:30 GMT
last-modified: Tue, 20 May 2025 07:52:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cUmKAxYlOSe2LYNVI9Vcof2Hd80I6ZSJewDoMEy5vwJfxHQjIdglzWchX0FOWxDl4USNEte2y%2FqzNe2JBP3uRJxVYOKMn4GVLKooyF1HJH4Q1U1%2BoaMMbXCoFT6RbBVQzPJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22265&min_rtt=22246&rtt_var=8380&sent=9&recv=6&lost=0&retrans=0&sent_bytes=3631&recv_bytes=3145&delivery_rate=129822&cwnd=12000&unsent_bytes=0&cid=7c210a92c5d63340&ts=45&x=16"
vary: Accept-Encoding

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 136ms
112ms Fetch
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=2837651136267650

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2837651136267650?v=2.9.202&r=stable&domain=www.theherald.co.za&hme=1176bfe419ac27e059a43d3ca1b7b749889cd7631eab574b2b915396f4ce500a&ex_m=74%2C129%2C114%2C118%2C65%2C6%2C107%2C73%2C19%2C101%2C93%2C55%2C58%2C184%2C205%2C212%2C208%2C209%2C211%2C32%2C108%2C57%2C81%2C210%2C179%2C182%2C206%2C207%2C192%2C141%2C45%2C197%2C194%2C195%2C37%2C153%2C18%2C54%2C201%2C200%2C143%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C115%2C56%2C117%2C42%2C116%2C33%2C98%2C43%2C90%2C29%2C180%2C183%2C150%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C106%2C109%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C111%2C110%2C112%2C103%2C13%2C23%2C4%2C41%2C78%2C22%2C162%2C137%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C119%2C91%2C5%2C51%2C50%2C102%2C89%2C249%2C177%2C127%2C165%2C158%2C3%2C39%2C67%2C46%2C113%2C49%2C83%2C64%2C63%2C34%2C104%2C62%2C59%2C53%2C82%2C76%2C27%2C105%2C11%2C120

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-6Wm7S53i' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .fb.com .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7506517452689619903&cpp=C2e&cv=1023005435&st=1747747290598"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:30 GMT
content-type: image/png
vary: Origin, Accept-Encoding
x-fb-debug: K8MMyfX7dPcDALjEsZuWJaT32/DZkxx/tsnIqIzIrGpFA8QjTriHvk82GXXLQSljMAf7NDTMLPUI9v/YDAHimw==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7506517452689619903&cpp=C2e&cv=1023005435&st=1747747290598", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-6Wm7S53i' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.fb.com *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=24, mss=1232, tbw=4985, tp=10, tpl=0, uplat=104, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 34ms
9ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.theherald.co.za%2F&rl=&if=false&ts=1747747290491&sw=1600&sh=1200&v=2.9.202&r=stable&ec=0&o=4126&fbp=fb.2.1747747290485.428853559499355235&ler=empty&cdl=API_unavailable&it=1747747289594&coo=false&exp=k2&rqm=GET

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4998, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 20 May 2025 13:21:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 248ms
224ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.theherald.co.za%2F&rl=&if=false&ts=1747747290491&sw=1600&sh=1200&v=2.9.202&r=stable&ec=0&o=4126&fbp=fb.2.1747747290485.428853559499355235&ler=empty&cdl=API_unavailable&it=1747747289594&coo=false&exp=k2&rqm=FGET

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-TOqjHQBD' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .fb.com .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7506517452482174657&cpp=C2&cv=1023005435&st=1747747290598"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 20 May 2025 13:21:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: EtUciGPfegscvpCzvQLGeKS2vQQh1fmZQ/1noqF0bRrPjjF/z1NReG/RLp2OVVLVVl9lI23VEdbwm8x93ylHfA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7506517452482174657&cpp=C2&cv=1023005435&st=1747747290598", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-TOqjHQBD' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.fb.com *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=24, mss=1232, tbw=5366, tp=13, tpl=0, uplat=207, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 28 KB
12 KB 822ms
820ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600%7C250x250%7C300x250%7C300x600&ifi=4&dids=div-gpt-ad-block-1&adfs=4210119047&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290549&lmt=1747747290&adxs=1073&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=303x0&msz=303x0&fws=0&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3Dblock-1%26refresh%3Dtrue&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=1218868351&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb9869&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1a1d7c890039158bdc69bd81bfe35f7280684bdb6ec736ce251a2839cf8495db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 6129934209
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138407565476
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 12598
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 511 B
245 B 158ms
157ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&dids=div-gpt-ad-wallpaper&adfs=1230625318&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290557&lmt=1747747290&adxs=0&adys=-1&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=1600x1&msz=1600x0&fws=0&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3DSkin%26refresh%3Dfalse&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=2120079087&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb9867&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c0f30c3e514dd6f51cd9a2811a36ef19d8171c7d8c09b48ad86cabfb67555e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:30 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 216
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 28 KB
12 KB 554ms
553ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x240%7C125x125%7C180x150%7C200x200%7C234x60%7C250x250%7C300x50%7C300x100%7C300x250%7C320x50%7C320x100%7C336x280%7C468x60&fluid=height&ifi=6&dids=div-gpt-ad-native-2&adfs=802867901&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290563&lmt=1747747290&adxs=573&adys=2762&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=636x-1&msz=636x-1&fws=4&ohw=666&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3Dnative-2%26refresh%3Dtrue&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=4045471498&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb9872&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b276949c30380b6d6e6ca5ca6a9aa657e2ebad37d2de9ca0377952c4196cc1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 6129934227
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138407566253
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 12595
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 28 KB
12 KB 439ms
438ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600%7C250x250%7C300x250%7C300x600&ifi=7&dids=div-gpt-ad-block-2&adfs=3244129662&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290568&lmt=1747747290&adxs=1073&adys=1086&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=303x250&msz=303x250&fws=512&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3Dblock-2%26refresh%3Dtrue&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=1218868350&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb986a&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fe8489843618060fe3b0cea29d9eaf82b7f8257ab0384fdf751d2fa9479fa831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 6129934215
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138407565479
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 12322
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 90 KB
42 KB 732ms
732ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%7C1000x90%7C1000x250&ifi=8&dids=div-gpt-ad-banner-1&adfs=1851795649&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290577&lmt=1747747290&adxs=436&adys=192&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3Dbanner-1%26refresh%3Dtrue&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=3239418400&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb9868&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b6fdcc6b8bea9c6c36e182fe044686249329f9505797513734d29cd1260a9a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: -1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 42726
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 106 KB
27 KB 1026ms
1025ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x240%7C125x125%7C180x150%7C200x200%7C234x60%7C250x250%7C300x50%7C300x100%7C300x250%7C320x50%7C320x100%7C336x280%7C468x60&fluid=height&ifi=9&dids=div-gpt-ad-native-1&adfs=1512993210&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290584&lmt=1747747290&adxs=573&adys=1832&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=636x-1&msz=636x-1&fws=4&ohw=666&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=pos%3Dnative-1%26refresh%3Dtrue&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=4045471499&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb9871&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a39ac99a3782718d51c7580327029daf48f60340870208080bc6827caf8d3be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: -1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 27121
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 28 KB
12 KB 1134ms
1133ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=6877100148549309&correlator=206019200274962&eid=31090593%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fifs&iu_parts=5963%2CHeraldLive%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C768x1024&fluid=height&ifi=10&dids=div-gpt-ad-banner-2&adfs=592759797&sfv=1-0-44&sc=1&lrm=100&abxe=1&dt=1747747290588&lmt=1747747290&adxs=436&adys=3527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theherald.co.za%2F&vis=1&psz=1000x0&msz=970x0&fws=0&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747288454&idt=1314&prev_scp=refresh%3Dtrue&cust_params=scope%3Dhome%26publication%3Dherald-live%26section%3D%26subsection%3D&adks=224079755&frm=20&eoidce=1&td=1&egid=36713&tan=44313ed6-e96c-4560-adb5-b7d183fb986b&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e408f544ef25eeb9f5b41b69bfc1737562a96ae197f47a1b80fdbf809b861d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 6129934230
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138407566256
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 12597
x-xss-protection: 0
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
455 B 33ms
30ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1296918067&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theherald.co.za%2F&ul=de-de&de=UTF-8&dt=The%20Herald%20-%20Local%20Nelson%20Mandela%20Bay%20and%20Garden%20Route%20news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAEKAB~&jid=1360502131&gjid=154887723&cid=2075885676.1747747291&tid=UA-2619645-1&_gid=789460829.1747747291&_r=1&_slc=1&gtm=45He55g2n81T2RR9NNv78478613za200&cd1=&cd2=no&cd3=&cd4=n%2Fa&cd5=&cd6=no&cd7=&cd8=Home&cd9=no&cd10=&cd11=&cd12=&cd13=eastern%20province%20herald%20sports%2C%20port%20elizabeth%20news%20paper%2C%20ep%20herald%2C%20eastern%20cape%20news%20headlines%2C%20the%20ep%20herald%20online%2C%20port%20elizabeth%20herald%20classifieds%20social%2C%20lifestyle%2C%20my%20herald%2CCompetitions&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=1747747288560&cd27=0&cd28=&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&z=673254922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theherald.co.za/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.theherald.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 3
server: Golfe2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 351F 52 KB
21 KB 90ms
28ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

content-encoding: gzip
age: 1911
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 14:49:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 12:49:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H3 200 if_w.css
weatherwidget.io/w/css/ Frame D7C1 17 KB
3 KB 31ms
30ms Stylesheet
text/css 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/css/if_w.css
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2c51e1528f4f0f0a900c9c041a720a25f4a27ea6f60eb7e1ecaf16a5813cee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "5d9892b8-42a3"
age: 12474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDLQsnPMfTuITmgPT2q4LPSWzYRRMeTRnle1h9mc7lNUZPDo0o4MqLO0oIhRJTSXWqtR%2FyGDaJzXfiQx9xTEFi%2FqvWp6csBoyLD90Q8D8DoKEn9GyvA9Tbjn9si5M%2B6ng4VZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c23389a4f3441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33261&min_rtt=22246&rtt_var=15097&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5627&recv_bytes=3696&delivery_rate=64062&cwnd=12000&unsent_bytes=0&cid=7c210a92c5d63340&ts=587&x=16"
date: Tue, 20 May 2025 13:21:30 GMT
content-type: text/css
last-modified: Sat, 05 Oct 2019 12:55:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 angular-1.5.8.min.js Show response
weatherwidget.io/w/js/ Frame D7C1 160 KB
56 KB 34ms
34ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e37bad01d25cbecb3e6f6d477725ce6ea43637a94510cd27baf1068e319826ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "5b2a4dec-28026"
age: 6309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLQzvBjmbYQx%2BbmcZoGhkAKxDnMkCc5oMEnab8IDlNhgewbK3wV%2BVduiNkcMhsVH3ob9jYC6IOGU1TZaNdX2O%2FqZEs52ROFAID9dZejKxiKGXl0JL6cavrFdBKkukEGDkVw7"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c2338aa763441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33261&min_rtt=22246&rtt_var=15097&sent=19&recv=14&lost=0&retrans=0&sent_bytes=8434&recv_bytes=4341&delivery_rate=64062&cwnd=12000&unsent_bytes=0&cid=7c210a92c5d63340&ts=606&x=16"
date: Tue, 20 May 2025 13:21:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jun 2018 12:51:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 iApp.min.js Show response
weatherwidget.io/w/js/ Frame D7C1 37 KB
8 KB 73ms
73ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/js/iApp.min.js
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c590b7f35f60c3d58265b235066ecc42d07f6a6c2edad989e788faa0d444fa6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "6245aabc-94da"
age: 6703
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExG13hyJTpbwYE8H5E%2B9gCevIxFycuMkwQnnC8LTih4222rW%2FAQwDCnEE4uufIvZht%2BEMBCOagoATHVi%2BWvOwRfZjK6RCq7GsQt9Qjecsa4YEhv%2FW95BRHhthotQxT7xmaLd"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c2338aa773441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33261&min_rtt=22246&rtt_var=15097&sent=27&recv=14&lost=0&retrans=0&sent_bytes=17673&recv_bytes=4341&delivery_rate=64062&cwnd=12000&unsent_bytes=0&cid=7c210a92c5d63340&ts=607&x=16"
date: Tue, 20 May 2025 13:21:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 31 Mar 2022 13:21:00 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 25ms
24ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BWERR8GS85&gtm=45je55g2v9115178239z878478613za200zb78478613&_p=1747747288561&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103136993~103136995~103200004~103207802~103233427~103252644~103252646~103263073~103301114~103301116~104506548&ptag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=2075885676.1747747291&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1747747291&sct=1&seg=0&dl=https%3A%2F%2Fwww.theherald.co.za%2F&dt=The%20Herald%20-%20Local%20Nelson%20Mandela%20Bay%20and%20Garden%20Route%20news&en=page_view&_fv=1&_ss=1&ep.UID=&tfd=4592
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BWERR8GS85&cx=c&gtm=45He55g2v78478613za200&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theherald.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
analytics.google.com/g/ 0
0 104ms
30ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JNNJWFKJ2E&gtm=45je55g2v869910990z878478613za200zb78478613&_p=1747747288561&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&ptag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=2075885676.1747747291&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1747747291&sct=1&seg=0&dl=https%3A%2F%2Fwww.theherald.co.za%2F&dt=The%20Herald%20-%20Local%20Nelson%20Mandela%20Bay%20and%20Garden%20Route%20news&en=page_view&_fv=1&_ss=1&ep.uid=&ep.publish_date=&tfd=4717
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&cx=c&gtm=45He55g2v78478613za200&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theherald.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 101ms
20ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JNNJWFKJ2E&cid=2075885676.1747747291&gtm=45je55g2v869910990z878478613za200zb78478613&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&ptag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&cx=c&gtm=45He55g2v78478613za200&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to: {"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theherald.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:122:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.com.ua/ads/ 42 B
408 B 133ms
55ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.ua/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JNNJWFKJ2E&cid=2075885676.1747747291&gtm=45je55g2v869910990z878478613za200zb78478613&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&ptag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&ptag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&z=1488733083

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 player_api Show response
www.youtube.com/ 1 KB
2 KB 88ms
43ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.0e033137595305200a72.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5a5ff4376cbe6e7ce23c6cb55786979858a2bae5ae1fbb0b90051bf5f2b6210

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9, ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Tue, 20 May 2025 13:21:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Tue, 20 May 2025 13:21:31 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/ Frame 4540 21 KB
8 KB 56ms
55ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/abg_lite_fy2021.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

338421bab0f7aae79c84a933e232d3b8243874d5133048a869e553f19aaf5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 8607824579394818223
age: 55097
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8531
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/ Frame 4540 3 KB
1 KB 56ms
56ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 55097
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4540 221 KB
68 KB 24ms
24ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1330
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H2 200 17021407241750775907
tpc.googlesyndication.com/simgad/ Frame 4540 86 KB
86 KB 83ms
15ms Image
image/gif 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17021407241750775907

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c63a690687a408a6faf5174b054f59c1a6dd83e11c89df62e0997864e697fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

age: 19237
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:00:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 20 May 2025 08:00:54 GMT
last-modified: Fri, 16 May 2025 09:41:14 GMT
content-type: image/gif
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 87984
x-xss-protection: 0
server: sffe

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/ Frame E309 15 KB
6 KB 33ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

876760b9e75dfcced8cb68c33cfe2024b1e5c8e88de3a1839fad4d71791fc4e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 5974765574835275114
age: 39534
x-content-type-options: nosniff
expires: Tue, 03 Jun 2025 02:22:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 02:22:37 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 6390
x-xss-protection: 0
server: cafe

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/ Frame E309 22 KB
9 KB 29ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

536ec40b01481924d09789aea90d2298937de347273eeb7aae9ada93c7ae43ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 3885677904651448619
age: 39534
x-content-type-options: nosniff
expires: Tue, 03 Jun 2025 02:22:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 02:22:37 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9408
x-xss-protection: 0
server: cafe

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E309 205 B
295 B 75ms
16ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

age: 19433
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:57:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:57:38 GMT
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 205
x-xss-protection: 0
server: sffe

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E309 604 B
1 KB 72ms
15ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

age: 19672
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:53:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:53:39 GMT
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 604
x-xss-protection: 0
server: sffe

GET
H3 200 open.svg Show response
weatherwidget.io/w/img/ui/ Frame D7C1 524 B
970 B 28ms
26ms XHR
image/svg+xml 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/img/ui/open.svg
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb3bbe91d293ec0b30bf7834648ccaded81fd6a27fa6dbb3f06941b28a6d12a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "5a6aa543-20c"
age: 2062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KONvYPEBC4g%2Fb5MigN1exm1kFr9U28OK3c7ymfUb41I1VV8IE4Hk9ZlWfZ1B7bwaBaIu6a%2FTYDnS5ezPbYKXvb41zy3gR3LJ6CdYsDiqsGAKCeibJVipuY6P%2BeQ6arxriObj"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c233cab113441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20009&min_rtt=15549&rtt_var=4075&sent=83&recv=49&lost=0&retrans=0&sent_bytes=76274&recv_bytes=6215&delivery_rate=1895634&cwnd=38400&unsent_bytes=0&cid=7c210a92c5d63340&ts=1248&x=16"
date: Tue, 20 May 2025 13:21:31 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Jan 2018 03:49:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 3189 Show response
iframe.iono.fm/playlists/chan/ Frame 351F 74 KB
8 KB 20ms
20ms XHR
application/json 209.38.182.90
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://iframe.iono.fm/playlists/chan/3189?limit=20&sort=latest&skip=0
Requested by: Host: p2.iono.fm
URL: https://p2.iono.fm/bundle/0.16.0/player.js?v=2.0.12.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.38.182.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e84daac1633aa3972db8ffe96f77bbfc9ce0544ad1688d9b8665e81875ad617d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

cache-control: public, max-age=60, no-transform
content-encoding: gzip
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
x-cache: HIT
x-country-code: DE
date: Tue, 20 May 2025 13:21:31 GMT
content-type: application/json, application/json
vary: Accept-Encoding
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4540 0
0 60ms
60ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4540 0
0 53ms
53ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4540 0
0 49ms
49ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F574 0
0 49ms
48ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstpT-fs8CgQgPcKuz0CPRaGzR_f-7nOXU5Xa9JfJ3uQZ-1bnPE5JCCq71gWq2mjjQU5VJLudPHKPwqCCL0FcVSQXCxVwGnrRvO_Q95LbBS0gk1_9qPSyy9VnM7Z2WVbzlvSA2d4OeHJ6wnn8finYRutMbnFcBN2Fayb3XFsjgL99hjYy1j6niZm23fhIdR8ilMxU2bJH7FytNReTUM9i0ZGujRJvlsCzWWHU293Bglk1BSlsaqj37Isfi_MFb1xIAnC3Ac6hbPeVipyIyLw3vKgb0pbbEKTH4UxUOaUtGD3WUjg5Es4tSOqpscsQwo8WyWZgS5zTgEyrGTye23KASzpbbxpMRzorPFBn79pCoZ4EP7R4EzWoqx6xfzjVTC_iUB_JHD0IV9GmxrHM9IV8FCHO2zc1rb7iYV7zvxIVux8mCnd&sig=Cg0ArKJSzFwjfA-c0F8lEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F574 104 KB
0 1ms
0ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d3669af58c4904468ec9015af2032d551bb6a1d09dc956204a26038c218f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 495 / 20228 / m202505150101 / config-hash: 15524472431905521952
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33710
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F574 221 KB
0 24ms
24ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1330
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F574 0
0 49ms
49ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F574 0
0 50ms
50ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F574 0
0 55ms
54ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame F574 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cf7a1db7a4f2643fdc7b7fb6f635cb8e891ebf9e778f6a409c4a96efa4e08e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/1b376dba/www-widgetapi.vflset/ 31 KB
10 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/1b376dba/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15fce230b1703e8559fa88b5bb7ef99d51c1ec981cbbb221e3231a02877d97b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
age: 1911
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 12:49:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 12:49:41 GMT
last-modified: Thu, 15 May 2025 06:48:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10338
x-xss-protection: 0
server: sffe

GET
H3 200 container.html Show response
75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame 3FFF 7 KB
0 0ms
0ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:30 GMT
expires: Tue, 20 May 2025 13:21:30 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F7CB 0
0 52ms
51ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstT1Qn-1rePEE2r5-DJwNyi8nj4X72Ai4WRgv5hcuuzgmZ6k0qktW6-Up4mG0KbdEvZUup8bZlzNiG2YLbf7liGFJLeYtDqBuLtbsuFTbRqmpz3ZZiZYSlh5sm2m0VU25uWp8bNtME93c0GUQztEeI4RWawRG9tddy6v-CdpZOuEOJdg1nTVocuXkkffKt55SDqT5h8Q8w0rwFp12bIxUfEdJHHwIzoklvdCbyLMI2AqZ5lD_oKzwYYRr4ZKDkKuVQCzTgLmlcUqKjnhtLZF2La8tLYY9EXaP9ngwXFiRMy20XES8iJ3Gbzqfe_4HCdQFCYFL3oJNzjZ-4wms2aJg89xHKgvejTUjcWSduaHDSChINd7o3je9FxVi-XBYgz_ld799Wwd8BDwmMRFAGqeHV7XYZQpS04NIDRjtEdnn66BCNo&sig=Cg0ArKJSzKNcpI-W1szDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F7CB 104 KB
0 3ms
3ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d3669af58c4904468ec9015af2032d551bb6a1d09dc956204a26038c218f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 495 / 20228 / m202505150101 / config-hash: 15524472431905521952
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33710
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F7CB 221 KB
0 3ms
2ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1330
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame 0121 7 KB
0 0ms
0ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:30 GMT
expires: Tue, 20 May 2025 13:21:30 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 564611c4357db80578bbff02cdc5b88f43c4fd4d.dat Show response
dl.iono.fm/dat/372/3189/1555807/ Frame 351F 4 KB
4 KB 114ms
44ms Fetch
text/plain 188.40.16.162
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://dl.iono.fm/dat/372/3189/1555807/564611c4357db80578bbff02cdc5b88f43c4fd4d.dat

Requested by

Host: p2.iono.fm
URL: https://p2.iono.fm/bundle/0.16.0/layouts/legacy.js?v=2.0.12.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.40.16.162 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.162.16.40.188.clients.your-server.de

Software

nginx /

Resource Hash

c90beaebb594f52b04efa0ae446cbf885856f459aadea804eac37a93cb2e82b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

etag: "1872acb2d84e06be33bcbc6f98b51c79"
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS
expires: Wed, 21 May 2025 13:21:32 GMT
x-proxy-cache: HIT
date: Tue, 20 May 2025 13:21:32 GMT
x-rgw-object-type: Normal
content-type: text/plain; charset=utf-8
last-modified: Wed, 14 May 2025 10:30:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Origin
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, private
access-control-allow-credentials: true
x-amz-request-id: tx00000158fdbc4d90badb6-00682470c9-153db26b0-fra1b
accept-ranges: bytes, bytes
access-control-allow-origin: https://iframe.iono.fm
content-length: 3860
x-content-tag: podcast-file
server: nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/ Frame F574 536 KB
0 0ms
0ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3634424a32af09c3bb51c3c71085436a4b4bc7a1151ed12f252e6c45c188b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 840089204709235314
age: 19950
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:48:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 172721
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
forecast7.com/en/n33d7125d52/port-elizabeth/ Frame D7C1 5 KB
2 KB 90ms
52ms XHR
application/json 172.67.129.169
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://forecast7.com/en/n33d7125d52/port-elizabeth/?format=json

Requested by

Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.169 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c7db2ff333095e484beb38d1fc82b761b576367e98789fdfa5f7529cc5ce575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12af-Ael4YYGI4M8fK4q+wAKwvB3Ct/4"
age: 1471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljb42rNMo9kCLv5Bmm1is5DLU5joWN9VqmvleIQ02o0J1cPtvPHBq2FfuGfevmSjekCZ5Nz5vPcWvg9Zk03wWE5FrQwBd9nXoe5Ox07oSGraxmjw42lrW0pWN6HK5cDH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:37:46 GMT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14144&min_rtt=13820&rtt_var=2719&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3650&recv_bytes=3257&delivery_rate=39591&cwnd=12000&unsent_bytes=0&cid=45f28ca1268c8fa4&ts=52&x=16"
date: Tue, 20 May 2025 13:21:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 942c23419b5db8ee-AMS
access-control-allow-origin: https://weatherwidget.io
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
0 50ms
50ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
0 46ms
45ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
0 47ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/ Frame 3FFF 21 KB
8 KB 81ms
50ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/abg_lite_fy2021.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

338421bab0f7aae79c84a933e232d3b8243874d5133048a869e553f19aaf5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 8607824579394818223
age: 55098
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8531
x-xss-protection: 0
server: cafe

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/ Frame 3FFF 8 KB
3 KB 88ms
59ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1657584221779c9f6943c52bb7fba23376c18be3e021da4168fab39d8bb7863a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 567199331036499589
age: 54156
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:18:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:18:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 3211
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 3FFF 0
0 90ms
66ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssMzHNvk-d1-bg1ZSsAezFbIOYW3ZnjrZJgUYGuyndSZbVoVnre27iyaJccu75MF4_ISN5RbQkFgu7AaUd5ixz1xY8X4n1tJzRl8D0UHGK7ZyPZQS0AwrOTdfxdD1x4NG8hJZBllBE9_sOkWUVU-DxsOyPE3-3k6H32MX4r9l9TwG2GDF5j1ieLBoh_4YpZu1X_rfPnRbwjCCMnJy1MxsEG0fRYv6JYuZkTG_-jYS_eL_D2lmV_eFAmRWrjX1P4dlSGv-WLrSv-zqG56Bbp_DV_zCWnt7AR-pIc26jBW4hFrqP187RgKNNDySVoAgKhv3ep6Ht3Orj6RAJcKEc5cQz7j-MkQiRPoKbkZpSlbfKaH1VEdmXQ-PAN_E44J5yYpOv4c0KzY4-WhXnHNNsmPWTJV80mVZYRZ7-i7pLSRkZZGkC3I-ajxC_pi6DgvdtQPVNRFkMX9XLgZHy5locbpa-h3fiXwGBkIJ001coWb6tcdWAOHev4byi870sbbZ9SXcd52Po0sHC6U98ssw5OrtkQ4H8yGCAlWswSAbdPVjF3uXLYAd7A3Np580g2Nm21fvCJqW031yDmPl7V44rSOwRRz9RxVPHXgio7w7Rz0HzYOy5PEDLa1JZMId0_lC1t0hxjIYiwh6yjq5yAxOR8jXnSUVAm3hMaspjRMvPLUASkiOqIlyhmqbSUtOdnvjfZYhJIwRn52KyQzkJiKYqN3ahnFSOvK9rXiop-oo8oS6dUSELKu2iFEcPiOCFsObNw0EjqWisFMUZeqXTTcCNGFExBYTcCz9rUIZ4avCxlxRZlsM-eNVSgg-ZoOTmW2sLuVM_3ELtg7plY8oVY6aTfsenvlRlJRzCXqlm573JZVZjeWqzTKZ2xn3BijsL1zqU5sqewue5xSBVSmzSIQUEBpESe4sF21LjNcjz1bduTlva71WE5XtRN84gmIh8SXQkzK7XKTBCpyxdm5H2-5heRCDLdrzxfDWEqEhNNqIkeNXIDWN1fVy7soCDGDX8vMYUFcmeGE0V65wbhdAx4YJjnM9pXff5MkJ4DTWTBorUpWhEPODE26Ycp-dwyuW8Z0eGCYo3uVZy1us2BN9HfYi4WYG4MwTAf3JEDKvWdbysuBHTb_d4iigkyF2140tLOeNucorODtZBIpUjA1lvJ3Tnspxqi3e7B-VzqlEaq7RUq-hjrEr16TMJx819gzol5Fo8QZ3EAgzA8c5qMadNeD4U6tiBsmFefJcPbYyyB-eqPLca816gEMiAAaFiQpacdwOQxABrn4lEUoV3AhoMh1UcUrdnogN6mJP5490giLiT3otMYGQdvmX0VgdJJ5raMsZXb-3sEIx1d75k-X-nR8MlieiFxC6Jz1yMDjijZj5ZiU9GaLNsVXvvI-1nyPjQMXL1xHVnJ340bXDDksydJENGgadNyljylEIdzkwL8x7cPztdBA-Xm-_81VsUiPUQW8aH1qByqErtqaU1qkuf20_amzSVkibLfQaN3MKQUtin9z2uHBYF48d5QHLvO9IhPv8nwHVTXpctEgPhr3oBbCf1DAZNIz58R6ywSQW3TxWXE9Oxrnalk&sai=AMfl-YQ3wQWQ3mC7_hZ87Mj25uIsx0kMjPAlz02KiM_GZHjpTVdllAK6mt6es3kVcUNPU0bRG0E&sig=Cg0ArKJSzDt450WYagi6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20250515.73565&arae=1&ftch=1&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FFF 41 KB
14 KB 93ms
47ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
age: 990
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:05:02 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13937
x-xss-protection: 0
server: sffe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/ Frame 3FFF 3 KB
1 KB 45ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/window_focus_fy2021.js

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 55098
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/ Frame 3FFF 19 KB
8 KB 65ms
43ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d40c755f333a0398a5ca0c512ecfb55bcdaa7c587038c348758f66889e3dd2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 15868188468660529123
age: 55098
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 7976
x-xss-protection: 0
server: cafe

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FFF 42 B
63 B 90ms
69ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqcinzpGalsmYaG-3KnlPz0-GUS4pGGGMfqVub_DLNAQ-LmFRGiM_6SfK48ZHoRrr5tP0znY4bNQK4sqKFSTmBIGWr417IJJJNmjCiAUM_VbQhnWo

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3FFF 221 KB
68 KB 44ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1331
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H2 200 17282056533852079610
s0.2mdn.net/simgad/ Frame 3FFF 250 KB
251 KB 105ms
11ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17282056533852079610

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a6230261fa6dd437603eaa2cc49e369ea440cccf09e33e94853a774372ee3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

age: 18851
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:07:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 20 May 2025 08:07:21 GMT
last-modified: Thu, 23 Jan 2025 08:21:36 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 255876
x-xss-protection: 0
server: sffe

GET
H2 200 uxwSov3U-pc Show response
www.youtube.com/embed/ Frame 1FF6 111 KB
46 KB 141ms
78ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acddbff6761e17cc1f8b9f3d2fbf1425dfd23c74b8f9301db228ddad01c546c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F7CB 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 315dd09474fb477ed83369c01a6f2357609429263ada868579a40d2ca1e339a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 nr-1153.min.js Show response
js-agent.newrelic.com/ Frame 351F 26 KB
10 KB 155ms
39ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js-agent.newrelic.com/nr-1153.min.js

Requested by

Host: iframe.iono.fm
URL: https://iframe.iono.fm/js/newrelic.iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "d3b942e7c79a167d59ed590feee5e193"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 9646
date: Tue, 20 May 2025 13:21:32 GMT
last-modified: Wed, 18 Oct 2023 20:59:12 GMT
content-type: application/javascript
x-served-by: cache-toj-leto2350033-TOJ
x-cache-hits: 3
vary: Accept-Encoding

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/ Frame 0121 21 KB
0 27ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/abg_lite_fy2021.js

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

338421bab0f7aae79c84a933e232d3b8243874d5133048a869e553f19aaf5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 8607824579394818223
age: 55098
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8531
x-xss-protection: 0
server: cafe

GET
H2 200 css
fonts.googleapis.com/ Frame 0121 21 KB
2 KB 71ms
24ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3f6fbbaf241f43869963e04386efe736b3f15a0e74cf2ce39d6ca186a193e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 20 May 2025 12:29:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/ Frame 0121 15 KB
3 KB 82ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.css

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 19514
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:56:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:56:18 GMT
last-modified: Mon, 28 Apr 2025 10:38:15 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2920
x-xss-protection: 0
server: sffe

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/ Frame 0121 386 KB
134 KB 82ms
17ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4184e9546a3763fa242af235ca4090e944fddf77ae8e36eca7d67e3b3a35de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 19950
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:49:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:49:02 GMT
last-modified: Mon, 28 Apr 2025 10:38:15 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 137089
x-xss-protection: 0
server: sffe

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/ Frame 0121 19 KB
0 7ms
7ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d40c755f333a0398a5ca0c512ecfb55bcdaa7c587038c348758f66889e3dd2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 15868188468660529123
age: 55098
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 7976
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/ Frame F7CB 536 KB
0 0ms
0ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3634424a32af09c3bb51c3c71085436a4b4bc7a1151ed12f252e6c45c188b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 840089204709235314
age: 19950
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:48:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 172721
x-xss-protection: 0
server: cafe

GET
H3 200 cloudy.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame D7C1 949 B
1 KB 23ms
22ms XHR
text/html 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/cloudy.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 666b81a3d37a051f35c544d975cfcf22a988d3990166d9d91a68ac6f9d6b5edb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: zstd
cf-cache-status: HIT
age: 5600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcOzJaK0FSPU0e0QUb3gMQ5KRlDmelY0PowWQapHGfyJOXAMQvwZpvA2sEwA%2FaQCSkHUKRMi0Fil1D1uzugZCXOPcYi1RHHneL%2BPuAl9ybZOuI2YvOoi9EAGH4hU%2BhaK7nRR"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c2342ac073441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19457&min_rtt=15549&rtt_var=4160&sent=87&recv=53&lost=0&retrans=0&sent_bytes=77336&recv_bytes=7343&delivery_rate=19603&cwnd=38400&unsent_bytes=0&cid=7c210a92c5d63340&ts=2203&x=16"
date: Tue, 20 May 2025 13:21:32 GMT
last-modified: Tue, 20 May 2025 07:55:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 rain.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame D7C1 2 KB
1 KB 22ms
22ms XHR
text/html 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/rain.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b550bc1fe6527e0f74ec28d2ca79e8324b7a2f6ad5077e8888671b58216cd324

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: zstd
cf-cache-status: HIT
age: 9431
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5d3oXR9e9Pa0iritEsVSS39VQ9IfTnzGQuInUeP28DfCtXizZACIOhxAKKKRcu3zEy2Ia5MJ%2BX3CgC2d%2FDOkQz7XbUvx8W%2FvQqmjVkfHNt1HeXdwn55uIfbS5SXCd2d9rhLq"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c2342ac093441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19457&min_rtt=15549&rtt_var=4160&sent=89&recv=53&lost=0&retrans=0&sent_bytes=78546&recv_bytes=7343&delivery_rate=19603&cwnd=38400&unsent_bytes=0&cid=7c210a92c5d63340&ts=2205&x=16"
date: Tue, 20 May 2025 13:21:32 GMT
last-modified: Tue, 20 May 2025 10:44:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear-day.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame D7C1 2 KB
1 KB 25ms
25ms XHR
text/html 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/clear-day.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8123e77b1354f2532dbba8e1694a64c696d1fa3b2d3ee9577b5f155fa0b42b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public; max-age=14400
content-encoding: zstd
cf-cache-status: HIT
age: 741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qqi4981Wa0HA6VakXzP%2Bo3PnsQWbvr8FlCdW33ufgS8TIyXpnriHjlgCYzkj5tRhqTFLWGMLXu%2FxXtpk6oglKNtJiHXa3H55tG0cu%2F3gs8uJl2zoQ%2FWcCQjp9r3CgHU5noP8"}],"group":"cf-nel","max_age":604800}
cf-ray: 942c2342ac0a3441-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19457&min_rtt=15549&rtt_var=4160&sent=92&recv=53&lost=0&retrans=0&sent_bytes=80058&recv_bytes=7343&delivery_rate=19603&cwnd=38400&unsent_bytes=0&cid=7c210a92c5d63340&ts=2208&x=16"
date: Tue, 20 May 2025 13:21:32 GMT
last-modified: Tue, 20 May 2025 09:51:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame F574 17 KB
13 KB 193ms
41ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

0f4f56bfce5ff18e68651739fce4c9f44d6f14c391def219dd25cdaa60f41384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13147
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame F574 28 KB
13 KB 196ms
195ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2281585085642293&correlator=3788728668348445&eid=95353384%2C95355264%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fif&iu_parts=22877425870%2CARH%2CHL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&dids=gpt-passback&adfs=2365573715&sfv=1-0-44&click=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%3Fxai%3DAKAOjsvheiEaweEbaMPrda3isHqCMLv7-aPvHl8Fh80vYeu04vnpTWwh4cOb4czhuGn9Iu2YO6YthDfyjy5TpcVupIsY2hXRBs2EmZFUl78uzausuBwDoZg-fV0aYqks5YV3yodOf0EH_qNsK1Ci_rc7k4LyWe6U0YUgT2slW8wvy9WZkGi1HLStufHJQuFzN4RCIkbKjEX4NxJVdky5ab94qxs8-cwciXRVJrvc1uqG9iFHLHxHNdcMRMNg0FGo_F84Wo23uYz6wHwmF20k1BDrMIPqZElhdy2utXAbRBdBxsmiFoBHGXCVh7e9MK--9dBt8gfTZ1iebLMrYNUK2Z-VIn6Y4p3TBDry00MsUaChye7jf_RuXe34XUb0_EnDag6ooHK-q0XACGmJBN0serismFRSGZBk%26sig%3DCg0ArKJSzLxE-OAVVFkdEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&eri=4&sc=1&abxe=1&dt=1747747292645&adxs=2183&adys=2043&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=vi9g73p9a94l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.theherald.co.za%2F&top=www.theherald.co.za&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747291948&idt=676&adks=605211418&frm=23&td=1&egid=36713&tan=f25a275d-2cd6-4b5d-864a-f2deb02cace4&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6410a4a157a08466d2a8b39492696f6a112383a2e41c9cdfc6f533343013b1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 6224748666
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138423780739
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 13036
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame D39A 7 KB
3 KB 225ms
41ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:32 GMT
expires: Tue, 20 May 2025 13:21:32 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame F7CB 28 KB
13 KB 149ms
144ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=8358118525104512&correlator=3468275933123471&eid=95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fif&iu_parts=22877425870%2CARH%2CHL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=1&dids=gpt-passback&adfs=2365573717&sfv=1-0-44&click=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%3Fxai%3DAKAOjsvmLqyJgMbUgxcTflru48oU3D-CXYbMN31M3xaK0qAeoO9FjDf3pN1ixsR6fFzTEBq_VdYZwd2vkeG09IVSymAfNUNECgipwDsEJlSU_9aNDrVKoPpsclthS4q1_2JftJbkdjkX8Cby90fjexDPdKggNgHZqf8WHEk7wIdsW0DIagtrWBwuaR5t7OLl9-dMPn-JOTCWDnDtgPmwa4elZ6fdssG2gfh09OlHuQ_c2iacnzMPfx3rKiUrSEpTsLQOK_uTgZ3ib5tujWtAD4cU_ansa2FLIQ2xm-XecsmRYPyPmtwSM5smbtMTBvJeMNXlhWhnkE6Q016ldU-3_jQLlMmvJAb-Gy3fH6YGfIg4qGsTmLcWciIs6dHh_xfA1qlIjDm_-wnjZ3qyNOaTajG3ElJklzB7%26sig%3DCg0ArKJSzLD2qJYvRwiuEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&eri=4&sc=1&abxe=1&dt=1747747292688&adxs=2253&adys=739&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=c89igzq11tvp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.theherald.co.za%2F&top=www.theherald.co.za&vis=1&psz=0x0&msz=160x0&fws=256&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747292202&idt=459&adks=1038450444&frm=23&td=1&egid=36713&tan=150900d5-814e-4ebb-bbc2-5e9fd8a8396a&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0f854a49a2ba9e28c4a00d5e58eff4aff45f07043366e2a2114c49974a322b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 6224748666
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138423066944
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 13017
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame 2674 7 KB
3 KB 100ms
41ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:32 GMT
expires: Tue, 20 May 2025 13:21:32 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/1b376dba/ Frame 1FF6 441 KB
54 KB 51ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/1b376dba/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c4674314ffc9df8f1ced86385c9703b8b29afc8ae91168afd20d59bdc704b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Response headers

content-encoding: br
age: 6441
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 11:34:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 11:34:11 GMT
last-modified: Thu, 15 May 2025 06:48:29 GMT
content-type: text/css
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 54660
x-xss-protection: 0
server: sffe

GET
H2 200 embed.js Show response
www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/ Frame 1FF6 33 KB
10 KB 68ms
61ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c8b5ac19a74724c8b18ba3a93f4ff4498e9ac75a973cb3afa390357445f3edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Response headers

content-encoding: br
age: 19708
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:53:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:53:04 GMT
last-modified: Thu, 15 May 2025 06:48:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 9643
x-xss-protection: 0
server: sffe

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/1b376dba/www-embed-player.vflset/ Frame 1FF6 345 KB
103 KB 69ms
62ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/1b376dba/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd5c2945829502755386a12a0f125a451b3aeffa9c7e6f7100c8454a0247a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Response headers

content-encoding: br
age: 16087
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:53:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 08:53:25 GMT
last-modified: Thu, 15 May 2025 06:48:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 104936
x-xss-protection: 0
server: sffe

GET
H2 200 base.js Show response
www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/ Frame 1FF6 2 MB
646 KB 71ms
64ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b709e49d1cdc02364fd8142bac9c6ad7f46644cc2ee6b96cd3934dcab2f45487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Response headers

content-encoding: br
age: 18873
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:06:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 08:06:59 GMT
last-modified: Thu, 15 May 2025 06:48:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 661540
x-xss-protection: 0
server: sffe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 3FFF 0
0 84ms
67ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssMzHNvk-d1-bg1ZSsAezFbIOYW3ZnjrZJgUYGuyndSZbVoVnre27iyaJccu75MF4_ISN5RbQkFgu7AaUd5ixz1xY8X4n1tJzRl8D0UHGK7ZyPZQS0AwrOTdfxdD1x4NG8hJZBllBE9_sOkWUVU-DxsOyPE3-3k6H32MX4r9l9TwG2GDF5j1ieLBoh_4YpZu1X_rfPnRbwjCCMnJy1MxsEG0fRYv6JYuZkTG_-jYS_eL_D2lmV_eFAmRWrjX1P4dlSGv-WLrSv-zqG56Bbp_DV_zCWnt7AR-pIc26jBW4hFrqP187RgKNNDySVoAgKhv3ep6Ht3Orj6RAJcKEc5cQz7j-MkQiRPoKbkZpSlbfKaH1VEdmXQ-PAN_E44J5yYpOv4c0KzY4-WhXnHNNsmPWTJV80mVZYRZ7-i7pLSRkZZGkC3I-ajxC_pi6DgvdtQPVNRFkMX9XLgZHy5locbpa-h3fiXwGBkIJ001coWb6tcdWAOHev4byi870sbbZ9SXcd52Po0sHC6U98ssw5OrtkQ4H8yGCAlWswSAbdPVjF3uXLYAd7A3Np580g2Nm21fvCJqW031yDmPl7V44rSOwRRz9RxVPHXgio7w7Rz0HzYOy5PEDLa1JZMId0_lC1t0hxjIYiwh6yjq5yAxOR8jXnSUVAm3hMaspjRMvPLUASkiOqIlyhmqbSUtOdnvjfZYhJIwRn52KyQzkJiKYqN3ahnFSOvK9rXiop-oo8oS6dUSELKu2iFEcPiOCFsObNw0EjqWisFMUZeqXTTcCNGFExBYTcCz9rUIZ4avCxlxRZlsM-eNVSgg-ZoOTmW2sLuVM_3ELtg7plY8oVY6aTfsenvlRlJRzCXqlm573JZVZjeWqzTKZ2xn3BijsL1zqU5sqewue5xSBVSmzSIQUEBpESe4sF21LjNcjz1bduTlva71WE5XtRN84gmIh8SXQkzK7XKTBCpyxdm5H2-5heRCDLdrzxfDWEqEhNNqIkeNXIDWN1fVy7soCDGDX8vMYUFcmeGE0V65wbhdAx4YJjnM9pXff5MkJ4DTWTBorUpWhEPODE26Ycp-dwyuW8Z0eGCYo3uVZy1us2BN9HfYi4WYG4MwTAf3JEDKvWdbysuBHTb_d4iigkyF2140tLOeNucorODtZBIpUjA1lvJ3Tnspxqi3e7B-VzqlEaq7RUq-hjrEr16TMJx819gzol5Fo8QZ3EAgzA8c5qMadNeD4U6tiBsmFefJcPbYyyB-eqPLca816gEMiAAaFiQpacdwOQxABrn4lEUoV3AhoMh1UcUrdnogN6mJP5490giLiT3otMYGQdvmX0VgdJJ5raMsZXb-3sEIx1d75k-X-nR8MlieiFxC6Jz1yMDjijZj5ZiU9GaLNsVXvvI-1nyPjQMXL1xHVnJ340bXDDksydJENGgadNyljylEIdzkwL8x7cPztdBA-Xm-_81VsUiPUQW8aH1qByqErtqaU1qkuf20_amzSVkibLfQaN3MKQUtin9z2uHBYF48d5QHLvO9IhPv8nwHVTXpctEgPhr3oBbCf1DAZNIz58R6ywSQW3TxWXE9Oxrnalk&sai=AMfl-YQ3wQWQ3mC7_hZ87Mj25uIsx0kMjPAlz02KiM_GZHjpTVdllAK6mt6es3kVcUNPU0bRG0E&sig=Cg0ArKJSzDt450WYagi6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=320&vt=11&dtpt=318&dett=2&cstd=0&cisv=r20250515.73565&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 vidoomy-player.js Show response
vpaid.vidoomy.com/player/latest/ 487 KB
134 KB 252ms
23ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by: Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/heraldlive_21134.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4afa3224727d9fcc0e3060c8c77d187227b8a68b5d79224967fb6318d04b1e51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: W/"3cbce604e49f7a089a8819c8c09932e0"
x-77-cache: HIT
x-amz-storage-class: STANDARD
date: Tue, 20 May 2025 13:21:33 GMT
x-rgw-object-type: Normal
content-type: application/javascript
last-modified: Tue, 20 May 2025 10:32:42 GMT
x-77-nzt-ray: 4c15622447507f5bdd812c68aa111c03
vary: Accept-Encoding
x-77-nzt: EwwBw7WqEQH3iCcAAAwBJRPCNAG3AAAAAAgBWbu8pgAA
x-amz-meta-s3cmd-attrs: atime:1747737160/ctime:1747737160/gid:116/gname:jenkins-exec/md5:3cbce604e49f7a089a8819c8c09932e0/mode:33188/mtime:1747737160/uid:116/uname:jenkins-exec
access-control-allow-credentials: true
x-amz-request-id: tx00000c4ea9bb979844a98-00682c5a55-8e5d46d-prg
x-77-pop: frankfurtDE
x-77-age: 10120
server: CDN77-Turbo

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FFF 0
0 76ms
68ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FFF 0
0 68ms
65ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 3FFF 217 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f11e821fddb3ce64e0def18af4d17815f5989b6b4ade07f6c4781dad32f6c28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FFF 0
0 50ms
50ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D077 38 KB
13 KB 35ms
24ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:05:02 GMT
expires: Tue, 20 May 2025 13:55:02 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1FF6 15 KB
15 KB 67ms
27ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.youtube.com
Referer: https://www.youtube.com/

Response headers

age: 62306
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 19 May 2026 20:03:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 19 May 2025 20:03:07 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1FF6 15 KB
15 KB 64ms
26ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.youtube.com
Referer: https://www.youtube.com/

Response headers

age: 18858
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:07:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 08:07:15 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame F574 20 KB
7 KB 100ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ Frame 0121 0
57 B 128ms
23ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~mawjm24c&c=6753353729375&slotId=3376676864687&qqid=CIn81oOSso0DFb8AvwQdWmUNyQ&fb=outstream-lima&sei=21062100%2C44752538%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ Frame 0121 39 KB
39 KB 19ms
16ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/

Response headers

age: 19986
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:48:27 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0121 0
20 B 48ms
46ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C9Lai24EsaMmiF7-B_NUP2sq1yAyL0_uQf9DN9pmoFPfSor3AARABILzQ4RZglbqggrAHyAEFqQKt5hQzfaFbPqgDAcgDmwSqBK4CT9AQw7BuhRM4Fe4cqBZYWwQTBm6HsoVXs3b17GT4HUazdjawu0AMqfVnFjRaKAQScG_tXqGQPJnaUx6SsFTxTnuvR385n9FOab7W7QWSMj-dK2_-_mg-btiCF_t1Cl6OLisUQdkcP2tqLGamYit9dCJVmZTeXnlE8v88GbLjSG_PCljvJ6BG79pFkxJtxyepBtUxuSk_VVer6OFCu8fVka3EpG-WCjuDzHfDGOVUJ-7bStv1AniGNlVEwp7AbvTAUOjLo4ReRkcl0p1ZQYcdjermi97dIlrKy1vVIuoN8TG3OFoFnIwkf7JKsAdG12ebrdvwEoCGk663vap0pSKmpcYVK0UBggg3A8REmXatIDdhFogrToZKVTkxmC1pBYL6pair0SgRkvgF1qcOPQTABMm9_P6SBeAEA4gF4_jD8FOgBnaAB6S4wPsDqAfVyRuoB9m2sQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB-C9sQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAf_nrECqAffn7ECqAf4wrECqAf7wrECqAe_07ECqAfCyLEC2AcA0ggtCJHhgHAQARidATIF64uAgCA6DACAgICAgJSoiAKgAUi9_cE6WMb4p4OSso0DgAoDyAsB4AsBgAwBqg0CREXiDRMIuLGog5KyjQMVvwC_BB1aZQ3J6g0TCLbnqIOSso0DFb8AvwQdWmUNyfANAbAThLrOHMgT9c3z5gPYEwqIFAPYFAHQFQH4FgGAFwGyFxkYAioVLzU5NjMvSGVyYWxkTGl2ZS9ob21l6BcFshgJEgKRVBh2IgEA&eventType=clickstring&clientTime=1747747293047&ai=C9Lai24EsaMmiF7-B_NUP2sq1yAyL0_uQf9DN9pmoFPfSor3AARABILzQ4RZglbqggrAHyAEFqQKt5hQzfaFbPqgDAcgDmwSqBK4CT9AQw7BuhRM4Fe4cqBZYWwQTBm6HsoVXs3b17GT4HUazdjawu0AMqfVnFjRaKAQScG_tXqGQPJnaUx6SsFTxTnuvR385n9FOab7W7QWSMj-dK2_-_mg-btiCF_t1Cl6OLisUQdkcP2tqLGamYit9dCJVmZTeXnlE8v88GbLjSG_PCljvJ6BG79pFkxJtxyepBtUxuSk_VVer6OFCu8fVka3EpG-WCjuDzHfDGOVUJ-7bStv1AniGNlVEwp7AbvTAUOjLo4ReRkcl0p1ZQYcdjermi97dIlrKy1vVIuoN8TG3OFoFnIwkf7JKsAdG12ebrdvwEoCGk663vap0pSKmpcYVK0UBggg3A8REmXatIDdhFogrToZKVTkxmC1pBYL6pair0SgRkvgF1qcOPQTABMm9_P6SBeAEA4gF4_jD8FOgBnaAB6S4wPsDqAfVyRuoB9m2sQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB-C9sQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB5oGqAf_nrECqAffn7ECqAf4wrECqAf7wrECqAe_07ECqAfCyLEC2AcA0ggtCJHhgHAQARidATIF64uAgCA6DACAgICAgJSoiAKgAUi9_cE6WMb4p4OSso0DgAoDyAsB4AsBgAwBqg0CREXiDRMIuLGog5KyjQMVvwC_BB1aZQ3J6g0TCLbnqIOSso0DFb8AvwQdWmUNyfANAbAThLrOHMgT9c3z5gPYEwqIFAPYFAHQFQH4FgGAFwGyFxkYAioVLzU5NjMvSGVyYWxkTGl2ZS9ob21l6BcFshgJEgKRVBh2IgEA

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 0121 0
57 B 74ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~mawjm264&c=6753353729375&slotId=3376676864687&qqid=CIn81oOSso0DFb8AvwQdWmUNyQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1xq&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 204 csi
csi.gstatic.com/ Frame 0121 0
48 B 75ms
24ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~mawjm27j&c=6753353729375&slotId=3376676864687&qqid=CIn81oOSso0DFb8AvwQdWmUNyQ&fb=outstream-lima&dmn=bid.g.doubleclick.net&pth=%252Fdbm%252Fvast&rbid=dbm
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 204 csi
csi.gstatic.com/ Frame 0121 0
534 B 66ms
18ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~mawjm27l&c=6753353729375&slotId=3376676864687&qqid=CIn81oOSso0DFb8AvwQdWmUNyQ&fb=outstream-lima&lb_sdkv=h.0.0.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0121 40 KB
19 KB 102ms
43ms XHR
text/xml 142.251.173.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BFqjmvmkSKMphY8Q5hAN35dSaropWjLlbYpbIVx3bRci5BD5VOG_v1JH0E7yEl5ZhSn7Y6xFYB3KXY-lU9AEjekOnOPA&cry=1&dbm_d=AKAmf-DskrIA4pj4DbE8k4jIDf7c74rATz0fQX4MLtdKUE-jwhXzPlkvz9tvKGVZs0-as_EdqlI4bhj6Z5IYcuY8BdByLkk5J-2qznlqCQPLwUzTwig9XFLU-WvxBDfB2NYNnpriPs-DJRcrQiFEyF64JiRO3lZ82Pre5Pu3BH2YkeAcO3Evm5q1IUi2ua8v0kgS4qvG1BLMJwm5psr8hJdDhRbpoGL6pOlw0Zs0oxfWTebd_jihAskxqNUT1NsoI8kMtsEo2L-86rrKe5vnQWbH4Ri3qpycb6PNTZVW676Zl1atZAX-a1gw_6dRe87XDpx0HyVDrg6Ol7kNPJqy4utTpQy9M5IRyXgEDU-hfRMoPSVIur31UifbfZrY7k13Suymhx3J4zFBlcti4d8dkQhwotYT55l3gS3jomedIXRNF5RFgWFPXvH-mx1rtQTW-bjEyLqRhpfI-mN2eDTweWL27KFCBLDFz5o9dHl1PAMtNzenBEMZKFQ91PTGuZcwp7CNWJ68YmwU1TgJAnM7JC4GG2bSPNnj-zTU-Saca8nFFJuiNbBjALXcmEA3VqwQoeXmkiVR8mIZdksxyxCE_MKif0RITZ9gqSpJzK6nvPsPi2mIsOlyc_0e9UMyE2CncexZCbiT9sVJCoHIMb9Lu6aiRf1D9lA-Gr25v8KqCrHx3Ph-z_3_3wrv3IamTuU7juz6VkOKkKMolAwTUnntwkQmWjDA9G4-acx3etosZsj-36bTDMGISdS8hUOUddJTUfdqm_3xiSjJjMBQKuXG5EIE8B_ZFRW_oPBfUpD743ASlKopRG_NM3HOOu_qdxbfU6iwa1Z-RBB9GWr2KvK5pz7J4qhxvasjjIykxvp7R87htHn17dVfc_mvZ8Sj1Kb5ssahHdemaibdvfaoGpqN_8h1x0QLFKdVfn61Zgild5hVaod8ymADrowHzI32qlAkwJlaa4Pt0t7XX-Hy7KP2fCda6v19og2GLKYj0lLwCseLxLPQyagA7hQhcigGx-GEDfy2sHW8be6Ga4EVCMaz--24ds10UiRC4AJL3yUp-a31aVGLOOeBexiECowFCSmHckutBJJ3yd-_2rfdjPy_Hsdtr_P-J9_8pofpFRkMUMZcDhJfGWCFuoR_TL6Y1IFc0AItITp2l9Zll2M02mIiyOV4pN71Yvk6P83G-Muu1hzzopCdj0i7Dc7wAS1oek65xhWk3E8pOqV8U8yHbFPjlCi8QEJmq7ppiR3zTgCdgc3LFfc3IXF5Bu6QL7pIKgdz5tjR1pV1uzRo4OW0iGAD3wWAVxWUyvsj77xfTi4XfIZaLjhi2bW1G_2GKpa6_QtAZoW8rcZZRWvF_3V3SQH92_fdAIcsy8BAwAycSBHzbpIyuqWZQ__vmGwczgMzxGpIaGx2B1ZWyB1ULGn79hJL-FbCPV_tWJhqlMqKdYVISuji47xRmJEHxTE2CGdsPPNgJKfV1kldhSbbUkBTz6BZbpuV9-8A7VEi3D4uEO3BXllQdp3q88OrO3FnGlg5VDyDdy_zr8auFT99BFiB6J2n6CZklZLmpfCobwyVYLkef3O1T7rD0fhJqxuU0LgUMwovuusMjf3SALZsZvcndYSw_zSWkNw20YrtbuOg16me7hBc3cNNon9924zgWV-VW6iosAfs0o1QlBPp-hnIn7U4SWad0Xz14W4cyGmqwnK6OCcAGtXlMlMiJWRFxbiBKFDrCSK8KcquPMUr9lrdf-p9W4bGmpu9WwH1VODpzp1IQ5aL1mzhyMbuwTS_ahmi6AQ7n1vgQDB06vmwPy73X5l-lpsuaG59GJdeglH7sWcd3RAcGog6LRsZCB7tUwNzX8pR3cG7W9gtMOHjMQhGrSk3BIo79wx0rS4FwokrH4ul9MdiyX2LIVLieNXUvURJD1fAMDq3v_NlfyuXLmf4V6MNQYZUIttB0n5Mfr-KfV-SBZ7iygPcpo2jtGCZ7yncLSXTRqZfFRYWKwXYakwpqcN2YB6iLZK_low00fGNpnj0wy3lfFqp5vV0kG8OZQ4ZX_iqBOl523R0_anLMbLGbTo17nFXQHWeUBK2KwYHgAz5GA0B9JF8QcyKtQVLuudGYzuKmdWU82Wel4vR_i5OAMNUUcPh-1AtQnlWib-8q3-m_awzvfDjX8pn2cf4pzeBB-aAzi8zGHmzJ6gGakfqTWbNA5MjKvMwrY6250CmJmKXLyuMpN6clBK5iFgPfhXd2MeAwQ24GyJWUk4LDEIRcR4oxcy0OtrwMSErfkovHikRIsp0r2hOvs6czvleLX_nsBnJ4fon16w3jo7KbPR8eO8ly_9E7GoSO194K8EpwSUhT3MP78qg-eELnE7MJyIlw1kj0RlNxNTKABJ06iTJH8XiIZ4ITabJAKPVbCUBs-RiavAgln7cgHYq8VyxUu7JsKx7HmybMs_QxCvnzJv-aS2U5TYvA_UKy26vjH8TcOoO8zUqA-cLktl6kA-HZF2r0gGIAAay2z4mmdG1jxZlh9cMSe4tHy2V8HGW3Th0apJTXpfpSTMHuKSg3sXV5st-iyy1xJW_vrvt3XDSQ1kcJ8Wu9seSNWc_FgN8eBR5QyrFQN09tVXstRdf5l7g9ivJDDBZKlvN2dsEeo2zLp-WtYBDhX5pxql8mezs1MB24NxFx5IXlx1mko5q8zzXV5Dk7Ctuvr1EhdvwvFYjx6tUZo_uZ1uFalcclXGqETLOAlDyBCmIzhs4UAi3SpK9lyyLueIrcBptmZOC9h_Tp9zbNCzpfOKwv1bbw6_q6sc2W0nV-gPlWX07wlwmZA5TB0JYE1acQiIJGBZJ1ah-oZrpVFsqgimhijTBg30-Xzu76CtEG4NY0J9ZnPti9JG4GYkEb8GSXp4BNllLgwDUknPl0mSH1kCVEqxAYpE5rbCK0dhSJjPYyNXOATrH9Wl_qkqfSIgyIpM9WfVqT3xHXmbBu_kOqZzuhgj_Q4_OqAe6r_gJfEg0CK_V7lIUIQ4dj81xxsUxPrQB9GKbPce-EmVMJWTp2U2UzwsUDwsqlHbuCHLpEcrBJIWZjT1l4BB7oKPZeFLUkB-v-WkcM8I36QKFj-DnvjzgQjKdPlZfTtZyaOWXN-gS5aVU_7ZtmW_uktURetmgG4RRbgBHF4MDRrUB371HRrgXWI83I48nzeAGT_RGzxyQVc8bKhid-vb7KEbMaJSpHjr5BBeqAHvqa-sNGBR3PjV1Z_vRJN8hSWsPjR8Ak78rT4KdPZ8foeLAwefiNqQKiWAetDdfDyM5laiEsqJL7MLLz3UXbKe6ALkOL-Mf9BslklNQ7we-qXeMnVPpgAeVWgRSikRNB2ZySfA0dWZyz-xfNyZb0pAlNOPUiigCYDJ6RrL89BKwzqN9WiLy2nAWqa-GM7M5jCxRppW5UTXaWktY4mQ_7j6mY6Q2a-DnuihDH74qdZmvO6WnwvCvrx7M5uWjy8jxewW-OhJQsPSrdBtahCAqiV1NR06tNHIlDq9SY8sA-aHQwChpgwx52P9MKCFD3LrBNPbXaN5C1Lk9T408DMLFIlJqpTFlrAuHLz23ZcAfPTZ9Xz-F5A7Q3PQLkjiSLUkXKohl1s1ayx79V52fVZ6uExAwephJTGU4Vz4NYk-XSjdsgW9j38b1PNF1eXk0DXFsWBZlTi7crrV3Ohv_FPP0NjieWDg2OQRCwafDhM3TKWtDYRFEa7epJd1kNL7KrVP2W8n2tSLs3NhoEGCt9nhhH1z7PuV6XwMEQz5SgQn13qQVECV7AWAtNBS2llaua9SiDGQD0yyhpgx9FkhpwYgmc7WYXpJ6fkkNgBAmhiF-qVswGx6iKV4rDrgz5xCXWVmTdDtZxnjbLyHMDrMZITyLNuvf88KmI1x-ZReL61qj_ZUZWG1UvzRRt9rUT2m2KX--_V_oFc5SKaNiFTqCChcxbb1mipjhdzzcbeoHmpfQZxxHfYwFcU1-AbqOp7Lo2NyTAzhHZiEL9aJAYkNtYGrnuftxfQdTIY8G0Njz97MFu2hVV55fpW8UGPr-ztrybNQN8OOhh37V1lk64TDeu80loTVjU8ZJQlJWmMYcP1Qa_R7CKE8Zx3oJBpEC4CxQTn4tByNn6Ev7H_VKWM0NUmkEQalMZQ96-OYe1ozq9gvUbrI6Ew3-sm7PmXBcd5WUXpfJ3Ft1nzt-11rXuZqKmjLpUrwQKfK0d9LPj_uesjorevezrZdT-DpCCx23pi-i0aaXQd8C1j_k-xLCQMhvlrSPUm2-2JYQTTRG1n--AJLRvJtssmCJnSP26euPCGz4hoYb9dXQ3eWQ-nabp84iuIweP6unlgUjIEEpdd5o_4x3q0N74Xjp3LphKyvwiObWQB6Ksd1oci39TOSsTNonui4uJQ17IS0E80bLZ7LGeivlP1qCVHypFDNVHGqoMi_YiWyXBFmCazmRAKPwIGHdctnXjYVG1Q&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.173.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wi-in-f155.1e100.net

Software

cafe /

Resource Hash

60e96e118304d7807a1bc03a285d075380bd598bc429bfd8f4a95bc50f278bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: br
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/xml; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
content-length: 19245
x-xss-protection: 0
server: cafe

GET
H/1.1 200 41aa45f871 Show response
bam.nr-data.net/1/ Frame 351F 87 B
657 B 258ms
146ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Download Go to

Full URL: https://bam.nr-data.net/1/41aa45f871?a=214730062&sa=1&v=1153.61ee9ba&t=Unnamed%20Transaction&rst=4162&ref=https://iframe.iono.fm/c/3189&be=1274&fe=3506&dc=3214&perf=%7B%22timing%22:%7B%22of%22:1747747289019,%22n%22:0,%22f%22:615,%22dn%22:615,%22dne%22:615,%22c%22:615,%22ce%22:615,%22rq%22:628,%22rp%22:692,%22rpe%22:693,%22dl%22:847,%22di%22:3213,%22ds%22:3213,%22de%22:3213,%22dc%22:3505,%22l%22:3505,%22le%22:3506%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 300735ac477bb7e09ce2725f0031b085e5c86f09903d053ac8e44596731d8780

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://iframe.iono.fm/c/3189?layout=legacy&download=1

Response headers

access-control-expose-headers: Date
timing-allow-origin: *
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: *
Content-Length: 87
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/javascript
x-served-by: cache-mad2200138-MAD
nr-rate-limited: allowed
server: envoy

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 3813 0
0 52ms
51ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvr3BQadKC_d4k83_hc4cojLsR2gqJRjS3AKGSabmfufiZg65eiANPe25EEYMv2uuOjOPQKOGCxFwHvD6vDCDTCKrhnU1omyO140dJ1u40GqPmf1IcJRPDde49HGsfIfE7_fi7sbUg0aaFnmKiL0U4Ze_kxeriOxWPVJHdswCFt2y2zg4TmVQjEjnafET2qfypq9UzmKfXdcii4b6rKiK-Jl_h3bHMx5926bPOQtgvRqJcBW5Gilt1N0BcJhgSOUsVnL7xF_HvYqwy0FXJSgu_pSS1sa9qzyG4aDHjOhEj2YYMDHcOR83UjPQamWS7d9zWme074jI0tK6PrHpusG1yl-PToRiMNU2s6weQzYFj59BB-ITJ9GZt54d90hWqBotIszHTEHEphY7957T6IrSVko8xP4vk8Buo4MY2eTpKucw79&sig=Cg0ArKJSzC95otoa0P_JEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3813 104 KB
0 3ms
3ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d3669af58c4904468ec9015af2032d551bb6a1d09dc956204a26038c218f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 495 / 20228 / m202505150101 / config-hash: 15524472431905521952
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33710
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3813 221 KB
0 3ms
3ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1330
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 0121 0
0 51ms
50ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=Cb-_s24EsaMmiF7-B_NUP2sq1yAyL0_uQf9DN9pmoFPfSor3AARABILzQ4RZglbqggrAHyAEFqQKt5hQzfaFbPqgDAaoEqwJP0BDDsG6FEzgV7hyoFlhbBBMGboeyhVezdvXsZPgdRrN2NrC7QAyp9WcWNFooBBJwb-1eoZA8mdpTHpKwVPFOe69Hfzmf0U5pvtbtBZIyP50rb_7-aD5u2IIX-3UKXo4uKxRB2Rw_a2osZqZiK310IlWZlN5eeUTy_zwZsuNIb88KWO8noEbv2kWTEm3HJ6kG1TG5KT9VV6vo4UK7x9WRrcSkb5YKO4PMd8MY5VQn7ttK2_UCeIY2VUTCnsBu9MBQ6MujhF5GRyXSnVlBhx2N6uaL3t0iWsrLW9Ui6g3xMbc4WgWcjCR_skqwX0dVmggnlWKUSmT4dlWZG_ednSXsRtof2ubaOT3VzW2BvT67D963ewxgnvD-7gUHwOc9ruIhV1G68AZidiVUMcAEyb38_pIF4AQDiAXj-MPwU5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAaAGdoAHpLjA-wOoB9XJG6gH2baxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH4L2xAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHChC3-wIYzqCOnALSCC0IkeGAcBABGJ0BMgXri4CAIDoMAICAgICAlKiIAqABSL39wTpYxving5KyjQOACgPICwHiDRMIuLGog5KyjQMVvwC_BB1aZQ3J6g0TCLbnqIOSso0DFb8AvwQdWmUNybAThLrOHMgT9c3z5gPYEwqIFAPYFAHQFQH4FgGAFwGyFzcKHAgAEhRwdWItNjkyNTA4NjMwMTQwNjM0NBi2_xUYAioVLzU5NjMvSGVyYWxkTGl2ZS9ob21l6BcFshgJEgKRVBh2IgEA&sigh=AezPXjS0zdU&uach_m=%5BUACH%5D&ase=2&vt=10&nis=6

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
DATA 200
OK truncated
/ Frame 0121 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df727f2030308cae71c6f83502813a2daa806822e8de2a5d0dab84b85df07835

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CAF7 0
0 50ms
49ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssxi7ytYVx8ozqn5VBEO9R0kVMDjFC559vgaxPcrotFsVAoduqKDaE1l6eDKb6zbVcLxsPL8DSZXPaKeRDuCWfFYjPHWacLvPX39GWWfFernOg-kjK_8l-Ob9zy2S9PNoAwqhHqEAOxo3x4lr8IUdaNILFFeH6F48P4MCw5gMFHmEeYCHanyFQ5IE3kfDiOc_Zg8FRApIOznFIPsd5r37fOb0nip54FP0mX9MrB-P-6USDxUQ_6R2pYyfJB1wUAzd_5393731y87ysgjwXuB2uhCnFK28sLNmCC_GEUfRe8nWd3Mxwu7kRoNCC5ctx3ZF6sWfnQklj2TYY2TYZjOTPy0ywTibPv9TK3LHEf92mqzBQZMJuBsebThpeoXrLM16bC5R7YR-_HkK5be4PFPE2DLmM0SdwY1Bw0CaOQ-5T-&sig=Cg0ArKJSzPdRi5sQZHFREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CAF7 104 KB
0 3ms
3ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d3669af58c4904468ec9015af2032d551bb6a1d09dc956204a26038c218f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 495 / 20228 / m202505150101 / config-hash: 15524472431905521952
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33710
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CAF7 221 KB
0 1ms
0ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1330
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/ Frame 3813 536 KB
0 0ms
0ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3634424a32af09c3bb51c3c71085436a4b4bc7a1151ed12f252e6c45c188b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 840089204709235314
age: 19950
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:48:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 172721
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 0121 0
57 B 22ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~mawjm27p&c=6753353729375&slotId=3376676864687&qqid=CIn81oOSso0DFb8AvwQdWmUNyQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0121 41 KB
15 KB 18ms
17ms Script
text/javascript 216.58.206.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 2033
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:37:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 12:47:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 15407
x-xss-protection: 0
server: sffe

HEAD
H/1.1

200
OK

2
r2---sn-4g5lzner.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,expire,id,... Frame 0121
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/ip,ipbits,expire,id,itag,so...
https://r1---sn-5hne6nzy.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,ex...
https://r2---sn-4g5lzner.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,ex...

0
0

356ms
15ms

Fetch
video/mp4

2a00:1450:4001:15::7
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://r2---sn-4g5lzner.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/1E98A77D3B5118C93F0FEF375FB7428E898134BC.21F7780A69FA9C4EC0FCE09120A62D8868588EEE/key/cms1/met/1747747294,/mh/XY/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-5hnez77e/rrc/104/fexp/24350590,24350737,24350827,24350961,24351658,24351661,24352023/req_id/2560a072da05a3ee/cms_redirect/yes/ipbypass/yes/mip/78.159.108.10/mm/42/mn/sn-4g5lzner/ms/onc/mt/1747746037/mv/u/mvi/2?file=file.mp4

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:15::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
X-Content-Type-Options: nosniff
Expires: Tue, 20 May 2025 13:21:34 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Date: Tue, 20 May 2025 13:21:34 GMT
Last-Modified: Mon, 09 Sep 2024 11:02:56 GMT
Content-Type: video/mp4
Vary: Origin
Cache-Control: private, max-age=86400
Timing-Allow-Origin: null
Connection: close
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: null
Content-Length: 4577690
Server: gvs 1.0

Redirect headers

cache-control: private, max-age=900
location: https://r2---sn-4g5lzner.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/1E98A77D3B5118C93F0FEF375FB7428E898134BC.21F7780A69FA9C4EC0FCE09120A62D8868588EEE/key/cms1/met/1747747294,/mh/XY/pl/22/rms/onc,onc/redirect_counter/1/rm/sn-5hnez77e/rrc/104/fexp/24350590,24350737,24350827,24350961,24351658,24351661,24352023/req_id/2560a072da05a3ee/cms_redirect/yes/ipbypass/yes/mip/78.159.108.10/mm/42/mn/sn-4g5lzner/ms/onc/mt/1747746037/mv/u/mvi/2?file=file.mp4
timing-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:34 GMT
access-control-allow-origin: null
content-length: 0
date: Tue, 20 May 2025 13:21:34 GMT
last-modified: Wed, 02 May 2007 10:26:10 GMT
vary: Origin
server: gvs 1.0
content-type: text/html

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 0121 453 B
590 B 17ms
14ms Image
image/png 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4210548651990521

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

age: 2640
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:27:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 12:37:33 GMT
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
content-type: image/png
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 453
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3813 0
0 46ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3813 0
0 45ms
44ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3813 0
0 46ms
45ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 3813 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ab8d979cc4ba619f5463c46a9264fddbefeac65299c942b25436b1b13099e9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame F8A2 13 KB
5 KB 53ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:06:17 GMT
expires: Tue, 20 May 2025 13:56:17 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/ Frame CAF7 536 KB
0 0ms
0ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3634424a32af09c3bb51c3c71085436a4b4bc7a1151ed12f252e6c45c188b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 840089204709235314
age: 19950
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:48:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 172721
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 0
0 47ms
47ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 0
0 46ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 0
0 46ms
45ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 3813 71 KB
26 KB 166ms
166ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1462403258596683&correlator=2539288759233275&eid=31091882%2C31092253%2C95353385%2C95361094%2C95355264%2C83321073&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fif&iu_parts=5963%2CHeraldLive%2CGBW_Digital_Passback&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280&ifi=1&dids=gpt-passback&adfs=4078349782&sfv=1-0-44&click=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%3Fxai%3DAKAOjst2HYJRCgnACvR3OIFNaZHALvhD00BPoh2x7DAXEnnZN-ijTXT3BVEOFzdLzXAV3MWMZphTqcqUFS-VcuFcTru8aht3kEmxE0Mim2mxzf14db8G9cGEcAuOe6Og8VuyIWgSXW019pD0QTjAjcmIq9lKdUAkQQj0GxB2fifqbH1Da1haUZgIYygqaI_N6J0Bm8etkED2ddMNV5RYJ_x1pea3IeB6l5M1J94-CNUGYD7m10CtD4ERVZO90joE2kSzTStQ3X8FntQOaTMyLWNxY3nQlZxGSjq4apQDRBY46wW2eetA8ITaVHr3ceETMglhpeair9wrq_CrBJITT4ymlr7-ZDWreYjT_MXkm_Q27IDmxmGezPW9cgmSgiLJpB5r4QWIZiMHbjuh8WIa6LOpC4N_f_c_%26sig%3DCg0ArKJSzJtifwcYp88UEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%253Fxai%253DAKAOjsvheiEaweEbaMPrda3isHqCMLv7-aPvHl8Fh80vYeu04vnpTWwh4cOb4czhuGn9Iu2YO6YthDfyjy5TpcVupIsY2hXRBs2EmZFUl78uzausuBwDoZg-fV0aYqks5YV3yodOf0EH_qNsK1Ci_rc7k4LyWe6U0YUgT2slW8wvy9WZkGi1HLStufHJQuFzN4RCIkbKjEX4NxJVdky5ab94qxs8-cwciXRVJrvc1uqG9iFHLHxHNdcMRMNg0FGo_F84Wo23uYz6wHwmF20k1BDrMIPqZElhdy2utXAbRBdBxsmiFoBHGXCVh7e9MK--9dBt8gfTZ1iebLMrYNUK2Z-VIn6Y4p3TBDry00MsUaChye7jf_RuXe34XUb0_EnDag6ooHK-q0XACGmJBN0serismFRSGZBk%2526sig%253DCg0ArKJSzLxE-OAVVFkdEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&eri=4&sc=1&abxe=1&dt=1747747293887&adxs=2183&adys=2411&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=puwjzjr35qhw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Fwww.theherald.co.za%2F&top=www.theherald.co.za&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747293200&idt=672&adks=1316768695&frm=23&eo_id_str=ID%3Dffe8c402c973681c%3AT%3D1747747290%3ART%3D1747747290%3AS%3DAA-AfjZspEYXIsQmblxQY83j_Xtd&td=1&egid=36713&tan=835b68f3-06d1-4ac5-82ca-44071ce20564&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fb509abf9212fd4b570b5f1bcb028261138f80f8f6bbfe1dc69f0d6a46c25ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: 5938000942
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138517505129
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 26869
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame D8B3 7 KB
3 KB 84ms
23ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:34 GMT
expires: Tue, 20 May 2025 13:21:34 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CAF7 211 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d182fdec7b8e9f637c982de3902569b9eedccc5d14fe693416d8dba9f0fd490c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1FF6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
31ms

XHR
application/json

216.58.206.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b021118398ee128a3e50df7d62f8134a8eceab5dceee720dc82251ddcb2ccc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:34 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-length: 120
x-xss-protection: 0
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1FF6 29 B
494 B 75ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

age: 49
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:20:45 GMT
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
cache-control: public, max-age=900
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 29
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 prebid-vidoomy_pbjs.js Show response
vpaid.vidoomy.com/prebid/ 538 KB
201 KB 11ms
10ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://vpaid.vidoomy.com/prebid/prebid-vidoomy_pbjs.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50dfa4c825c3c79c57909c0d31c3ecf40db83f5cff5da979accabf368f918981

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: W/"72812e350b63d1ad6d51498806cf8a88"
x-77-cache: HIT
x-amz-storage-class: STANDARD
date: Tue, 20 May 2025 13:21:34 GMT
x-rgw-object-type: Normal
content-type: application/javascript
last-modified: Mon, 12 May 2025 15:11:39 GMT
x-77-nzt-ray: 4c15622447507f5bde812c68f9c09208
vary: Accept-Encoding
x-77-nzt: EwwBw7WqEQH3InIKAAwBisclxAG3AAAAAAgBWbu8pgAA
x-amz-meta-s3cmd-attrs: atime:1747062439/ctime:1747062377/gid:1000/gname:federicoi/md5:72812e350b63d1ad6d51498806cf8a88/mode:33204/mtime:1747062377/uid:1000/uname:federicoi
access-control-allow-credentials: true
x-amz-request-id: tx00000ae400e2325c2bf0a-0068220fbb-8e5d46d-prg
x-77-pop: frankfurtDE
x-77-age: 684578
server: CDN77-Turbo

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
0 3ms
3ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d3669af58c4904468ec9015af2032d551bb6a1d09dc956204a26038c218f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 495 / 20228 / m202505150101 / config-hash: 15524472431905521952
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 13:21:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33710
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame CAF7 479 B
253 B 169ms
168ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=143987815703217&correlator=3456855202300993&eid=31090593%2C31092254%2C31092498%2C95353384%2C83321073%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202505150101&ptt=17&impl=fif&iu_parts=5963%2CHeraldLive%2CGBW_Digital_Passback&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=1&dids=gpt-passback&adfs=4078349776&sfv=1-0-44&click=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%3Fxai%3DAKAOjsuGyAD9h8YGK0SrYIpii04q_79oyOeEKGnks2u-3vXGXQ_CbCjYx1nqKs6sTlXAlEw2T2IfTIVJG4s_Y8EWc87tbnBpnmIBjM-AYNY2QxQodVO65T1FpidUtKIOOoCF8G34QuBE_pR09lEfNvGSCk7MehxIWrRYHHnc4QzxHMoxI3RagPTL2tgMIv79fWCWBuhN_RkmC7PxlSNOjIFEm-C9vtEsMbRhbsnsSC-RB28xgADLYKWZr_DTGSrZwk-uG_SgPBzZ3wSoRLh3f4303jZLeGcepjxB_Ol27EzjCCdku2zA9hBlOnIf5lPCNcX_JzxzKSqA3Lxg2nVnNRdqKNUN-OGWs0jRdKp_xCfn9HdWwD69vTJT_NdYTUcIJRPScOhfPNtVovzu3CfiaO1kjfbb%26sig%3DCg0ArKJSzH8uf60uu010EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%253Fxai%253DAKAOjsvmLqyJgMbUgxcTflru48oU3D-CXYbMN31M3xaK0qAeoO9FjDf3pN1ixsR6fFzTEBq_VdYZwd2vkeG09IVSymAfNUNECgipwDsEJlSU_9aNDrVKoPpsclthS4q1_2JftJbkdjkX8Cby90fjexDPdKggNgHZqf8WHEk7wIdsW0DIagtrWBwuaR5t7OLl9-dMPn-JOTCWDnDtgPmwa4elZ6fdssG2gfh09OlHuQ_c2iacnzMPfx3rKiUrSEpTsLQOK_uTgZ3ib5tujWtAD4cU_ansa2FLIQ2xm-XecsmRYPyPmtwSM5smbtMTBvJeMNXlhWhnkE6Q016ldU-3_jQLlMmvJAb-Gy3fH6YGfIg4qGsTmLcWciIs6dHh_xfA1qlIjDm_-wnjZ3qyNOaTajG3ElJklzB7%2526sig%253DCg0ArKJSzLD2qJYvRwiuEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&eri=4&sc=1&abxe=1&dt=1747747294167&adxs=2253&adys=739&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=vcpyarmd7p1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Fwww.theherald.co.za%2F&top=www.theherald.co.za&vis=1&psz=0x0&msz=160x0&fws=256&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747747293290&idt=854&adks=4236398817&frm=23&eo_id_str=ID%3Dffe8c402c973681c%3AT%3D1747747290%3ART%3D1747747290%3AS%3DAA-AfjZspEYXIsQmblxQY83j_Xtd&td=1&egid=36713&tan=4c6ab00e-b94b-4b28-8681-1e407bc3bb00&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

531781bfa01d910557ebdc4b724b3d3fb0e4611099cd4632ecf9f9cee474b727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 13:21:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.theherald.co.za
content-length: 224
x-xss-protection: 0
server: cafe

GET
H2 200 container.html Show response
f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame D7CF 7 KB
3 KB 104ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:21:34 GMT
expires: Tue, 20 May 2025 13:21:34 GMT
last-modified: Wed, 30 Apr 2025 15:53:45 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A54A 23 KB
8 KB 16ms
14ms Document
text/html 216.58.206.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 12:56:23 GMT
expires: Tue, 20 May 2025 13:46:23 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/ Frame 1FF6 122 KB
35 KB 16ms
16ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

sffe /

Resource Hash

dd84b3767e5882477b386538726ed8aa256d9d7602c5c436d905b7c8a7216b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Response headers

content-encoding: br
age: 18707
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 08:09:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 08:09:47 GMT
last-modified: Thu, 15 May 2025 06:48:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 36204
x-xss-protection: 0
server: sffe

GET
H3 200 _VDXCD0HLVFgufV9_8MJNoYikNqi0CVCKOlDntAKsag.js Show response
www.google.com/js/th/ Frame 1FF6 57 KB
22 KB 136ms
15ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/js/th/_VDXCD0HLVFgufV9_8MJNoYikNqi0CVCKOlDntAKsag.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

fd50d7083d072d5160b9f57dffc30936862290daa2d0254228e9439ed00ab1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: br
age: 19979
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:48:35 GMT
last-modified: Mon, 12 May 2025 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22452
x-xss-protection: 0
server: sffe

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/uxwSov3U-pc/ Frame 1FF6 28 KB
29 KB 93ms
38ms Image
image/webp 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/uxwSov3U-pc/sddefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

850aa849971222dc8c3f68078fbcf9013bda0f5ecc43f5daedd2661c788b484e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

etag: "1747650576"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:26:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:34 GMT
content-type: image/webp
vary: Origin
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 29004
x-xss-protection: 0
server: sffe

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1FF6 97 KB
45 KB 46ms
43ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edd545109601c7df6126a03ea2303e732c4e56691d5625b9554bb2e24dc6a234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json+protobuf

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45618
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ Frame 1FF6 175 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 fI7P8mME6yp-TKHY69clAngPLoyGZew_-_85M-ZQMjlWnxKbPGAeHUaEphbaYmIIrvIGH0Deyp0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1FF6 1 KB
1 KB 85ms
25ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://yt3.ggpht.com/fI7P8mME6yp-TKHY69clAngPLoyGZew_-_85M-ZQMjlWnxKbPGAeHUaEphbaYmIIrvIGH0Deyp0=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4deac83d63ed12a38699ad985e5b0fb9fdadec40515f1acd20fdc5b2be216b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 13132
x-content-type-options: nosniff
expires: Wed, 21 May 2025 09:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 09:42:42 GMT
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1125
x-xss-protection: 0
server: fife

GET
H/1.1 200
OK get Show response
ad.vidoomy.com/api/adserver/ad/ 8 KB
9 KB 532ms
425ms XHR
text/plain 212.36.83.216
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPXRoZWhlcmFsZC5jby56YSZmb3JtYXQ9MSZ1PWJmNmJjMGM5LWYyZjktNDhmZi04YTIyLTA5NWM0ZTg1YjEyOSZ6b25lSWQ9Mjg0NzMmbG9vcD0wJmNTdHJpbmdTdGF0dXM9bm90LXlldC1vYnRhaW5lZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGd3d3LnRoZWhlcmFsZC5jby56YSUyRiZwdmVyc2lvbj00LjIuMSZ1aWQ9Jmk9ZmFsc2UmdGltZUVsYXBzZWQ9MC0xLjk5
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash: 875dc0353a50e23ca2860e27ca40f43e342b981465030713c561dcea5481f60d

Request headers

Referer: https://www.theherald.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
vidoomy-brandlift: W10=
Content-Transfer-Encoding: base64

Response headers

Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Transfer-Encoding: base64
Access-Control-Allow-Origin: https://www.theherald.co.za
Content-Length: 8272
Date: Tue, 20 May 2025 13:21:35 GMT
Content-Type: text/plain; charset=utf-8
Server: nginx
Access-Control-Allow-Headers: *

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame D077 54 KB
21 KB 17ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

content-encoding: br
age: 364933
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

OPTIONS
H/1.1 200
OK get
ad.vidoomy.com/api/adserver/ad/ Frame 0
0 229ms
45ms Preflight 212.36.83.216
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPXRoZWhlcmFsZC5jby56YSZmb3JtYXQ9MSZ1PWJmNmJjMGM5LWYyZjktNDhmZi04YTIyLTA5NWM0ZTg1YjEyOSZ6b25lSWQ9Mjg0NzMmbG9vcD0wJmNTdHJpbmdTdGF0dXM9bm90LXlldC1vYnRhaW5lZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGd3d3LnRoZWhlcmFsZC5jby56YSUyRiZwdmVyc2lvbj00LjIuMSZ1aWQ9Jmk9ZmFsc2UmdGltZUVsYXBzZWQ9MC0xLjk5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Request-Method: GET
Origin: https://www.theherald.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.theherald.co.za
Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Content-Length: 0
Date: Tue, 20 May 2025 13:21:34 GMT
Server: nginx

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 81ms
28ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 20 May 2025 13:21:34 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E472 0
0 52ms
50ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsth0-FOqKwF7dynA4CyMeumqvxjJxDmxcho9_wvnqQFJIfiNIRi1nfRLZWjt_qERR5WedDmYuSkIm9-u0D1abKQBPm7Utfr52aV_kjFbN4flTcOqQIimZ10jiI3-JBdpPPo-zuDmFWlRyy7aZxHAE3wxnIVbh0pd9KhK4o2yHtn0RDsHCdtxrFHSBqehcsRQaVaAJDoYyFlHffS0Ww3ZbSU--Rpx3kEcOwbhrcBjwjmKjVcgDQU8lxRYvFqH2wkss_7Zt3yDVbdrWf91pYxZKGUkogbU18mGiJ6kGWVsarYWN4rAGatauVJPDCaKaWgWfxXsv49ZgGfirS2lO7Cn0x0BW9wY07vPgs7Ca8QXFWjpqNdXWNT72xCytI1dImqz6yyQEIlD63hD-hp8IuATOTnBxT1CH6O-JE1VsMpm_Wa6c3cOyDnSUyak5WNV--957yPAg&sig=Cg0ArKJSzE4MfwD9veqLEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theherald.co.za
URL: https://www.theherald.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/ Frame E472 21 KB
0 2ms
2ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

338421bab0f7aae79c84a933e232d3b8243874d5133048a869e553f19aaf5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 8607824579394818223
age: 55097
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8531
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/ Frame E472 3 KB
0 2ms
2ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250515/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 55097
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 19 May 2025 22:03:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E472 221 KB
0 2ms
2ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65871d0ac7a4d2399b5e6ee462cd1e5906e76b76e030ff4eff1829d2818f817c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: 12838377887511038173
age: 1330
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 20 May 2025 12:59:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1251
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69703
x-xss-protection: 0
server: cafe

GET
H2 200 5555377676984408087
tpc.googlesyndication.com/simgad/ Frame E472 87 KB
87 KB 18ms
15ms Image
image/gif 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5555377676984408087

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f388440ea5434b6c019dc38be367ee9444cc550dd8c40680b05cf61a48779e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

age: 15426
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 09:04:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 20 May 2025 09:04:28 GMT
last-modified: Fri, 16 May 2025 09:41:14 GMT
content-type: image/gif
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 88578
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame E472 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 592ef182e6af7f9efef21ef2d7eada237d8fc8250a8ce0e480b0d9d0cecad7b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E472 0
0 46ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E472 0
0 49ms
49ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E472 0
0 53ms
53ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstAJ-SszC6lWLM89wc4JIifx0_nsvrmAbLDG6Ud25SR4y3zvoZOot1crobI5pxfAsFKPaBA68wIYWxLT8bCKaedcY6Rb-mvJsFqYBm28fLqQVwKyutpaXIyo8nV__8cdsPy1eHKAsxCqBxnj_e671EGLMA5nGCNWa_2TzbV9OOpH8rwXvZEMIA38tHOz5_61VORzhpcyn77d7FbXkYvrLIIXwwvNQoPdvqWUpUWF0R1hOgClehKQC8uf5gNXpeLjygtpOEvDZDmxV5gM0er4EhpWvhgr0PVzJTGast3fdm6PPpTdqs_kkkmNhd038xRwW9Ck6CwB19nFWhctXbhEy3I2Sp5-r1q28UhUhvXn5II-nojXXVlt7joLOQYF0ZfXjBX1A3e0_2vOG5p_HrK2IklzgLs6FP-irRF2lZKhdCpls7Vzn3Mle5O8NtnDLyVlOsocOI4&sig=Cg0ArKJSzFTiMKZ_xIKTEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E472 0
0 47ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 24ms
23ms Preflight
text/html 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 20 May 2025 13:21:34 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1FF6 94 B
137 B 34ms
32ms XHR
application/json+protobuf 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

e73fbe79e67826891dafb0686f826c3cb84b088982f5bffc766bf2cb183f86bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json+protobuf

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
date: Tue, 20 May 2025 13:21:34 GMT
x-xss-protection: 0
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 log
play.google.com/ Frame 1FF6 131 B
741 B 117ms
49ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:35 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H2 200 log
play.google.com/ Frame 1FF6 131 B
437 B 121ms
53ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:35 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 3813 0
0 50ms
50ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu-ZdWGwQHZ4C8dwYVOZdjZID1iGKYPKRqNBVrQTBClniTauaEnczsFYcrXFRc0pLcdbLRnfKiMJvQ1-Yd2xbbn3gVDlFB8su15U8NZgMqO5a-wHhn-zeJD0x0Hkkg-tUHWhNmuaI9pnywoOoelLkmmSe0gwQVeG0-uweeZy_brU3kAwbxba1Kk8Cg2GRJPNmx0YiE7qQS-aabuw-DtxQIYhvSIVuMbD-Qxb44anZjN2Dq3dO0_3JefGJkYVYZHKYWX-3E2Muf-Ac7rCAaiukTKCqg-UWu9kU6k4DYYtS3jOuaHCds_2L9JVCyOxCSbULpkwqye6sGcZwX_2S1ynejjKVvXf02z5CHF-StzYPmDJW-RYL80OnuIEK6ShvpDBe6Cb-n-kcphdFJNy5hgjm_qTlJzjuecBWWtrjGlbkC2hQoOqkA&sig=Cg0ArKJSzNnyzC982tnpEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 3813 17 KB
13 KB 34ms
34ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

b6f4d747bd97aa24b17e161f7321e33df37834b1832a8e7cf4de7506f5782829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13336
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F574 0
0 52ms
51ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv89OQrPd9JYXb47oaaZ1IHxlU2YtoAdydDj2-R-v72DCAE6Oyh12V5Met46w7yize45iR2KrUQtz5WPbX8W2nmwHb996TgNdHXoU0h1IwnAHskLxfibYX5L0TA_Vtd1nMp3JlRJKOZAMVvKH1KAN3MgyuNd0JKx1Zt06N08VVBF8qWE2G-xnQ80eTb5jZ1BlPzRpfatXcvABpD9df_h5jvi0-x_FVeOCfOIx-sqpUdLq3MM7HPFFb7WZ6IP3JK6N9vfstxpMSEcCYcm8MXKJ-Yo_Ye1fhbtbN1hlTb4zhDjTDacasp2hpn5EE-gQi1rUsA08B_kO_YtiOty0i3wzRzTPdQOFpuuG8YKwfHah-t60EtzMmGdAAp2vZ0y8PTez1fr1G8kbhDSJBj1zF8vDcynqn0gh1r2vXlsTUNlFpzch7Z9_E&sig=Cg0ArKJSzP_LBpWtlXE5EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1FF6 4 KB
2 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:35 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="cloudview"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges: bytes
content-length: 2007
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 72ms
15ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.theherald.co.za%2F&domain=www.theherald.co.za&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.theherald.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.theherald.co.za
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 20 May 2025 13:21:34 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 194337
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
378 B 51ms
15ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.theherald.co.za%2F&domain=www.theherald.co.za&cw=1&lsw=1

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 221425
expires: 0
access-control-allow-origin: https://www.theherald.co.za
date: Tue, 20 May 2025 13:21:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 195 B
669 B 56ms
9ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

de8bd1efc96f1833467baa18e993e260c239b0604f2a87b02fe87f2aa6696484

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.theherald.co.za
p3p: CP="CAO PSA OUR"
date: Tue, 20 May 2025 13:21:34 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 id5PrebidModule.js Show response
cdn.id5-sync.com/api/1.0/ 91 KB
27 KB 67ms
23ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/prebid/prebid-vidoomy_pbjs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec9b5656278221105c271cc0094669effafb77143b737b80d7136fdc084ea45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

x-amz-id-2: /hhYXC8qYqZvWtwNyUrXeAeSV+AwXPa7ianFx+g+s+1ADmVlbtX4JMGX7SHi73H5224AhctZ25uvCIBdmf7fc1HwlFS6epKA1ziqo2D4CoQ=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"1e6c9796ea638d051ca3a84c5f3f04e6"
age: 2950
x-amz-request-id: ME848WCRKQVSCGN2
cf-ray: 942c2353bd1ddba7-FRA
date: Tue, 20 May 2025 13:21:35 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 02 May 2025 06:44:22 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
277 B 132ms
35ms Fetch
application/json 108.129.4.74
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://id.crwdcntrl.net/id?c=16730
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.4.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-4-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.theherald.co.za
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Tue, 20 May 2025 13:21:35 GMT
content-type: application/json;charset=utf-8

GET
H3 206 2
r2---sn-4g5lzner.c.2mdn.net/videoplayback/id/a1cba1b390debe2b/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779283293/sparams/acao,ctier,expire,id,... Frame 0121 640 KB
0 45ms
15ms Media
video/mp4 74.125.162.71
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: 75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
URL: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.71 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s18-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date: Tue, 20 May 2025 13:21:35 GMT
last-modified: Mon, 09 Sep 2024 11:02:56 GMT
content-type: video/mp4
vary: Origin
cache-control: private, max-age=86400
timing-allow-origin: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
client-protocol: quic
access-control-allow-credentials: true
Content-Range: bytes 0-4577689/4577690
accept-ranges: bytes
access-control-allow-origin: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
Content-Length: 4577690
server: gvs 1.0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 3813 20 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H3 204 generate_204
www.youtube.com/ Frame 1FF6 0
10 B 152ms
151ms Image
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.youtube.com/generate_204?fwAmJw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f206.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 May 2025 13:21:35 GMT
cross-origin-resource-policy: cross-origin

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CAF7 0
0 63ms
63ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstrNkjTjKG5E0GIG6rurHi6Yjca-7RKxPoRY_x_43QWf8MlXFIxAkNwoWYzOqkr3nPpjgZ8uUrmKjhsn78KNfHYv6PgtoenwD-ZloD0Ly2xE68PJ9X_Opx-ieboEJYJCr_igYEPu6oLxWXwpsAUNRAtxiWuv54e9rBS-QZXJvG0GWh5XpTaeNpwmtxksjCd_9Xf8MKYh_UjBXmChEZa0I40_RgUFTd8R5nnRLTQbMVpP58t1RW0lwAdVQ0LsdnSpgq43bTx8KC-cRTRacVqF2C9C3vjR-oGx7WdPFWJWeox1FvQdip0dVLzbr8ZJThix38Q8g1ymq3sU2IHvkUnhOmgdmLFAe5RHVL_sHFt-bSndTXu5WkcwsEK4mHwCFDFqRrGoBKqGKqFs--8q_fyI3dSm76yQQaSLMmuQ4n6915wQeU&sig=Cg0ArKJSzJi2EFdLWZ2lEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame CAF7 17 KB
13 KB 51ms
51ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

d1a4f5d42b04c2e3e388615ef92786e5f8a3ab7a22d38f28f156d1b01dfa5f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13106
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F7CB 0
0 60ms
60ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsucCrTaYMHbmy8qw4flCoykmr7HkbfP0sQcjv52j0JXvmK10lQHrPXonWswU6MyzlYGkzGJ7Oj7xPm-yKWzvhldJnFDZWR9ukfPGKQ71SDKE63GHicMGdOXAFFSXYlVuo5rmKd8TywWIOF59edg3axXHmb_Mqd8QJqeDWKNHZC-JHNN0DBixFFgE6P7fwq5FJ2YmLUB4a7hirTrU8q2QaYOWGtj_hvFJId6-PyRA1O3uSy9-svRiJkrUt2MU-F5m8IBy2O5ew3fIhoCUEf6f7ii9dhzVJbW1yPFg50bqdr8GbCB3BRw8l6MykxAw3LTEoSCsOOVuLpTItFiRabNlSDuOpeiOKqgy-IFhp5BXpjnvqGYMVGA_4rLKG80qbkc9vRDUnl9eFUF2IF911_Pb1wxnB54btwYJa66fJTgVYATS7H7zMg&sig=Cg0ArKJSzLRP-IIKplOhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame F7CB 17 KB
13 KB 87ms
42ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

adfc5d68712d7e5e742116da7049680de85e2205abd8a3e7d35a610ab2593c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13145
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame A54A 54 KB
0 17ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

content-encoding: br
age: 364933
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame F8A2 54 KB
21 KB 19ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 364934
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

POST
H2 200 log
play.google.com/ Frame 1FF6 131 B
439 B 56ms
49ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:35 GMT
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 131
date: Tue, 20 May 2025 13:21:35 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/136/ Frame 1FF6 48 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/eureka/clank/136/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abc1abef9c59379e7c151f43287a92f21742a3ed36f7a0beeaffb8ace4efc8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
age: 67923
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 18:29:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 19 May 2025 18:29:32 GMT
last-modified: Mon, 07 Apr 2025 15:04:06 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges: bytes
content-length: 13847
x-xss-protection: 0
server: sffe

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame CAF7 20 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 1A07 13 KB
0 0ms
0ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:06:17 GMT
expires: Tue, 20 May 2025 13:56:17 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame F7CB 20 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 2763 13 KB
0 0ms
0ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:06:17 GMT
expires: Tue, 20 May 2025 13:56:17 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
452 B 176ms
40ms XHR
application/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747295835023-557
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:35 GMT
Content-Type: application/xml;charset=UTF-8
Server: nginx

GET
H/1.1 200 33730154 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 811 B
1 KB 152ms
17ms XHR
application/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/33730154?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&_fw_gdpr=&_fw_gdpr_consent=&plcmt=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 84fa78d3f61fbbb4a3a5cf3ad471e684c0081df6d6efd4dcf6e0acd87f4f73ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747295799059-537
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:35 GMT
Content-Type: application/xml;charset=ISO-8859-1
Server: nginx

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
397 B 336ms
157ms XHR
text/plain 212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=471246&w=350&h=197&skip=1&req_type=1&ip=78.159.108.10&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36&l=de&dt=2&c=DE&pid=63457&sid=63457&sname=theherald.co.za_28473&d=theherald.co.za&sp=https%3A%2F%2Fwww.theherald.co.za%2F&coppa=&gdpr=&gdprcs=&vpaid=1&bidfloor=1.50&uids=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Access-Control-Expose-Headers: X-VD-C
Accept-Ch: Sec-CH-UA-Model
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.theherald.co.za
Date: Tue, 20 May 2025 13:21:36 GMT
Content-Type: text/plain
Server: nginx
Access-Control-Allow-Headers: *

GET
H/1.1 200 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 810 B
1 KB 161ms
25ms XHR
application/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&_fw_gdpr=&_fw_gdpr_consent=&plcmt=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f2de2df033cb2e8abcfdaabff908b89ecd35736aa736f543eaafac6555eadc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747295816049-583
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:35 GMT
Content-Type: application/xml;charset=ISO-8859-1
Server: nginx

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 996 B
854 B 66ms
21ms XHR
application/xml 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=730929&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2012901a6939007a0b9f25c3c802a453797005cae17dd21b5268c535eb5c341a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "23da-5f762218eccb9-gzip"
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:35 GMT
access-control-allow-origin: https://www.theherald.co.za
content-length: 615
date: Tue, 20 May 2025 13:21:35 GMT
content-type: application/xml
vary: Origin, Accept-Encoding
server: Apache

GET
H2 200 715072 Show response
vid.springserve.com/vast/ 3 KB
2 KB 125ms
35ms XHR
application/xml 54.77.207.102
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://vid.springserve.com/vast/715072?w=350&h=197&cb=5069&url=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&gdpr_consent=&gdpr=&us_privacy=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-207-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 204bb7d09fb2beeeceaf6554c2a4ed08c023d52fc4ea840c33fdce92dda26450

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-origin: https://www.theherald.co.za
content-encoding: gzip
date: Tue, 20 May 2025 13:21:35 GMT
content-type: application/xml
server: nginx
access-control-allow-credentials: true

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
641 B 222ms
47ms XHR
application/xml 35.156.131.204
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&tg_c.language=de&width=350&height=197
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.131.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-131-204.eu-central-1.compute.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.theherald.co.za
content-length: 28
date: Tue, 20 May 2025 13:21:35 GMT
content-type: application/xml
vary: Accept-Encoding
server: nginx/1.27.2
x-http2-stream-id: 18259

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 996 B
854 B 52ms
20ms XHR
application/xml 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=663449&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 296c45fee1935dc6383014cfd36858a39a829550bebf88bcb68dd4568d8b6fbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "23da-5f762218eccb9-gzip"
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:35 GMT
access-control-allow-origin: https://www.theherald.co.za
content-length: 615
date: Tue, 20 May 2025 13:21:35 GMT
content-type: application/xml
vary: Origin, Accept-Encoding
server: Apache

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame D99F 13 KB
0 1ms
0ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:06:17 GMT
expires: Tue, 20 May 2025 13:56:17 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 81ms
10ms Script
application/x-javascript 2600:9000:2646:6800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: c1bca8f45d3cd8e6ec28fe01f148d06714c83301ab31489e07dbc52eadfca5b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"681168bc-9947"
age: 69472
cross-origin-resource-policy: cross-origin
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
expires: Tue, 20 May 2025 18:03:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: DkroDInOQbmkFlQwjmhoUWL2bKoj76Z9I3Dp0ggYJTeEmXpEeiDJ-w==
date: Mon, 19 May 2025 18:03:44 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Apr 2025 00:03:08 GMT
server: openresty
x-amz-cf-pop: FRA60-P5
vary: accept-encoding

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 38ms
38ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505150101&st=env

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

1337e9b25996ae42d2067918d0e79d4484e5708be19f58f8288ce2d36cc590fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13075
date: Tue, 20 May 2025 13:21:36 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H3 200 log
play.google.com/ Frame 1FF6 131 B
151 B 53ms
48ms Ping
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?hasfast=true&authuser=0&format=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.youtube.com/

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Tue, 20 May 2025 13:21:36 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H3 204 collect Show response
www.google-analytics.com/g/ 0
20 B 22ms
21ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BWERR8GS85&gtm=45je55g2v9115178239z878478613za200zb78478613&_p=1747747288561&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103136993~103136995~103200004~103207802~103233427~103252644~103252646~103263073~103301114~103301116~104506548&ptag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=2075885676.1747747291&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAAQ&_s=2&sid=1747747291&sct=1&seg=0&dl=https%3A%2F%2Fwww.theherald.co.za%2F&dt=The%20Herald%20-%20Local%20Nelson%20Mandela%20Bay%20and%20Garden%20Route%20news&en=SubsStatus&ep.UID=&ep.Subscriber=no&_et=52&tfd=9721
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.theherald.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:36 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 20 May 2025 13:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A07 54 KB
0 19ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 364934
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.png
www.theherald.co.za/ 1 KB
1 KB 28ms
28ms Other
image/png 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 81d8d9f2329bf52d0031656d3afd16cc38cdc896a9b2dd57554270b287305318

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=86400
etag: "7wba9Q"
age: 70723
expires: Tue, 20 May 2025 17:42:53 GMT
content-length: 1087
date: Mon, 19 May 2025 17:42:53 GMT
x-cloud-trace-context: f1d8505dbb3df6cf57831eec56939d8c
content-type: image/png
server: Google Frontend

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 7AE8 13 KB
0 0ms
0ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 May 2025 13:06:17 GMT
expires: Tue, 20 May 2025 13:56:17 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2763 54 KB
0 19ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 364934
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame D99F 54 KB
0 19ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 364934
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 325ms
109ms Image
image/gif 3.223.154.108
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldlive.co.za&p=%2F&u=DoVL__BF4rPuCE1OhS&d=theherald.co.za&g=54086&g0=herald-live-home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8559&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theherald.co.za%2F&b=9658&t=DdM_1SBCCekcBUtrcxr3uQU12tHd&V=149&i=The%20Herald%20-%20Local%20Nelson%20Mandela%20Bay%20and%20Garden%20Route%20news&tz=-120&_acct=anon&sn=1&sv=kZkLujdNFyDixhY8D5JGFpBblQqw&sr=external&sd=1&im=061b2ff3&_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.223.154.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-154-108.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Tue, 20 May 2025 13:21:36 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1FF6 28 B
50 B 37ms
33ms XHR
application/json 172.217.16.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1b376dba/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-YouTube-Page-CL: 758924504
X-YouTube-Utc-Offset: 120
Referer: https://www.youtube.com/embed/uxwSov3U-pc?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.theherald.co.za&widgetid=1&forigin=https%3A%2F%2Fwww.theherald.co.za%2F&aoriginsup=1&vf=1
X-YouTube-Device: cbr=Chrome&cbrver=136.0.0.0&ceng=WebKit&cengver=537.36&cos=X11&cplatform=DESKTOP
X-YouTube-Client-Name: 56
X-YouTube-Ad-Signals: dt=1747747293275&flash=0&frm=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C637%2C300&vis=1&wgl=true&ca_type=image
X-Goog-Event-Time: 1747747296477
X-YouTube-Client-Version: 1.20250514.23.01
X-Goog-Visitor-Id: CgtiS05UWDdEUUhPZyjcg7LBBjIKCgJVQRIEGgAgbQ%3D%3D
X-Goog-Request-Time: 1747747296477
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
X-YouTube-Time-Zone: Europe/Berlin
Content-Type: application/json
X-YouTube-Page-Label: youtube.player.web_20250514_23_RC01

Response headers

content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Tue, 20 May 2025 13:21:36 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame F8A2 0
40 B 17ms
16ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?l3vfvw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 May 2025 13:21:36 GMT
cross-origin-resource-policy: cross-origin

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
237 B 14ms
11ms Fetch
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.theherald.co.za
date: Tue, 20 May 2025 13:21:36 GMT
content-type: text/plain;charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
234 B 46ms
12ms Fetch
application/json 2001:41d0:701:1000::4c1f
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::4c1f , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: /
Resource Hash: 22f0236a1073c0d16927513a9a01d8fe12858f56a66f983ac79f034351386c2d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-origin: https://www.theherald.co.za
content-length: 54
date: Tue, 20 May 2025 13:21:36 GMT
content-type: application/json
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
302 B 43ms
11ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

5dbd6f8608c217582439a19e6c7c88aa44bab277c990ce288363cb5702329232

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.theherald.co.za
date: Tue, 20 May 2025 13:21:36 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H/1.1 204
No Content gtm.php Show response
ad.vic-m.co/adserver/delivery/ 0
176 B 715ms
373ms Script
text/html 13.245.71.255
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ad.vic-m.co/adserver/delivery/gtm.php?t=20.5.2025%2C%2015%3A21%3A36&z=2228&m=geoip_cookie&l=&r=https%3A%2F%2Fwww.theherald.co.za%2F&c=0.997&v=5d7c9981-4e0f-484e-80a4-5b11265c0f3a&w=1600&h=1200&e=f52ecbbce0cc2c74e55ef1ea84ca1c60&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.245.71.255 Cape Town, South Africa, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-245-71-255.af-south-1.compute.amazonaws.com
Software: nginx/1.14.1 / PHP/8.2.13
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Date: Tue, 20 May 2025 13:21:36 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/8.2.13
Server: nginx/1.14.1
Connection: keep-alive

GET
H2 200 spcnew2.php Show response
leo.vic-m.co/adserver/delivery/ 1 B
292 B 414ms
131ms Script
text/html 13.58.45.4
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://leo.vic-m.co/adserver/delivery/spcnew2.php?zones=banner_12415875%3D2228%7C&nz=1&r=39521929&w=1600&h=1200&o=landscape&vicinity_id=5d7c9981-4e0f-484e-80a4-5b11265c0f3a&vicm2&timezone=2&cid=undefined&url=https://www.theherald.co.za/&l=&click_macro=&acceptedLocReq=0&referer=https%3A//www.theherald.co.za/
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.45.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-45-4.us-east-2.compute.amazonaws.com
Software: nginx/1.12.1 / PHP/7.1.15
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

date: Tue, 20 May 2025 13:21:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.15
server: nginx/1.12.1

GET
H/1.1 204
No Content gtm.php Show response
ad2.vic-m.co/adserver/delivery/ 0
176 B 121ms
32ms Script
text/html 34.251.13.38
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ad2.vic-m.co/adserver/delivery/gtm.php?t=20.5.2025%2C%2015%3A21%3A36&z=2228&m=&l=&r=https%3A%2F%2Fwww.theherald.co.za%2F&c=0.997&v=5d7c9981-4e0f-484e-80a4-5b11265c0f3a&w=1600&h=1200&e=f52ecbbce0cc2c74e55ef1ea84ca1c60&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Date: Tue, 20 May 2025 13:21:36 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.1.33
Server: nginx/1.18.0
Connection: keep-alive

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D077 0
20 B 48ms
48ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPbTv24EsaJ6kB7vnx_APvJKgmQUAAAAAOAHgBAI&bg=!FRalFlnNAAaupMAtjqQ7ADQBe5WfOIiZ468rDpKNdFeYz7rec773Taqw_x52H81ueX2Iz366kIC-Cm-T9ygr8Pi6DyyiAgAABdFSAAAADGgBB34ANaRJimDa0rj6G1OQ-MQujjQdAgUhdpv9EPL-Aq0KVm4cwx6lO1owagkI9rmqh3tqzz9Wv-nuCgASfskrdd-AfipzP2zdou8h4O4WmQKzyRnrgHS0OsWqzLSoLXh66XEbclfVwGYdulUBUFJ-Wm7iD8sFEaJRFge59huDy85-cbe2EetHQ6fp9k39XxMMcDIKh13cfaTWbetO3noeVoXmANnTwD4D5UEOMwNKGYd5ZkW-QN9kRQadf0gn96lKGkLfbeQwSIw_qQqtuCKx1Cnv1UWV-3Z6uZxOzfqGUj4Hu2_v9EfDjpDyaQ2ZEUv-ntjne1xkGTp2paJr0fAYHrFdYex0_w359evxMPuQucGquVvgpbncuEJv5b65nD5lFXaOzWS1cMFTEcAxksK_xdA3tBtpxNlf1I88p46rElutFrKIi7wl4RM8q5MJ9zUFeMqgKaQDiRcaFGCr9TyZCbWZQNB2ZripK5L3JiRENJwInmlPZUDYOqXnjmydEKSil7YLBhJwYIPnQ34t_Q_j5wWz5lFayXSBqzU0DiK6rkyRWAJx8zg1UVE6F4BMd-U1iuGvFCLUXif-Jqv4f6EoRNwEJ2pIu01qkIDfQI-wgaBE0PoNzxftAkQ5LpFF0J91uDy5_cG_FP6y5gitn4LbeTyvMtvRqRTkof8MXMEeC-qn2zGu3a_JE42TnvB_71O9R6GljDDK024QxHQ_tneRY08lyslvj6BQ7zJRZmpcmTIzcJqan00sJ5F2DT-XlalmzoJw-oatDiKEv8dhjRrM6FhPTFHZHPoti_15_mAXqsVWvTGXnbkjbBxKVORBqG7Uc1RTffvj9UUvBBSXTo38ArJMOKz7Orl13qBQ4DeLbIPlr_7t1cSahJG6_lImn7h4XdwWlPxISzoM_hR8wWaoqHbHFJskhnsWfWjNx938--7eKR3tTQRZo4e749O17qjV-YkhURfSZ_qW5RwwYlM7FXRLCcjp_-6awK9tYq3Jgmb4wmppa-97JGCaTAEeGYi2m3jB5Q

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
d0.eu-3-id5-sync.com/ 1 B
143 B 58ms
8ms Fetch
text/plain 51.195.127.100
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d0.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip100.ip-51-195-127.eu
Software: /
Resource Hash: f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-3-id5-sync.com/ 1 B
143 B 78ms
9ms Fetch
text/plain 135.125.140.162
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d1.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-3-id5-sync.com/ 1 B
143 B 61ms
13ms Fetch
text/plain 51.195.127.115
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d2.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip115.ip-51-195-127.eu
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-3-id5-sync.com/ 1 B
143 B 65ms
14ms Fetch
text/plain 51.195.73.113
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d3.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-3-id5-sync.com/ 1 B
143 B 75ms
8ms Fetch
text/plain 135.125.146.80
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d4.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-3-id5-sync.com/ 1 B
143 B 67ms
8ms Fetch
text/plain 51.195.115.36
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d5.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip36.ip-51-195-115.eu
Software: /
Resource Hash: 4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-3-id5-sync.com/ 1 B
143 B 65ms
11ms Fetch
text/plain 51.195.126.30
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d6.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-3-id5-sync.com/ 1 B
143 B 56ms
9ms Fetch
text/plain 135.125.146.80
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d7.eu-3-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d0.eu-4-id5-sync.com/ 1 B
143 B 60ms
12ms Fetch
text/plain 51.195.34.220
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d0.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.220 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip220.ip-51-195-34.eu
Software: /
Resource Hash: 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-4-id5-sync.com/ 1 B
143 B 60ms
14ms Fetch
text/plain 51.195.73.74
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d1.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip74.ip-51-195-73.eu
Software: /
Resource Hash: d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-4-id5-sync.com/ 1 B
143 B 62ms
11ms Fetch
text/plain 51.195.73.113
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d2.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-4-id5-sync.com/ 1 B
143 B 65ms
12ms Fetch
text/plain 135.125.146.80
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d3.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-4-id5-sync.com/ 1 B
143 B 54ms
9ms Fetch
text/plain 51.195.127.100
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d4.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip100.ip-51-195-127.eu
Software: /
Resource Hash: f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-4-id5-sync.com/ 1 B
143 B 73ms
8ms Fetch
text/plain 51.195.73.113
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d5.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-4-id5-sync.com/ 1 B
143 B 70ms
6ms Fetch
text/plain 51.195.34.222
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d6.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip222.ip-51-195-34.eu
Software: /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-4-id5-sync.com/ 1 B
143 B 58ms
14ms Fetch
text/plain 135.125.146.80
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d7.eu-4-id5-sync.com/
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame B547 449 KB
103 KB 113ms
19ms Script
application/x-javascript 2600:9000:223d:8800:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8800:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f2534f9aeaab0c94dae1215624858b67bd88ac40e6abe45d5fb534c3277ed004

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: W/"66fa5222-70418"
expires: Wed, 21 May 2025 01:16:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1lxuk_oLMqK4ZAeLP05RYuA_iPdePnc8b6-F35xwQ61SzNSOqi3FZA==
date: Tue, 20 May 2025 01:16:44 GMT
content-type: application/x-javascript
last-modified: Mon, 30 Sep 2024 07:24:18 GMT
vary: accept-encoding
x-cache-status: EXPIRED
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P3
server: CloudFront

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A54A 0
20 B 49ms
48ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B7bH63YEsaMrEC76w2fcPgobi6Q0AAAAAOAHgBAI&bg=!GBulG1TNAAaupMAtjqQ7ADQBe5WfOA2CAsJAiQMLIlh_55Lg3_hF5J5BRE3SmNlsRPriBI9HWOr7u8WvBGabuS3K1NrBAgAAA99SAAAABWgBB34ANeeJBDkYwmKSrCVCSTonnrgOKu-fiwoCM1stli7peA6_YtoatiayW_BUUks-kUWrvdZZ7WK_CgBSDMZY4uUhKOFkPcnPd7cRNtR1dNMSvjzriB-WZwBLsBF6VXSQTXe9IGGGtvZVjAbHfjTBJ5UGwGI5i-5e2Wmcs7AAFyG7vfnqP0So3HzBp2irn5kCveysha8PneFXfUiP-SOYGIBMXy35ZdGEyYbsQbs0i9_ZhJ4Xn70-JsXtrFavEpheTnxC7zsFn4TfUqVJ3ZEWjkfFJ2g4pUuk226Xi9chonS3fGyBrjlAVXsQHtZUA-qgdMm-Xcr5Df2S8sij00GdGDvAo3b3Iz1W1Lp82mMwpgwQLbl0AOuBAkc_i1PRlXfoeChJqE8jzOlwadKj5M3nSsSdUblG1FxsfHDV8JOhF21qlJp4T8GTtWoo2e_WU9J6bk9dlXJj8SwdqrIBRqkGxwKFIkbTJEn737vi9HRVLtUYLAa-fLxCQx4KhufQU0VIaVqghcecNjicACgN9NqZIs0zM5XL98PF0FXkQJ16iUHQk7TdeFKCNM91-BT9QTTJDTJfNSGPtohxNQHiOIaUk7umLzORL-rXQgilokXhCB37sXesnEmuod43Z8zZFAKZ_QVauUZf0guvTjz3Y-c0V29sETxS2VjhZuRPgG9ubgdWI9saUGdlav8OSpUq0Fkio9KEBWzQJKKWc5248zqWaxAJmtJXpesyHdAexKBx7bV6lfuz6zdmhAXk5hZFB8rSrc3nuEuMCzTexT-GQFRXCv2DWsuv0HOYH7PChdWth8tnvAS2SOx-A7GXxhHJAwF8RJ_kAxB2Xy_3aV0mtmUpBAVWY1hebWQtG_vnE_TRCNGJnvzITbCdc_LdHI-1p-SS1bRr8qeHPj62JhTFvZKOCElecLPMOeet7m204hk3XEtZuGV8RKnWVGiJw-weJ4TFBAZv4xjzuqDhLyz0OLoEp6w5pdXBruQurzGEwArnnI2eW4vaTSs9Y7bF6egFlillNHkKnslR3QrTbO5brwqbKiZ-WWXOGHyy2istyrHhghExzTlEjWWvO9B39WV6AohjeuTUYFvR_O7U4rtY5WPUAZCLXYEncUweM9V5EugB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 20 May 2025 13:21:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AE8 54 KB
0 19ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jWdf2uZZyviLdXMzWRtWCMj-mXBnYgbcEAUFjv8jhbo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d675fdae659caf88b757333591b5608c8fe9970676206dc1005058eff2385ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 364934
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 07:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 May 2025 07:59:21 GMT
last-modified: Mon, 12 May 2025 14:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21106
x-xss-protection: 0
server: sffe

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame 1A07 0
10 B 20ms
20ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?Fqxn8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 May 2025 13:21:36 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame 2763 0
10 B 32ms
31ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?FS4owQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 May 2025 13:21:37 GMT
cross-origin-resource-policy: cross-origin

POST
H2 200 v3 Show response
id5-sync.com/gm/ 453 B
652 B 29ms
27ms XHR
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

3dab3679365b68732911108822851c7c9d9a010cff85c7c8ca8cbfe7965a9d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.theherald.co.za
date: Tue, 20 May 2025 13:21:37 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame D99F 0
10 B 73ms
72ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?vDVkXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 May 2025 13:21:37 GMT
cross-origin-resource-policy: cross-origin

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame B547 25 KB
25 KB 35ms
12ms XHR
application/octet-stream 2600:9000:223d:8800:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1747747297099
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8800:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

etag: "66fa5222-6400"
expires: Wed, 21 May 2025 04:01:14 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: TLFPxZ25noIsQsW0UX3kv0QY0nQZl80trT6l4YC_RD_P66OhZZ8LVg==
date: Tue, 20 May 2025 04:01:14 GMT
content-type: application/octet-stream
last-modified: Mon, 30 Sep 2024 07:24:18 GMT
x-cache-status: MISS
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.theherald.co.za
content-length: 25600
x-amz-cf-pop: FRA56-P3
server: CloudFront

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
529 B 18ms
18ms Image
image/gif 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=null&gpp_sid=null
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747297012082-573
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:37 GMT
Content-Type: image/gif
Server: nginx

GET
H/1.1 200 / Show response
ads.stickyadstv.com/additional-scripts/ Frame B547 299 B
640 B 18ms
17ms XHR
text/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=33730154&loc=https%3A%2F%2Fwww.theherald.co.za%2F&gpp_string=null&gpp_sid=null
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 5712f37730c67b2e68e6c31d91cff957178336d99aff208ada0422bdbe81be2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/xml, text/xml
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747297101030-521
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:37 GMT
Server: nginx

GET
H/1.1 200 swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B547 67 B
0 30ms
29ms XHR
application/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=33730154&plcmt=1&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&_fw_gdpr_consent=&vav=f398c94539c948eb298a2ec6e06a7733&vaviv=7a9b533685bdc23f4a18d95a94f97766&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.11.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.theherald.co.za%2F&playerSize=350x197&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/xml, text/xml
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747297251003-526
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:37 GMT
Content-Type: application/xml;charset=UTF-8
Server: nginx

POST
H3 204 csi
csi.gstatic.com/ Frame 0121 0
20 B 24ms
22ms Ping
image/gif 108.177.96.120
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~mawjm2et&c=6753353729375&slotId=3376676864687&qqid=CIn81oOSso0DFb8AvwQdWmUNyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.25c~atrd.25q~vil.441&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.177.96.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eh-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 13:21:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 entry.shell.js.f4ba3d3513652ceef88a.bundle.js Show response
www.theherald.co.za/build/chunks/custom/app/entry/ 4 KB
1 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.theherald.co.za/build/chunks/custom/app/entry/entry.shell.js.f4ba3d3513652ceef88a.bundle.js
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/build/chunks/entry.c1481c978a592da56500.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b903b32a4dae3be2d067744d918a09e1b6723c6b97caf7fbc9fb453e37d86aba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "B7yMNA"
age: 12242
expires: Wed, 20 May 2026 09:57:35 GMT
content-length: 1271
date: Tue, 20 May 2025 09:57:35 GMT
x-cloud-trace-context: 0b484b7dedc0d5fe7be1b737441341ca
content-type: text/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/ Frame F574 63 KB
0 2ms
2ms Other
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4122429157068215054
age: 19893
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:49:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:49:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23104
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505150101"

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/ Frame F7CB 63 KB
0 7ms
7ms Other
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4122429157068215054
age: 19893
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:49:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:49:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23104
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505150101"

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/ Frame 3813 63 KB
0 6ms
6ms Other
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4122429157068215054
age: 19893
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:49:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:49:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23104
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505150101"

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/ Frame CAF7 63 KB
0 7ms
7ms Other
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4122429157068215054
age: 19893
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:49:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 20 May 2025 07:49:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23104
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505150101"

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame 7AE8 0
10 B 16ms
14ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?fuIl2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 20 May 2025 13:21:37 GMT
cross-origin-resource-policy: cross-origin

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

170 B
409 B

106ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 20 May 2025 13:21:37 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1747747297193094-546
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:37 GMT
Server: nginx

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

43 B
479 B

352ms
115ms

Image
image/gif

98.82.157.137
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-137.compute-1.amazonaws.com

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: AJEAZFM7SYFCV8WTAQ66
Content-Length: 43
Date: Tue, 20 May 2025 13:21:37 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

Redirect headers

Cache-Control: no-cache
Location: https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1747747297266019-529
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:37 GMT
Server: nginx

GET sodar
ep1.adtrafficquality.google/pagead/ Frame F574 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ Frame 3813 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ Frame CAF7 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ Frame F7CB 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame F491 449 KB
0 113ms
19ms Script
application/x-javascript 2600:9000:223d:8800:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8800:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f2534f9aeaab0c94dae1215624858b67bd88ac40e6abe45d5fb534c3277ed004

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-encoding: br
etag: W/"66fa5222-70418"
expires: Wed, 21 May 2025 01:16:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1lxuk_oLMqK4ZAeLP05RYuA_iPdePnc8b6-F35xwQ61SzNSOqi3FZA==
date: Tue, 20 May 2025 01:16:44 GMT
content-type: application/x-javascript
last-modified: Mon, 30 Sep 2024 07:24:18 GMT
vary: accept-encoding
x-cache-status: EXPIRED
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P3
server: CloudFront

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame F491 25 KB
25 KB 15ms
14ms XHR
application/octet-stream 2600:9000:223d:8800:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1747747298064
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8800:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

etag: "66fa5222-6400"
expires: Wed, 21 May 2025 04:01:14 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: BtS2uzXBz781x7Yz-R-EYu3HL2weYFx324EO_EUTfjYUiY4s1hj7zw==
date: Tue, 20 May 2025 04:01:14 GMT
content-type: application/octet-stream
last-modified: Mon, 30 Sep 2024 07:24:18 GMT
x-cache-status: MISS
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.theherald.co.za
content-length: 25600
x-amz-cf-pop: FRA56-P3
server: CloudFront

GET auto-user-sync
ads.stickyadstv.com/ Frame F491 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=null&gpp_sid=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4d98402b53c885ed532f89218ff15b1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv19e0_7507137684706298141&gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=0&gdpr_consent=null&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHv1UCTh915qB1pQNBHYMOM&google_cver=1&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
149 B

117ms
35ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

content-length: 70
date: Tue, 20 May 2025 13:21:38 GMT
content-type: image/gif
server: Kestrel

Redirect headers

Cache-Control: no-cache
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Pragma: no-cache
x-sticky-vk: 1747747298256041-589
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:38 GMT
Server: nginx

GET
H/1.1 200 / Show response
ads.stickyadstv.com/additional-scripts/ Frame F491 299 B
640 B 20ms
20ms XHR
text/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.theherald.co.za%2F&gpp_string=null&gpp_sid=null
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 5712f37730c67b2e68e6c31d91cff957178336d99aff208ada0422bdbe81be2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/xml, text/xml
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747297993085-503
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:38 GMT
Server: nginx

GET
H/1.1 200 swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame F491 67 B
0 92ms
91ms XHR
application/xml 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&plcmt=1&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&_fw_gdpr_consent=&vav=118718cccea8ff59f5dd21b3468f2986&vaviv=530d06f9bf003c50649d00fb7150544d&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.11.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.theherald.co.za%2F&playerSize=350x197&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/xml, text/xml
Referer: https://www.theherald.co.za/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1747747297999087-528
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theherald.co.za
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:38 GMT
Content-Type: application/xml;charset=UTF-8
Server: nginx

GET user-matching
ads.stickyadstv.com/ Frame F491 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

170 B
232 B

26ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 20 May 2025 13:21:38 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

Cache-Control: no-cache
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5ODQwMmI1M2M4ODVlZDUzMmY4OTIxOGZmMTViMQ==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1747747298060084-555
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:38 GMT
Server: nginx

GET user-matching
ads.stickyadstv.com/ Frame F491 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

43 B
479 B

112ms
111ms

Image
image/gif

98.82.157.137
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-137.compute-1.amazonaws.com

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: WJ1C9PHWGVMNDK00XHRS
Content-Length: 43
Date: Tue, 20 May 2025 13:21:38 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

Redirect headers

Cache-Control: no-cache
Location: https://s.amazon-adsystem.com/ecm3?id=4d98402b53c885ed532f89218ff15b1&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1747747298089067-572
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:38 GMT
Server: nginx

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame AEA2 159 KB
38 KB 22ms
22ms Script
application/javascript 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=730929&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=10800
content-encoding: gzip
etag: "27bcd-5f762218e8e3a-gzip"
accept-ranges: bytes
content-length: 38303
date: Tue, 20 May 2025 13:21:38 GMT
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5D38 44 KB
16 KB 59ms
16ms Document
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=730929&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=18657
content-encoding: gzip
content-length: 15624
content-type: text/html
date: Tue, 20 May 2025 13:21:38 GMT
expires: Tue, 20 May 2025 18:32:35 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AEA2 44 KB
16 KB 28ms
10ms Script
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=730929&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=18657
content-encoding: gzip
expires: Tue, 20 May 2025 18:32:35 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 15624
date: Tue, 20 May 2025 13:21:38 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
content-type: text/html
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5D38 0
42 B 68ms
9ms Script
text/plain 103.231.98.107
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45306694&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.107 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 May 2025 13:21:39 GMT
content-length: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame AEA2 27 B
347 B 93ms
25ms XHR
application/xml 103.231.98.110
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=1747747298884&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1&us_privacy=&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.theherald.co.za%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.theherald.co.za%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2025-5-20%2015:21:39&ranreq=0.3273543273108245&timezone=2&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&cb=730929&schain=1.0%2C1!vidoomy.com%2C63457%2C1%2C%2C%2C&plcmt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.110 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: NGNADS /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

srv: SSP
cache-control: no-store, no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
pmfcgi-resp: TRUE
access-control-allow-origin: https://www.theherald.co.za
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 May 2025 13:21:39 GMT
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8
server: NGNADS

GET
H2 200 track
st.pubmatic.com/ Frame AEA2 0
91 B 87ms
16ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747299&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:38 GMT

GET
H2 200 track
st.pubmatic.com/ 0
49 B 18ms
18ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747295&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:38 GMT

GET combine-13.php
banner.vic-m.co/adserver/delivery/ 0
0

GET
H2 200 vpaid_a2ead69f.js Show response
vpaid.springserve.com/production/ Frame 1F7B 531 KB
532 KB 124ms
18ms Script
application/javascript 2600:9000:206f:a200:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 327b82d3f9c90d49002c0ff855af2ed1b5485d5789bbce1ef41f093cbf9a8e6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

vary: accept-encoding
cache-control: max-age=2678400
etag: W/"7606c6e99a961706bb57d24a471db816"
age: 2657710
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 543548
x-amz-cf-id: -WJtRURQIt-NyMdGVTp0yQHeG_7fOdefmN6xZEVR0AQVo1AB9v_xyw==
date: Sat, 17 May 2025 00:56:16 GMT
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 17:19:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 1BED 0
45 B 135ms
20ms Document
text/plain 217.182.178.228
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=161&gdpr=&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.228 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip228.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Tue, 20 May 2025 13:21:39 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 75BE 0
0 57ms
14ms Document
text/plain 51.89.9.253
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=8e1b1cddf4eb779&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

cookie Show response
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=&_fw_gdpr_consent=
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=4d98402b53c885ed532f89218ff15b1&_fw_gdpr=&_fw_gdpr_consent=

61 B
701 B

48ms
48ms

Script
application/javascript

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=4d98402b53c885ed532f89218ff15b1&_fw_gdpr=&_fw_gdpr_consent=
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 2d092a55b487acd67a13b559591b89bfee2e78ae468ad50f5c558ff6963f06a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Accept-Ch: Sec-CH-UA-Model
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 61
Date: Tue, 20 May 2025 13:21:40 GMT
Content-Type: application/javascript
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

Cache-Control: no-cache
Location: https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=4d98402b53c885ed532f89218ff15b1&_fw_gdpr=&_fw_gdpr_consent=
Pragma: no-cache
x-sticky-vk: 1747747300325064-600
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=8, max=100
Date: Tue, 20 May 2025 13:21:40 GMT
Server: nginx

GET
H2 200 ImgSync Show response
image8.pubmatic.com/AdServer/ 0
42 B 80ms
15ms Script
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=165144&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dpubmatic%26uid%3D%23PMUID
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

date: Tue, 20 May 2025 13:21:38 GMT
content-length: 0

GET
H2 204 pixelSync Show response
pixel-sync.sitescout.com/dmp/ 0
210 B 96ms
22ms Script
text/plain 34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
via: 1.1 google
expires: Tue, 11 Oct 1977 12:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Tue, 20 May 2025 13:21:40 GMT
server: A

GET
H2 200 cookie Show response
cm.adform.net/ 35 B
474 B 113ms
26ms Script
image/gif 37.157.6.232
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL: https://cm.adform.net/cookie?gdpr=&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dadf%26uid%3D%24UID
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.6.232 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 20 May 2025 13:21:40 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 prebid Show response
rtb.openx.net/sync/ 43 B
267 B 117ms
19ms Script
image/gif 35.186.253.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dopenx%26uid%3D%24%7BUID%7D
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: private, max-age=0, no-cache, must-revalidate
pragma: no-cache
x-forwarded-for: 78.159.108.10
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 20 May 2025 13:21:40 GMT
content-type: image/gif
vary: Origin

GET
H/1.1

200
OK

cookie Show response
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://csync.loopme.me/?pubid=13984&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DLM%26uid%3D%7Bviewer_token%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=7a086b54-f0a6-4124-85a6-9409f6ffc361&gdpr_consent=null&gdpr=null

66 B
806 B

43ms
41ms

Script
application/javascript

212.36.83.245
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=7a086b54-f0a6-4124-85a6-9409f6ffc361&gdpr_consent=null&gdpr=null
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 3866c0a4e98a7987f3f1d6b90c2431155de4dcd40793abd315dfaae60468dc85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Access-Control-Expose-Headers: X-VD-C
Content-Encoding: none
Accept-Ch: Sec-CH-UA-Model
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 66
Date: Tue, 20 May 2025 13:21:40 GMT
Content-Type: application/javascript
Server: nginx
Access-Control-Allow-Headers: *

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=LM&uid=7a086b54-f0a6-4124-85a6-9409f6ffc361&gdpr_consent=null&gdpr=null
content-length: 0
date: Tue, 20 May 2025 13:21:40 GMT
server: _

GET getuid
ib.adnxs.com/ 0
0

GET
H/1.1 204
No Content sync.php Show response
pixel.rubiconproject.com/exchange/ 0
239 B 81ms
11ms Script
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=vidoomy&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
Pragma: no-cache
Content-Type: image/gif

GET v1
match.sharethrough.com/universal/ 0
0

GET
H2 200 server_match Show response
ad.360yield.com/ 43 B
199 B 133ms
34ms Script
image/gif 54.76.77.164
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ad.360yield.com/server_match?partner_id=2482&gdpr=&gdpr_consent=&us_privacy={USP}&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dimprove%26uid%3D%7BPUB_USER_ID%7D
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.77.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-77-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 20 May 2025 13:21:40 GMT
content-type: image/gif

GET
H2 204 pixel Show response
ap.lijit.com/ 0
193 B 135ms
33ms Script
text/plain 52.49.91.193
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dsovrn%26uid%3D$UID
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.49.91.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-91-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Tue, 20 May 2025 13:21:40 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

usersync.aspx Show response
dis.criteo.com/dis/
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=342&gdpr_consent=&gdpr=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCRITEO%26uid%3D%24%7BCRITEO_USER_ID%7D
https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFal...

43 B
363 B

62ms
15ms

Script
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d342%26redir%3dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCRITEO%2526uid%253D%2524%7bCRITEO_USER_ID%7d&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 210212
expires: Tue, 20 May 2025 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 20 May 2025 13:21:40 GMT
content-type: image/gif
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
location: https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d342%26redir%3dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCRITEO%2526uid%253D%2524%7bCRITEO_USER_ID%7d&gdpr=&gdpr_consent=&gpp=&gpp_sid=
content-length: 0
date: Tue, 20 May 2025 13:21:40 GMT
server: Kestrel
cross-origin-resource-policy: cross-origin

GET
H2 200 sync
x.bidswitch.net/ 43 B
183 B 125ms
21ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Tue, 20 May 2025 13:21:40 GMT
content-type: image/gif

POST
H/1.1 200
OK tag Show response
ad.vidoomy.com/api/adserver/tracking/ 28 B
459 B 141ms
70ms XHR
text/plain 212.36.83.216
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/tracking/tag?data=ZG9tYWluPXRoZWhlcmFsZC5jby56YSZmb3JtYXQ9MSZ1PWJmNmJjMGM5LWYyZjktNDhmZi04YTIyLTA5NWM0ZTg1YjEyOSZ6b25lSWQ9Mjg0NzMmcHZlcnNpb249NC4yLjEmdWlkPQ==
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash: 30760ba5ec1169343ff3a2a1433973ab93870e317dc6535ec867f82a76abe42d

Request headers

Referer: https://www.theherald.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json
Content-Transfer-Encoding: base64

Response headers

Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Transfer-Encoding: base64
Access-Control-Allow-Origin: https://www.theherald.co.za
Content-Length: 28
Date: Tue, 20 May 2025 13:21:40 GMT
Content-Type: text/plain; charset=utf-8
Server: nginx
Access-Control-Allow-Headers: *

OPTIONS
H/1.1 200
OK tag
ad.vidoomy.com/api/adserver/tracking/ Frame 0
0 110ms
41ms Preflight 212.36.83.216
AS_ADAM Adam EcoTech

General

Check archive.org

Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/tracking/tag?data=ZG9tYWluPXRoZWhlcmFsZC5jby56YSZmb3JtYXQ9MSZ1PWJmNmJjMGM5LWYyZjktNDhmZi04YTIyLTA5NWM0ZTg1YjEyOSZ6b25lSWQ9Mjg0NzMmcHZlcnNpb249NC4yLjEmdWlkPQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam EcoTech, S.A, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-transfer-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://www.theherald.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.theherald.co.za
Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Content-Length: 0
Date: Tue, 20 May 2025 13:21:40 GMT
Server: nginx

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1F7B 974 B
844 B 32ms
30ms XHR
application/xml 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6bf05d1d335b0e0c89d450d3497589c290f9d633231da7655117a81454b58460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "23da-5f762218eccb9-gzip"
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:40 GMT
access-control-allow-origin: https://www.theherald.co.za
content-length: 605
date: Tue, 20 May 2025 13:21:40 GMT
content-type: application/xml
vary: Origin, Accept-Encoding
server: Apache

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1F7B 974 B
843 B 32ms
30ms XHR
application/xml 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bea1d14ed7db6b7aa51711ceeabcdf0cb319091b8d69902f523f595ebb9d3e63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "23da-5f762218eccb9-gzip"
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:40 GMT
access-control-allow-origin: https://www.theherald.co.za
content-length: 604
date: Tue, 20 May 2025 13:21:40 GMT
content-type: application/xml
vary: Origin, Accept-Encoding
server: Apache

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1F7B 989 B
852 B 33ms
32ms XHR
application/xml 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7348f66d9c9f2fc6c1d45adb14b287fd7854123dc596da697815883abf9f9c1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "23da-5f762218eccb9-gzip"
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 20 May 2025 13:21:40 GMT
access-control-allow-origin: https://www.theherald.co.za
content-length: 613
date: Tue, 20 May 2025 13:21:40 GMT
content-type: application/xml
vary: Origin, Accept-Encoding
server: Apache

GET
H2 200 avjp Show response
vidoomy-d.openx.net/v/1.0/ Frame 1F7B 106 B
375 B 113ms
27ms XHR
application/json 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/avjp?auid=562178581&url=https://www.theherald.co.za/&vht=197&vwd=350&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A350%2C%22h%22%3A197%7D%7D%5D%7D&be=true&schain=1.0,1!vidoomy.com,63457,1,,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theherald.co.za/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.theherald.co.za
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 20 May 2025 13:21:40 GMT
content-type: application/json
server: OXGW/0.0.0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1F7B 0
284 B 81ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a2ead69f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.theherald.co.za/

Response headers

cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials: true
observe-browsing-topics: ?1
pmfcgi-resp: TRUE
access-control-allow-origin: https://www.theherald.co.za
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 May 2025 13:21:40 GMT
server: nginx

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame A26D 159 KB
38 KB 11ms
11ms Script
application/javascript 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=10800
content-encoding: gzip
etag: "27bcd-5f762218e8e3a-gzip"
accept-ranges: bytes
content-length: 38303
date: Tue, 20 May 2025 13:21:40 GMT
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 549B 44 KB
0 0ms
0ms Document
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=18657
content-encoding: gzip
content-length: 15624
content-type: text/html
date: Tue, 20 May 2025 13:21:38 GMT
expires: Tue, 20 May 2025 18:32:35 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A26D 44 KB
0 28ms
10ms Script
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=18657
content-encoding: gzip
expires: Tue, 20 May 2025 18:32:35 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 15624
date: Tue, 20 May 2025 13:21:38 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
content-type: text/html
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 549B 0
39 B 9ms
8ms Script
text/plain 103.231.98.107
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82402532&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.107 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 May 2025 13:21:40 GMT
content-length: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame A26D 27 B
126 B 13ms
12ms XHR
application/xml 103.231.98.110
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1&us_privacy=&cb=1747747300681&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.theherald.co.za%252F&screenResolution=1600x1200&kdntuid=1&vwndh=150&vwndw=0&vwndurl=https%253A%252F%252Fwww.theherald.co.za%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2025-5-20%2015:21:41&ranreq=0.7048317809195099&timezone=2&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.110 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: NGNADS /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

srv: SSP
cache-control: no-store, no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
pmfcgi-resp: TRUE
access-control-allow-origin: https://www.theherald.co.za
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 May 2025 13:21:41 GMT
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8
server: NGNADS

GET
H2 200 track
st.pubmatic.com/ Frame A26D 0
49 B 15ms
15ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747301&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:39 GMT

GET
H2 200 track
st.pubmatic.com/ Frame 1F7B 0
49 B 15ms
15ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747300&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:39 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 2004 159 KB
38 KB 12ms
12ms Script
application/javascript 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=10800
content-encoding: gzip
etag: "27bcd-5f762218e8e3a-gzip"
accept-ranges: bytes
content-length: 38303
date: Tue, 20 May 2025 13:21:41 GMT
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B252 44 KB
0 0ms
0ms Document
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=18657
content-encoding: gzip
content-length: 15624
content-type: text/html
date: Tue, 20 May 2025 13:21:38 GMT
expires: Tue, 20 May 2025 18:32:35 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2004 44 KB
0 0ms
0ms Script
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=18657
content-encoding: gzip
expires: Tue, 20 May 2025 18:32:35 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 15624
date: Tue, 20 May 2025 13:21:38 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
content-type: text/html
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B252 0
39 B 10ms
9ms Script
text/plain 103.231.98.107
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25327240&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.107 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 May 2025 13:21:41 GMT
content-length: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 2004 27 B
126 B 11ms
10ms XHR
application/xml 103.231.98.110
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2&us_privacy=&cb=1747747301300&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.theherald.co.za%252F&screenResolution=1600x1200&kdntuid=1&vwndh=150&vwndw=0&vwndurl=https%253A%252F%252Fwww.theherald.co.za%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2025-5-20%2015:21:41&ranreq=0.42613874782569516&timezone=2&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=2&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,&plcmt=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.110 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: NGNADS /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

srv: SSP
cache-control: no-store, no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
pmfcgi-resp: TRUE
access-control-allow-origin: https://www.theherald.co.za
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 May 2025 13:21:41 GMT
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8
server: NGNADS

GET
H2 200 track
st.pubmatic.com/ Frame 2004 0
49 B 15ms
15ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747302&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:41 GMT

GET
H2 200 track
st.pubmatic.com/ Frame 1F7B 0
49 B 17ms
16ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747300&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:40 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame C744 159 KB
38 KB 12ms
12ms Script
application/javascript 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,
Requested by: Host: www.theherald.co.za
URL: https://www.theherald.co.za/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: public, max-age=10800
content-encoding: gzip
etag: "27bcd-5f762218e8e3a-gzip"
accept-ranges: bytes
content-length: 38303
date: Tue, 20 May 2025 13:21:41 GMT
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A56A 44 KB
0 0ms
0ms Document
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

Referer: https://www.theherald.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=18657
content-encoding: gzip
content-length: 15624
content-type: text/html
date: Tue, 20 May 2025 13:21:38 GMT
expires: Tue, 20 May 2025 18:32:35 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C744 44 KB
0 0ms
0ms Script
text/html 2.19.105.41
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6758e303ab9f99541c823260f6f9c9356d8044357926cb2960ae563375a59a0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

cache-control: max-age=18657
content-encoding: gzip
expires: Tue, 20 May 2025 18:32:35 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 15624
date: Tue, 20 May 2025 13:21:38 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
content-type: text/html
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A56A 0
39 B 9ms
8ms Script
text/plain 103.231.98.107
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93620381&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.107 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 May 2025 13:21:41 GMT
content-length: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame C744 27 B
126 B 18ms
17ms XHR
application/xml 103.231.98.110
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,&us_privacy=&cb=1747747301903&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.theherald.co.za%252F&screenResolution=1600x1200&kdntuid=1&vwndh=150&vwndw=0&vwndurl=https%253A%252F%252Fwww.theherald.co.za%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2025-5-20%2015:21:42&ranreq=0.20163319728270612&timezone=2&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=197&vw=350&placement=1&vtype=1&vpos=1&vplay=2&plcmt=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.theherald.co.za%2F&schain=1.0,1!vidoomy.com,63457,1,,,1747747295862,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.110 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: NGNADS /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

srv: SSP
cache-control: no-store, no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
pmfcgi-resp: TRUE
access-control-allow-origin: https://www.theherald.co.za
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 May 2025 13:21:42 GMT
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8
server: NGNADS

GET
H2 200 track
st.pubmatic.com/ Frame C744 0
49 B 15ms
15ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747302&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:40 GMT

GET
H2 200 track
st.pubmatic.com/ Frame 1F7B 0
49 B 15ms
15ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1747747300&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

expires: 0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
pragma: no-cache
date: Tue, 20 May 2025 13:21:41 GMT

GET i
vid-io-iad.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-cle.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-iad.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-cle.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-iad.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-sin.springserve.com/vd/ Frame 1F7B 0
0

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 1F7B 43 B
0 312ms
98ms Image
image/gif 44.219.162.104

General

Check archive.org

Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_demand_opportunity&a_cc=s.715072-d.1554312&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=4471589
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.162.104 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.theherald.co.za/

Response headers

access-control-allow-origin: *
content-length: 43
date: Tue, 20 May 2025 13:21:42 GMT
content-type: image/gif
server: nginx
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS

GET i
vid-io-iad.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-cle.springserve.com/vd/ Frame 1F7B 0
0

GET i
vid-io-iad.springserve.com/vd/ Frame 1F7B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505150101&jk=2281585085642293&bg=!7O-l76DNAAaupMAtjqQ7ADQBe5WfOHmAJ9EoProAjWLfDDzHHDW7sdmfXV1HL1vy24AzzXyELIcPTtkfgk6apJ-o4p_IAgAAA7JSAAAAC2gBB34ANtMbjTwVmVy0hZgrZ46Kj_lmsfZE7s8TzjtQIFrLtyGfoxAGMZdPyOMb7AdYxx0yBdRzUZIOBpkCiDPqi-jNJv6cH89-1P_DJAqkgEnAzZeJ2Zt96pATmYbsf_rKG8roDpdVm46zA_ZDE00_lxMLY-ffFE5gTs3hazgEtKA3hWY4PbcAlpMm0D05tyiIhqMoqOw5erwyBTKWYBaU-b37oASzU2m3ukApwh3tyQGYxQbHXT_S0-OJlWI0DW8luTinMhIWOFVCP3_ORv-TI8dmJxiCUFVY9O9Tg5O9GxFGuhrNa8oifzWEgPNGicGl1wrDfh_ZEpoOo5zQSp4XM7PWslESfrYIjwh3JVdsM7vSjL8L6Epl1JYkEPMr2byflZ3N6Pf2Doqv8gUjZ5_0b8KeQjdUWfxXhFAX0ZfLD-j-b6LZ9YR0nvhg8owBnakwE_f6eD90fLuCKb1me7AuRs3WLsAEtM8i9zRGB3PwUmDSyVVA9HhARt0UQ4wL2uX7fgDsMcBWMoT0aEG4IeMz8tfMHaXysqeJaq-1E52VVJ7Shw_DeiW_3mnc_wbEcT7NtSwUB9e50PYposH_3Uqn5Ss6-FF5IRHFoQ-HJ9xb7JeaV9MNuvmgMF0heYXDxz8M7t_bD2iwWbYCiDuE2PAPoleWNtM6Gq8GPPCAPN_XQXUawHVSIY-rS9mZkpau1op5nfwrXkGfAFiIdrHN4NmvFjJ3u2oL8eH7WDsdDCNt9q5OWBKM68EYu_h7SW6O8Bbi8lOSy7g6DfHVIShfgLfz8UIKDk6LiqZjRcYmLyN76iQiy-rizeLDBApa_2ZMfdkbCGy66PgO6zby5T4YNVAXU40iMqdC3yfGrr1J8CY9MrFkwAVz5C7jPO0gi6KIHpoyRGxTdoW_CtiVegzRiOaZ4heQhhEtbK-5CAac2UE-gdgGcWU3wQ

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505150101&jk=1462403258596683&bg=!TE-lTwDNAAaupMAtjqQ7ADQBe5WfOLEP52T0KX0FclvJGwrk6PRu_hElxXsuc5qgG-rUPATC9eCwpV0hy_iEep6yBi2qAgAAAtRSAAAABWgBB34ANkBRbm9Wb1dSN3_AcCxKcWmVr3p8B_cZ15PL8dD0nwtLPdsLZUDesWry3do5eX25cZF9ddMchJkClDRad1TBZ3W6pRI55DRhM3ay8mwIP1RgpuUHuM8bZb8LEYjJLz9VUlL7SOyT_X_vPgfvXmRJeqnhNWDaJ9G9i8HBHdE2YCH8gO3t5uWMjfk2W3IznWZnFVD1CErHfzE2NWQwb7lIIRgbuX6xjX2TKZA9dtxUqD19jeRZcIRBVnXrNMiFzbY3O6OFlhiP2AgXx1LuUnFqPiaOqruBpdW1RKMLQm8ZRj4QS1ZmjFtzCK8sbzmeAWyHMxdqAxoncrseUJSZOHe4B6YCMYO6A6RkdRH9001JK4aDAOgArJJKcaITkRwfTajsTrMpcK9Ty0DVZNuFWv9ea9L0zrCbTvFlWOO4LMANJt4kAlUyfCAln4Vo6nACpfZk6w2m8Gs9gmVV3BJzWAS_hZeZJXVXa1kGqSp-5k2bvadzfYq3CcO87WfBTXf53ZHdF-6eSsKllSy5yi5xcnsLvlB0kiLCfstFItAjiMihDiAL1CgyrH1ej61gWBK75abZYy28YcBc69ya57uU-UOJSWxNZCy4HKChM7F8QsjLSKGDOSYk9p_QDdKjvtnn19ZQ5UFfCEpjzyZ_pW0Q2FRZomemeE5l772JnHbPS6PsbHt-PTNH-T26zh25V_-ZZF0XLH0H3ZK6GQISWFTgvMZiZQUICTaf7bU2W327EZKAKKzQHjTgV2-CpN230bugMiXZ4A_1NsOAYo8sLZvstNBRswmeqqJoD63wZLXXBmetfYm5uRxCD_hedFMHMblu_FcZLTlXGVY-ZepNro3IHim6la91JzdnhrhUn8YK4VSZK92gUzlMUmarhwPRWWP9bkTrbmqjJeE_g9TJqjiQb9wh5sm1gTw5CrLfbAZEO6MM1IiAFGPxeVOIJltHuaizzA

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505150101&jk=143987815703217&bg=!ERKlEl3NAAaupMAtjqQ7ADQBe5WfOKXPmB_hL8uwFieRg10HLdbg__VKY3gWC9etgBK0Um2wivIQGZcxGd6O1NQibjJPAgAAAq1SAAAAB2gBB34ANsjxNiefjHWT1AZw1UYklNV6vGNXRvvF253kGohdGJCOYcB_681kWvDaF7V4T3xzHASa8HXQ5goAjKlZQxwogmJKAnMoc2vHgX5DPAHEWKwKkWlM3-BrUs3c5wEW00fpY2HMKnIPBOCiRuIcuqm8Fq36dotzBtEJPDkN5Kvxfe8adA0xDDBDpJX04ji4bA5LES9UNQzJkGFesEQPeJhBak59vh2M8vj7OuKB5t4fmNMFrJXRH-bEb47FmppbEWwgthKz4jG0mQKwvHZcRYwLrVwhV9xICLDRHpgsBAzsPcUunK7u85-qh6oiz4O5d1b-TUudio5dGyqeu-8C2aNotcduNga1Y74t3XfzvBZEFKElwMAAnW-8CWVRstPBSvMwBHkiBEzigyptBWJAJYlYxpZM_Aa8EA8lrSf0SHyObggwI038q4oq92PR-UJn3EHL_qm3wDcNLcIKmpYvLsJhjNoH8W0gPCPO8UXh7GZSHbqnzzpGASvT5ye17YuTnn46_70solFJK5zIVj3ZKlVqmtirXyBpeUvlkmpZypXVq_XiSw9aUcWJNn-fsd0bcxQuJ-N6BX3sc0NxbvYL3-WRf27_TzAF-YAjOZN1y8XBYKwIcW5XDAhvZ7JxoBdWfn_eGWjuzi7k2HhPVZj1o1TvLbvbD6R3hKwTks48RgU13wvHuNTag90gXndSScAWC68XcgaR7EzaPPNyJQE8XA6995rFpr_M-ZztKfxch6EP7inrtA10w4QMEXIO81Ik5J5BVocYkaRo85zC7vlV9E48peTaqbuASBQ4DY_DizFMt2AcoMHGkK-eoiLnoMbSATiZaUmgICFPH1qJaQQjvR1eveXNdQOwOZeLdaSr9fhYINGkhnL5WMnhS03oEWdcOe4SibXOd5nD2uITs1CvWyVmHb5frCK58VWd8w9M9xeJ3L2K9CqhKC8V9Y3UTJbsAkT9MITlZtmFNJla-hJjor9J48DG2aeMbRwNTtKifZ82sZCyEsVNQULON03vnmvmJ1FWnjGcTs-iK3se-dYSQiN0UcHwOMvdbuaAMtCeRe37Nrw4azrHOQdN4aw3wAwLrMqFoH8mKGyOpke-Y08neq8WkE4cpkjFCB2TP9g2U-PFm62KSlNse5Kp8Ya20JSptqRxM21mtNne15cgPz1uOvi7h4Y_95_4KJ3aDA

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505150101&jk=8358118525104512&bg=!7e6l7qHNAAaupMAtjqQ7ADQBe5WfOPqcjODLx0X8zHpo2G1ZWERNiwWGvGZoIYARZqOK6iIPiGincsLBCB_gVCu4nrMiAgAAAnJSAAAABWgBB34ANqm_xPS0qrsPT8jQTMRIFl-52ZMp28VS2NcOn9mMUPnmvMUAlbQJFeyIwahvVvFVMsTIyUVdMpkCbUu4bcMINi8r8yqQKPJTgA7tVkzOW_ND4__-G5tBCGzizZrPAfryQ6CeB_SaRx87e7HL_k4sJ1lnQcBoVqIAGtB429KLKlI8DezrOtZuzkwd-oru8E753Yt1EVvMelFhBwGM5cgD8KVSW7jmRvv51EukoPkwSZOJkD8KMunv8hQBdX0ePJ_3hpwcKoxYetX2-bMoa_P7zqNpSm-Hi9eZLCIEQyuM4bWcby7OQAmNsuePxE1M6UJmOmAUrnI64HDFzzoLApFLWFCKygPVbsCSjgZUKNrmgyg-LnA82kOsuDGmSJbyyYWx-1LZZArHkN2hIWhxh6WSKaTFHMQ07lXrKn8qGQwfLdFSI-os73QE3bY0RvnPONb1Emnxdz8G2NJAM-Lx_WtTlwRB_ZGW3U9onsqozo6gXwxq3vJV3_aE1234p_zX9W1O6yMy6ZVheSuspFCo7iB2sql2JDm3ih_JIAGH9wvOmfmaNeZ2Vwt526d6r5_oNxoNtNQiyvgemDAAgVdGMKPy0IE5AIGrFRwxOjx-R5TkeMxkZIDJeJzOrVqfKv78LgZH6o90M3im153m-HQX5QWsu46NhdqrOvklGuSmAdKrV1fIJrvrIeaAM9msgYvmTmYKHV1ik3xashI6DObJYSIOJWUbyLQ69LyQhrT3WDLNovkCyf27pjZwPHkNWoeeMyAp2P8Z-sLut38ZHoj1qRPUvXhSu4S1Kw8BQ668RfLPx6HMxE3zBGJkZQsBf3CO0Du18KYLZOW_WWJd6Ymii2sg76mKIF_ENWkUgEBVAyK-19CCCDEwr-orOUP2N9SfiB3uuXxbCesM8Q

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505150101&jk=6877100148549309&bg=!kJOlk9zNAAaupMAtjqQ7ADQBe5WfOEuGDHmSjeNmeme-z7P141FGJafiU7su6BY0zfx7bJ7M0IOdSIuUYwDiW1QeJ2lmAgAAAaNSAAAACGgBB34ANrBdSEoYkaA1gf6YEZDr8Z32GmsmMPyvungu4f5T0txZ-NsYd2Y5J-9vOOl1WBcLqTh2WrUtzpkCWjnK9KKjz86_nKc1zdv8B8cdjzWqRycNfLLUH3uezmuaJhdCJxXhZGkAXV3Du2WWF9gV9MXR8VkIvPBfMm0toqTxTjCUTUbF61aul5DAjb611ySbnwo5zU5_XU8u75kk4CbNa_Zf7d0mrr2uN8KJhjSoJdLbFnY8_LQjg5zr24_UKwdZSaBXh09scRtZxAB0mME1P27QprQt7pAQc-1XEUmqKOUQRstTbV6uBOJVVSom8UybKV-8olz-gfJVAHTvNKtZ7nXvn38V159kDCAV3JcspVv06alvn3lqRmlg6zy0Fz3_sSWdmQQGRWL8dykLnwSX-Iyc1ABAPeqP1jA22hWohTBqevXExJUDiGFzG5R8Mkfd4oLi1p49YT5VGZL7_w9hlWGK5In4CVK9OHeuth7mgsCbhYdMyka7RHeTmgstj-ASIRxTB-Tnle7HBqFdwCPcPU5p8XgK8w0vka6sKOglT2NPpxuoSOFLPS6Ezqja8q-leAdSKN4JPdBVteG_xUme0z5jtbBzcnDa-Qy7BpAkCjhFxP6S24oPKhywh6Ko6jLkmVuePoCRycOc-eAKmb1IB9NMWKTwFJwNouxcxYkMSn8U5gIGcvrbtjD4ziuSgM0_qlTz_RhgzCK64OdWv8wJS9XTettvFrCfO3uWprgtFyAkXBhAT0YTBQncNJ1P9vSKSHIyowsM1fqmXz4qOLh5N-70YRzGksVZN1oRNzKf9mIXN94KgAgG6KmgoQOixXqCP1zExk_pFn2EpaJv_7nyVVN0toTDAW489ZKnTijN87IXJWVvuluU

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=null&gpp_sid=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent=

Domain: banner.vic-m.co
URL: https://banner.vic-m.co/adserver/delivery/combine-13.php?type=javascript&files=vicinity.js,spcjs.php&zoneIds=2462&r=2565454779888443&adItem=banner_1&zone_id=2462&width=320&height=120&loctype=geoip&vicinity_id=5d7c9981-4e0f-484e-80a4-5b11265c0f3a&acceptedLocReq=0&l=&version=13&url=https://www.theherald.co.za/&wbdb=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dxandr%26uid%3D%24UID&gdpr=&gdpr_consent=

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/universal/v1?supply_id=YITCrBqH&gdpr=&gdpr_consent=

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_opportunity&time_on_page=5&num_bq_pt=1&num_dt_pt=5&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&a_cc=s.715072&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=5343401

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.1183021&dtidx=1&cc_i=0&response_time=59&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=2937432

Domain: vid-io-cle.springserve.com
URL: https://vid-io-cle.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_demand_opportunity&a_cc=s.715072-d.1183021&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=5235944

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.1554312&dtidx=1&cc_i=0&response_time=74&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=7210087

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.437974&dtidx=1&cc_i=0&response_time=75&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=7065804

Domain: vid-io-cle.springserve.com
URL: https://vid-io-cle.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.1560378&dtidx=1&cc_i=0&response_time=117&has_ad=false&reason=HB_BID_ERROR&wrapper_count=0&dtype=0&bp=null&bf=1&vec=1301&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=4754854

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.1560334&dtidx=1&cc_i=0&response_time=133&has_ad=false&reason=HB_BID_ERROR&wrapper_count=0&dtype=0&bp=null&bf=0.5&vec=1301&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=6935

Domain: vid-io-sin.springserve.com
URL: https://vid-io-sin.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_demand_error&a_cc=s.715072-d.1183021&dtidx=1&cc_i=0&response_time=638&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=8992909

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_demand_error&a_cc=s.715072-d.1554312&dtidx=1&cc_i=0&response_time=611&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=9885583

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_demand_opportunity&a_cc=s.715072-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=6226675

Domain: vid-io-cle.springserve.com
URL: https://vid-io-cle.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_demand_error&a_cc=s.715072-d.437974&dtidx=1&cc_i=0&response_time=622&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=5836543

Domain: vid-io-iad.springserve.com
URL: https://vid-io-iad.springserve.com/vd/i?suuid=96370794&ps_id=715072&event=js_supply_error&time_on_page=1938&reason=NO_FILL&timeout=false&timestamp=1747747302465&_dsp_bf_cur=UNKNOWN&ip=78.159.108.10&_disyn=1&ssid=d16a0794-aa51-4bfb-b156-3e54041eb3ab.1747747295862&uuid=96370794-aa50-45d1-8bcc-2ec7041eb2bf&url=https%3A%2F%2Fwww.theherald.co.za%2F&did=9e843697-ffe8-1b9d-d18e-9d5241c8dea9&_rcc=bs.337002_vp.261572&d=theherald.co.za&w=350&h=197&cc=DE&dtnum=1&ss_region=dub&a_cc=s.715072&d_m=www.theherald.co.za&d_ms=d_wla&ds_w=350&ds_h=197&ds_ms=client&in_v=0&cb=3883256

Verdicts & Comments Add Verdict or Comment

102 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theherald.co.za/	1969-12-31 23:59:59	Name: session Value: eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3cudGhlaGVyYWxkLmNvLnphLyJ9\|1747747288\|a27112184656905fdad00e3b0ded8b3c48cb2c41
.theherald.co.za/	1970-01-21 07:38:43	Name: _fbp Value: fb.2.1747747290485.428853559499355235
.theherald.co.za/	1970-01-21 05:30:33	Name: _gid Value: GA1.3.789460829.1747747291
.theherald.co.za/	1970-01-21 05:29:07	Name: _gat_UA-2619645-1 Value: 1
.theherald.co.za/	1970-01-21 15:05:07	Name: _ga Value: GA1.1.2075885676.1747747291
.theherald.co.za/	1970-01-21 15:05:07	Name: _ga_BWERR8GS85 Value: GS2.1.s1747747291$o1$g0$t1747747291$j0$l0$h0
.theherald.co.za/	1970-01-21 15:05:07	Name: _ga_JNNJWFKJ2E Value: GS2.1.s1747747291$o1$g0$t1747747291$j60$l0$h0$dLl5lkqggCtCCDFtEjVSFeFteeMrlLxtLng
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: S8aC-kcJMNA
.youtube.com/	1970-01-21 09:48:19	Name: VISITOR_INFO1_LIVE Value: bKNTX7DQHOg
.youtube.com/	1970-01-21 09:48:19	Name: VISITOR_PRIVACY_METADATA Value: CgJVQRIEGgAgbQ%3D%3D
.theherald.co.za/	1970-01-21 09:48:19	Name: __eoi Value: ID=ffe8c402c973681c:T=1747747290:RT=1747747290:S=AA-AfjZspEYXIsQmblxQY83j_Xtd
.youtube.com/	1970-01-21 09:48:19	Name: __Secure-ROLLOUT_TOKEN Value: CL7qhZ25zK_J4QEQkMbag5KyjQMYoY-ghJKyjQM%3D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e9853851b7d5c955
.id5-sync.com/	1970-01-21 07:38:43	Name: id5 Value: aec9ae6d-98b5-7301-b315-7d1f546c12b4#1747747295323#1
.google.com/	1970-01-21 09:52:38	Name: NID Value: 524=oFwdfuK2HUy_K_R1IG6Zy76kRX1q-e2-OYl-EhmM5rfKFiaEKwTHdRl7pYYOTO5YYZfpRM38rnjzNtgJcs9E-DPEiKUQZbm0uKtTJOqHWgtyhqo3U2q2Ggd_rD2H_Aen7GuAZWDR5kS9i-M320fVNXvLMqCKE1XFm5ujNphSGt2snRyOwZGHl2EqJ7X_aINjuA
.springserve.com/	1970-01-21 06:09:26	Name: ssid Value: d16a0794-aa51-4bfb-b156-3e54041eb3ab
.springserve.com/	1970-01-21 06:09:26	Name: sst Value: 1747747295862
.rubiconproject.com/	1970-01-21 14:14:43	Name: khaos Value: MAWJM4EK-3-FVNS
.rubiconproject.com/	1970-01-21 14:14:43	Name: audit Value: 1\|yQuirGeEF6DIbEEdgyxKGnmo7cEicpjuGNA3Fw2KU+MhSYS/rOk8QK+KnGivDdBHCaUn2CXF+S2i0usiU4u0iego3qk0EBdLIZE5xoQF+eG+xUA9sgf/4b7FQD2yB//hsqlSNZOaaDQ=
.theherald.co.za/	1970-01-21 14:57:55	Name: _cb Value: DoVL__BF4rPuCE1OhS
.theherald.co.za/	1970-01-21 14:57:55	Name: _chartbeat2 Value: .1747747296343.1747747296343.1.kZkLujdNFyDixhY8D5JGFpBblQqw.1
.theherald.co.za/	1970-01-21 05:29:09	Name: _cb_svref Value: external
www.theherald.co.za/	1970-01-21 15:05:07	Name: vicinity_id Value: 5d7c9981-4e0f-484e-80a4-5b11265c0f3a__1807747236548
.ads.stickyadstv.com/	1970-01-21 06:12:19	Name: UID Value: 4d98402b53c885ed532f89218ff15b1
.ads.stickyadstv.com/	1970-01-21 05:49:16	Name: uid-bp-30833 Value: 1
.fwmrm.net/	1970-01-21 09:48:19	Name: _uid Value: umv19e0_7507137684706298141
.ads.stickyadstv.com/	1970-01-21 06:55:31	Name: uid-bp-36033 Value: umv19e0_7507137684706298141
.ads.stickyadstv.com/	1970-01-21 06:55:31	Name: MRM_UID Value: umv19e0_7507137684706298141
.doubleclick.net/	1970-01-21 14:50:43	Name: IDE Value: AHWqTUkxriwy9cLVI9ey8o6XsZ45ZYzpJ4VV195HAehB8Bfedkq6B7wnpv_D9I7s1yc
.ads.stickyadstv.com/	1970-01-21 06:55:31	Name: uid-bp-159 Value: CAESEHv1UCTh915qB1pQNBHYMOM
.csync.loopme.me/	1970-01-21 07:41:36	Name: viewer_token Value: 7a086b54-f0a6-4124-85a6-9409f6ffc361
.adform.net/	1970-01-21 06:55:31	Name: uid Value: 446842274564836552
.vidoomy.com/	1970-01-21 14:14:43	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkZXIjp7InVpZCI6IjRkOTg0MDJiNTNjODg1ZWQ1MzJmODkyMThmZjE1YjEiLCJleHBpcmVzIjoxNzUwMzM5MzAwfSwiTE0iOnsidWlkIjoiN2EwODZiNTQtZjBhNi00MTI0LTg1YTYtOTQwOWY2ZmZjMzYxIiwiZXhwaXJlcyI6MTc1MDMzOTMwMH19fQ==
.ads.pubmatic.com/	1970-01-21 05:30:33	Name: KCCH Value: YES

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/1b376dba/www-widgetapi.vflset/www-widgetapi.js(Line 189) Message: Unrecognized feature: 'web-share'.
rendering	warning	URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A07023030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A023030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D023030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A04023030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0700A030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0400A030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A00A030C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://www.theherald.co.za/ Message: Refused to execute script from 'https://pixel.rubiconproject.com/exchange/sync.php?p=vidoomy&gdpr=&gdpr_consent=&us_privacy=' because its MIME type ('image/gif') is not executable.
security	error	URL: https://www.theherald.co.za/ Message: Refused to execute script from 'https://cm.adform.net/cookie?gdpr=&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dadf%26uid%3D%24UID' because its MIME type ('image/gif') is not executable.
security	error	URL: https://www.theherald.co.za/ Message: Refused to execute script from 'https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dopenx%26uid%3D%24%7BUID%7D' because its MIME type ('image/gif') is not executable.
security	error	URL: https://www.theherald.co.za/ Message: Refused to execute script from 'https://ad.360yield.com/server_match?partner_id=2482&gdpr=&gdpr_consent=&us_privacy={USP}&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3Dimprove%26uid%3D%7BPUB_USER_ID%7D' because its MIME type ('image/gif') is not executable.
security	error	URL: https://www.theherald.co.za/ Message: Refused to execute script from 'https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d342%26redir%3dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCRITEO%2526uid%253D%2524%7bCRITEO_USER_ID%7d&gdpr=&gdpr_consent=&gpp=&gpp_sid=' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175a0e6cdb287b3f5069fb5f26333812.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
58f127365b86c752f4ebb37b51516556.safeframe.googlesyndication.com
75e38b2366c40d591f399ff35c036b05.safeframe.googlesyndication.com
a.vidoomy.com
ad.360yield.com
ad.vic-m.co
ad.vidoomy.com
ad2.vic-m.co
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
analytics.google.com
ap.lijit.com
applets.ebxcdn.com
b3f89b6acdddaeb78ea3929abc893ffb.safeframe.googlesyndication.com
bam.nr-data.net
banner.vic-m.co
bid.g.doubleclick.net
cdn.id5-sync.com
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csync.loopme.me
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
dis.criteo.com
dl.iono.fm
embed.iono.fm
ep1.adtrafficquality.google
ep2.adtrafficquality.google
f016eece0c8046c262f62835c5b793fd.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forecast7.com
gcdn.2mdn.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
iframe.iono.fm
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
jnn-pa.googleapis.com
js-agent.newrelic.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
leo.vic-m.co
lh3.googleusercontent.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
optimized-by.rubiconproject.com
p2.iono.fm
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
play.google.com
r1---sn-5hne6nzy.c.2mdn.net
r2---sn-4g5lzner.c.2mdn.net
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
spadsync.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
st.pubmatic.com
static.chartbeat.com
static.doubleclick.net
static.vic-m.co
stats.g.doubleclick.net
tpc.googlesyndication.com
vid-io-cle.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
vid.pubmatic.com
vid.springserve.com
vidoomy-d.openx.net
vpaid.pubmatic.com
vpaid.springserve.com
vpaid.vidoomy.com
weatherwidget.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.ua
www.googletagmanager.com
www.gstatic.com
www.theherald.co.za
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ads.stickyadstv.com
banner.vic-m.co
ep1.adtrafficquality.google
ib.adnxs.com
match.sharethrough.com
vid-io-cle.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
103.231.98.107
103.231.98.110
104.17.24.14
108.129.4.74
108.177.96.120
13.245.71.255
13.58.45.4
135.125.140.162
135.125.146.80
142.250.181.238
142.250.184.195
142.250.184.225
142.250.184.226
142.250.185.100
142.250.185.130
142.250.185.65
142.250.186.97
142.250.74.194
142.251.173.155
15.197.193.217
157.240.0.35
157.240.0.6
162.19.138.120
162.247.243.29
164.90.242.8
172.217.132.166
172.217.16.129
172.217.16.193
172.217.16.206
172.217.18.10
172.217.18.2
172.67.129.169
172.67.181.105
172.67.212.172
178.250.1.9
185.64.189.112
185.64.189.221
188.40.16.162
198.47.127.18
2.19.105.41
2001:41d0:701:1000::4c1f
2001:4860:4802:32::3
2001:4860:4802:36::181
209.38.182.90
212.36.83.216
212.36.83.245
216.58.206.65
216.58.206.66
216.58.206.78
217.182.178.228
2600:9000:2057:e400:17:2922:12c0:93a1
2600:9000:206f:a200:15:6f6c:b180:93a1
2600:9000:223d:8800:19:c363:bec0:93a1
2600:9000:2646:6800:18:1fcd:354:4b41
2602:816:5001::39
2606:4700:10::6816:3456
2606:4700:3034::ac43:d4ac
2607:ae80:4::50
2a00:1450:4001:15::7
2a00:1450:4001:801::200a
2a00:1450:4001:802::2016
2a00:1450:4001:806::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:80f::2013
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2006
2a00:1450:400c:c1d::9b
2a02:2638:3::3a
2a02:2638:3::c
2a02:6ea0:c700::19
2a02:6ea0:ca3a::4
3.223.154.108
3.69.181.162
34.251.13.38
34.36.216.150
34.8.2.179
35.156.131.204
35.186.253.211
35.214.136.108
35.214.177.147
35.244.159.8
37.157.6.232
44.219.162.104
51.195.115.36
51.195.126.30
51.195.127.100
51.195.127.115
51.195.34.220
51.195.34.222
51.195.73.113
51.195.73.74
51.89.9.253
52.49.91.193
54.76.77.164
54.77.207.102
69.173.144.139
74.125.162.71
98.82.157.137
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03e1ee9aeba4ad828e28642ba80b4a4e67bf21c7dacf46b6941968be182be4e5
06b3b1cf2707a488df2615229eaa8492aea59d069a5f59efdc4a5466951f872b
09c1718f98f43e0d4991844650eefac1459a39b3817fa8e09960425e0e3055ae
0b574c1700ee835003e8b69479c6245863f3d804f67d84904ff6b515c10937e5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dcab0765de8b009361f988cd6784591a5e2c4b4445db4403d30596f3f6e632c
0ee4c81206453ca46bf299eb3cde05ca8a79a00dbfa336c7b31f273173ccd8b4
0f11e821fddb3ce64e0def18af4d17815f5989b6b4ade07f6c4781dad32f6c28
0f4f56bfce5ff18e68651739fce4c9f44d6f14c391def219dd25cdaa60f41384
0f854a49a2ba9e28c4a00d5e58eff4aff45f07043366e2a2114c49974a322b10
109736135dc84f02f379825bd2b48998e17068eaf1f085df5f52e80537a4257d
1105a0b479a63d5678d955eeac868d9fd5534bd8d4bac6ee72787858e3cdb0c9
129c089c73ec2a7aad58d699f700d4c3b437354405d0bf86981f39cb53789c03
1337e9b25996ae42d2067918d0e79d4484e5708be19f58f8288ce2d36cc590fa
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
15fce230b1703e8559fa88b5bb7ef99d51c1ec981cbbb221e3231a02877d97b1
1657584221779c9f6943c52bb7fba23376c18be3e021da4168fab39d8bb7863a
18c8b61485fcaad0a1729b7034c89ad9ce302b91beb0ae6a9762a5b38d3c853c
1a1d7c890039158bdc69bd81bfe35f7280684bdb6ec736ce251a2839cf8495db
1b8fe388977dc868f48e91c2bacf4bc0600d05f8e75bc6261742cf5de824b983
1bcc8ed415233139faf208a7929bc97d1e66f1bd3255e7e53562b10b8d440aec
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2012901a6939007a0b9f25c3c802a453797005cae17dd21b5268c535eb5c341a
204bb7d09fb2beeeceaf6554c2a4ed08c023d52fc4ea840c33fdce92dda26450
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
2173b3cdda0cf2ff27fd43be01305db012504dcce029dd86fffdd6e3bdcec00c
22f0236a1073c0d16927513a9a01d8fe12858f56a66f983ac79f034351386c2d
2881c67b59c0189eacfad0fb581b084cf47fd66917547a9d2752ddd1a036f255
28f84a5da577a1727b91c00ad1e8b55edd66a2fc114badc00ee8bc6c6d64b213
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba7024308

www.theherald.co.za 2a00:1450:4001:80f::2013 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

www.theherald.co.za
2a00:1450:4001:80f::2013 Public Scan Open in urlscan Pro