www.bigonwild.co.za Open in urlscan Pro
196.41.130.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bigonwild.co.za/category/blog/
Submission: On March 20 via api (March 20th 2024, 1:55:22 am UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 13 domains to perform 110 HTTP transactions. The main IP is 196.41.130.157, located in South Africa and belongs to OPTINET, ZA. The main domain is www.bigonwild.co.za.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.

This is the only time www.bigonwild.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	196.41.130.157 196.41.130.157	12258 (OPTINET) (OPTINET)
4	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	3.160.150.63 3.160.150.63	16509 (AMAZON-02) (AMAZON-02)
1 2	52.51.32.100 52.51.32.100	16509 (AMAZON-02) (AMAZON-02)
1 1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
110	19

23 196.41.130.157 (South Africa)

ASN12258 (OPTINET, ZA)
PTR: cpt-cpanel-07.mweb.co.za

www.bigonwild.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-63.fra60.r.cloudfront.net

a.impactradius-go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.32.100 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-32-100.eu-west-1.compute.amazonaws.com

travelstart.zwjlk6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	902 KB
23	bigonwild.co.za www.bigonwild.co.za	2 MB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 898 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8336 csm.eu.criteo.net — Cisco Umbrella Rank: 7168	119 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	227 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7102 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13637 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9036	47 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	9 KB
2	zwjlk6.net 1 redirects travelstart.zwjlk6.net	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	5 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1728	257 B
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 9079	534 B
1	impactradius-go.com a.impactradius-go.com — Cisco Umbrella Rank: 45642	63 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	80 KB
110	13

	Domain	Requested by
37	pagead2.googlesyndication.com	www.bigonwild.co.za pagead2.googlesyndication.com tpc.googlesyndication.com
23	www.bigonwild.co.za	www.bigonwild.co.za
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
10	fonts.gstatic.com	fonts.googleapis.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.googleapis.com	www.bigonwild.co.za pagead2.googlesyndication.com
3	www.gstatic.com	pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	travelstart.zwjlk6.net	1 redirects www.bigonwild.co.za
1	csm.eu.criteo.net	ads.eu.criteo.com
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	pagead2.googlesyndication.com
1	ads.eu.criteo.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.ojrq.net	1 redirects
1	a.impactradius-go.com	www.bigonwild.co.za
1	www.googletagmanager.com	www.bigonwild.co.za
110	19

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
youtube.com
travelstart.zwjlk6.net
superbthemes.com

Subject Issuer	Validity	Valid
bigonwild.co.za R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.impactradius-go.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-07`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.bigonwild.co.za/category/blog/
Frame ID: 899F895339AB0600622E8749A5FED152
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&adk=1812271804&adf=3025194257&lmt=1710899717&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C188x540_r&format=0x0&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717053&bpp=7&bdt=1067&idt=168&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7848299677362&frm=20&pv=2&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: 862487758E27BD82187CCD0414CBEF74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
Frame ID: DE4E295EA1210931F86DFAC21D6928C7
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
Frame ID: BA0DC84DC7EAC7088ACCB019FDE3DB71
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Frame ID: DD4690D9BF65B3C71B495245BA51DC2D
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19
Frame ID: 2D5FDC5E6DFCE556356634E993D2BDE8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 4B9C395BA1356B12EB896B64910DFDAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html
Frame ID: 131E4F41B75A37CEC6BD9E896C13D041
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfpCBQAJTMwH_ZNjAAc-1Hn33YJI1ryEctYN4A&u=%7C0rt66guK9Ws0O4q%2FRnlE7I7s7ZZ2kXA%2BF4u8Vz2ulkI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy9X0VE5931RGJtz5JHYPiYe1fKHqoEFtCUKR8-MMXXTy4b-d_o54fWKem87njyXXTbGabcElefnXdXbxSuC5yT8kHRyj6lgiB9V5bX78EBFXEV62NiieklrpHtQwNgoJXPxUGUNUJ5J2V0KIAN-DUR8CxWEo_DOwHxGYsrzBOLl8RP4wxvZ2PFGcIJC5MpHQqgjE2PptfOr0FHkS4zdwtLw2sHDh1BzvOMweZLLR9PajSZY2LvSZv4CkrmM2NXdBmR-mi06SHnKquvHVBXzDhBvC0QMSZkhTNdEpqiSjxMpC0K_1KINU2yYoEdhV7gnjG37EP0SENZ2catinmmaR9u2T8wTVdo2ITfEXO4KD685faMHbkg4SPSBJ24peqP_vSLc1qOEJCXl1YstXTOVyhA6SceFrKbU_4WSu8a8u4JNkR43qNQchs3rLz04weJRxkeiNjkWl0gA5C5G6e5wKqN5MpTYA67mmFKJQIzu4UYkdsfxwDExLxiW06g57PWs0Kb8KbuBWOhExVlBW_9IxvUg10ojXNNArlQKOlS-7Lbu6K4RO2VmQifQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfsrBUL6ZcyZJeOm9u8P1P2cyA3JntKxXJXJlPdwwI23ARABIABglQKCARdjYS1wdWItOTkzNjYzMDk4MDEyNTA5NMgBCakCmkDlQE4xsj6oAwHIAwKqBJMCT9D5unbBqUmR-zXU5rUFHunxOMuQWC-Kurciqkf4z1G-BVHYpTRYa3kS6hS1-U58cRA2TGvdwVde3b3CRv5M2761o9084-O6mmZ9jqfSwMZ3Sz1HOSXkbu-c0muoWOp_Sg1SgWDgpjGSLcE_Y4GNRXlhAjAub4wA31eflbGkqNC2GtWr-NNLb2rmsdzuqf3sEZ3mb3rMWjOLLZ3ROSnW5wnQYpxIvtQDyLgcXLRSO9BMgZ_NNS7IRRNmeONzDfPAAvCAH0ntvHfoXyv7ZarWYH1Ao0-XhWZ66gWEmKZfHHxPWbTjgb8wS3uQ5RFkIAKjMgFsYPNVA5QtrzMlE1-UwarXzs1fhrhhHYX3vqYND2egZnmABuLXhqSKgJujDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCgIkeGAcBABMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WJCYqI_egYUD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sD0g3aRSqAu9PLEnS9OrPejG0pA%26client%3Dca-pub-9936630980125094%26adurl%3D
Frame ID: F00F6C69795259EC5B31824B825701F6
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: E34CC2567D9265D26ED9F62D0D98FCC9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: E7027B85218AC08A5A001FE8F0864BC1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 0C3A6BBCDCCB9963A5F0FE95D6DE8353
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BED7886064E86CE07D868670E6CC504
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BLOG – Big on Wild

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

110
Requests

98 %
HTTPS

74 %
IPv6

13
Domains

19
Subdomains

19
IPs

5
Countries

3709 kB
Transfer

5669 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/bigonwild
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/big_on_wild
Title: Instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/bigonwild
Title: YouTube

Search URL Search Domain Scan URL

URL: http://travelstart.zwjlk6.net/c/1214309/1440070/5446

Search URL Search Domain Scan URL

URL: https://superbthemes.com/
Title: SuperbThemes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://travelstart.zwjlk6.net/i/1214309/1440070/5446 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Ftravelstart.zwjlk6.net%2Fi%2F1214309%2F1440070%2F5446%3Flevel%3D1%26srcref%3Dhttps%253A%252F%252Fwww.bigonwild.co.za%252F&cid=5446&tpsync=no&auth=57055636e60c9886 HTTP 302
https://travelstart.zwjlk6.net/i/1214309/1440070/5446?level=1&srcref=https%3A%2F%2Fwww.bigonwild.co.za%2F&brwsr=e65fc65a-e65c-11ee-8919-77b8679c26a2&brwsrsig=zflwe-ThZQgmTPq2jO0KrXwLSMRVeM

110 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bigonwild.co.za/category/blog/ 65 KB
65 KB 1886ms
856ms Document
text/html 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 18ae0c174a271d3e82802628858778eb8115292a0cbb8b06a94a097675a05406

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 01:55:15 GMT
link: <https://www.bigonwild.co.za/wp-json/>; rel="https://api.w.org/", <https://www.bigonwild.co.za/wp-json/wp/v2/categories/6>; rel="alternate"; type="application/json"
server: Apache

GET
H2 200 style.min.css
www.bigonwild.co.za/wp-includes/css/dist/block-library/ 108 KB
108 KB 410ms
410ms Stylesheet
text/css 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Wed, 31 Jan 2024 00:24:00 GMT
server: Apache
accept-ranges: bytes
content-length: 110147
content-type: text/css

GET
BLOB 200
OK 4355fdf5-5437-4b8c-aeb9-b321711b73f3
https://www.bigonwild.co.za/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bigonwild.co.za/4355fdf5-5437-4b8c-aeb9-b321711b73f3
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 font-awesome.min.css
www.bigonwild.co.za/wp-content/themes/personalblogily/css/ 30 KB
30 KB 410ms
409ms Stylesheet
text/css 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/themes/personalblogily/css/font-awesome.min.css?ver=6.4.3
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Wed, 14 Sep 2022 10:17:29 GMT
server: Apache
accept-ranges: bytes
content-length: 31000
content-type: text/css

GET
H2 200 style.css
www.bigonwild.co.za/wp-content/themes/personalblogily/ 38 KB
38 KB 411ms
410ms Stylesheet
text/css 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/themes/personalblogily/style.css?ver=6.4.3
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 8ce4108fb1a8a40ca5e76584efd945e9b348f6c84a2cd5e138d32c4bfaef0e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Wed, 14 Sep 2022 10:17:29 GMT
server: Apache
accept-ranges: bytes
content-length: 39277
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 84ms
32ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.4.3

Requested by

Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df7691a8f4418bb41eac88b770c6a246868d345fa09fbc39bf8851ae645973f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 01:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 01:41:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 01:55:16 GMT

GET
H2 200 public.css
www.bigonwild.co.za/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
1 KB 220ms
220ms Stylesheet
text/css 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Tue, 06 Sep 2022 12:45:36 GMT
server: Apache
accept-ranges: bytes
content-length: 1057
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.bigonwild.co.za/wp-includes/js/jquery/ 86 KB
86 KB 410ms
410ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Wed, 08 Nov 2023 00:26:09 GMT
server: Apache
accept-ranges: bytes
content-length: 87553
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.bigonwild.co.za/wp-includes/js/jquery/ 13 KB
13 KB 409ms
409ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Wed, 09 Aug 2023 00:23:54 GMT
server: Apache
accept-ranges: bytes
content-length: 13577
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
80 KB 92ms
39ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NFP5FQK

Requested by

Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6e22d64c8b4d5953a94f39b8b0575bd20a295fe776d5e2b0dd5a7df397fa6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Mar 2024 01:55:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 108ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9936630980125094&host=ca-host-pub-2644536267352236

Requested by

Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7b336681550c485865a29632db501b77f679be30e14c463f24fc65f7ec69749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Origin: https://www.bigonwild.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51242
x-xss-protection: 0
server: cafe
etag: 167357463411007425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 20 Mar 2024 01:55:16 GMT

GET
H2 200 cropped-Untitled-design-3-1.png
www.bigonwild.co.za/wp-content/uploads/2022/09/ 17 KB
17 KB 869ms
869ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2022/09/cropped-Untitled-design-3-1.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 0604b682a01afc20cc714c188a8a5f9f8cb370e2e1e9662cf1ccc965458e090d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Tue, 06 Sep 2022 12:56:29 GMT
server: Apache
accept-ranges: bytes
content-length: 17091
content-type: image/png

GET
H2 200 Untitled-design-6-850x479.png
www.bigonwild.co.za/wp-content/uploads/2021/09/ 452 KB
453 KB 410ms
409ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/Untitled-design-6-850x479.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: f2d3cf79ee0efe9296c50cfd195687b134f17afc643219cba622c297b378721f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Tue, 06 Sep 2022 12:49:17 GMT
server: Apache
accept-ranges: bytes
content-length: 463093
content-type: image/png

GET
H2 200 Untitled-design-7-850x479.png
www.bigonwild.co.za/wp-content/uploads/2021/09/ 540 KB
540 KB 862ms
861ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/Untitled-design-7-850x479.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 21cf0bfb23fc6cb8710079c1cba197834d8bed5a884dd4873f42404373ccfea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:16 GMT
last-modified: Tue, 06 Sep 2022 12:48:56 GMT
server: Apache
accept-ranges: bytes
content-length: 553019
content-type: image/png

GET
H2 200 IMG_0725-850x674.jpg
www.bigonwild.co.za/wp-content/uploads/2021/09/ 62 KB
62 KB 416ms
415ms Image
image/jpeg 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/IMG_0725-850x674.jpg
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 21ae75ea935671b87b6fdb614f908e67290b1d29b635dc439f78b1621a01e093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:31 GMT
server: Apache
accept-ranges: bytes
content-length: 63393
content-type: image/jpeg

GET
H2 200 navigation.js Show response
www.bigonwild.co.za/wp-content/themes/personalblogily/js/ 3 KB
3 KB 415ms
415ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/themes/personalblogily/js/navigation.js?ver=20170823
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Wed, 14 Sep 2022 10:17:29 GMT
server: Apache
accept-ranges: bytes
content-length: 2967
content-type: application/javascript

GET
H2 200 skip-link-focus-fix.js Show response
www.bigonwild.co.za/wp-content/themes/personalblogily/js/ 685 B
715 B 434ms
433ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/themes/personalblogily/js/skip-link-focus-fix.js?ver=20170823
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Wed, 14 Sep 2022 10:17:29 GMT
server: Apache
accept-ranges: bytes
content-length: 685
content-type: application/javascript

GET
H2 200 jquery.flexslider.js Show response
www.bigonwild.co.za/wp-content/themes/personalblogily/js/ 53 KB
53 KB 430ms
430ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/themes/personalblogily/js/jquery.flexslider.js?ver=20150423
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Wed, 14 Sep 2022 10:17:29 GMT
server: Apache
accept-ranges: bytes
content-length: 54630
content-type: application/javascript

GET
H2 200 script.js Show response
www.bigonwild.co.za/wp-content/themes/personalblogily/js/ 4 KB
4 KB 431ms
430ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-content/themes/personalblogily/js/script.js?ver=20160720
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Wed, 14 Sep 2022 10:17:29 GMT
server: Apache
accept-ranges: bytes
content-length: 3858
content-type: application/javascript

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 100ms
50ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bigonwild.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:58:26 GMT
x-content-type-options: nosniff
age: 64610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:58:26 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 91ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bigonwild.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 02:38:45 GMT
x-content-type-options: nosniff
age: 83791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 02:38:45 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bigonwild.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:38:30 GMT
x-content-type-options: nosniff
age: 112606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 18:38:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 112ms
62ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bigonwild.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:54:13 GMT
x-content-type-options: nosniff
age: 64863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:54:13 GMT

GET
H2 200 Untitled-design-8-850x479.png
www.bigonwild.co.za/wp-content/uploads/2021/09/ 513 KB
514 KB 415ms
414ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/Untitled-design-8-850x479.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: e9ac10dd256e07cb0d3f1d47de1ef1252aad1a2211066bf382fa23bd34094bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:46 GMT
server: Apache
accept-ranges: bytes
content-length: 525755
content-type: image/png

GET
H2 200 image3-850x541.jpeg
www.bigonwild.co.za/wp-content/uploads/2021/09/ 94 KB
94 KB 414ms
413ms Image
image/jpeg 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/image3-850x541.jpeg
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: b6c3794592f3b9cd21a0314a00c772381fae9c2e5b2f81ca8a0420573f0e36ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:17 GMT
server: Apache
accept-ranges: bytes
content-length: 96218
content-type: image/jpeg

GET
H2 200 Untitled-design-6-150x150.png
www.bigonwild.co.za/wp-content/uploads/2021/09/ 39 KB
39 KB 415ms
414ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/Untitled-design-6-150x150.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 99017850c36c87f4e6a277be3499836d812867a4540625ea441f9aee01ad36b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:49:03 GMT
server: Apache
accept-ranges: bytes
content-length: 40081
content-type: image/png

GET
H2 200 Untitled-design-7-150x150.png
www.bigonwild.co.za/wp-content/uploads/2021/09/ 48 KB
48 KB 610ms
609ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/Untitled-design-7-150x150.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: fc0bb4c63390d75ed3ceaa180167bba780a58eee849804944daa6b2e65b1537b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:50 GMT
server: Apache
accept-ranges: bytes
content-length: 49086
content-type: image/png

GET
H2 200 IMG_0725-150x150.jpg
www.bigonwild.co.za/wp-content/uploads/2021/09/ 5 KB
5 KB 610ms
609ms Image
image/jpeg 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/IMG_0725-150x150.jpg
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 69f7c9cc787c09c2bed8d9c1cc5ec28d9cd570fb06c19f5eb4cfd4e9ab52b0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:31 GMT
server: Apache
accept-ranges: bytes
content-length: 5172
content-type: image/jpeg

GET
H2 200 Untitled-design-8-150x150.png
www.bigonwild.co.za/wp-content/uploads/2021/09/ 42 KB
42 KB 396ms
396ms Image
image/png 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/Untitled-design-8-150x150.png
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: f6454b24fbb31634f0e39f02808d7ab61982209a981fd5e5312c9da17fcefbb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:37 GMT
server: Apache
accept-ranges: bytes
content-length: 43198
content-type: image/png

GET
H2 200 image3-150x150.jpeg
www.bigonwild.co.za/wp-content/uploads/2021/09/ 19 KB
19 KB 414ms
414ms Image
image/jpeg 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigonwild.co.za/wp-content/uploads/2021/09/image3-150x150.jpeg
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 963eac4f093c46d94499209d3e9cabf85fc9976fc8696e45f28b4737bf42b369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Tue, 06 Sep 2022 12:48:17 GMT
server: Apache
accept-ranges: bytes
content-length: 19185
content-type: image/jpeg

GET
H2 200 5446-1440070
a.impactradius-go.com/display-ad/ 63 KB
63 KB 537ms
475ms Image
image/jpeg 3.160.150.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.impactradius-go.com/display-ad/5446-1440070
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3b094d766bdafcf994c9de526db059884feaa93afb66f9b0f2a1fdab3490656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
via: 1.1 98845fbd1cb14abbe9d464a4caf17976.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 09:11:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
etag: "190def8f8cb22f7fc545285ca4a0404b"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public,max-age=900,s-maxage=600
accept-ranges: bytes
content-length: 64130
x-amz-cf-id: KEMGV7uuFZNpQp0blLpArkY0Bo3BIZMa_fpUkFWegYKsa7swcSrdAg==

GET
H2

200

5446
travelstart.zwjlk6.net/i/1214309/1440070/
Redirect Chain

https://travelstart.zwjlk6.net/i/1214309/1440070/5446
https://www.ojrq.net/p/?return=https%3A%2F%2Ftravelstart.zwjlk6.net%2Fi%2F1214309%2F1440070%2F5446%3Flevel%3D1%26srcref%3Dhttps%253A%252F%252Fwww.bigonwild.co.za%252F&cid=5446&tpsync=no&auth=570556...
https://travelstart.zwjlk6.net/i/1214309/1440070/5446?level=1&srcref=https%3A%2F%2Fwww.bigonwild.co.za%2F&brwsr=e65fc65a-e65c-11ee-8919-77b8679c26a2&brwsrsig=zflwe-ThZQgmTPq2jO0KrXwLSMRVeM

50 B
762 B

48ms
48ms

Image
image/gif

52.51.32.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travelstart.zwjlk6.net/i/1214309/1440070/5446?level=1&srcref=https%3A%2F%2Fwww.bigonwild.co.za%2F&brwsr=e65fc65a-e65c-11ee-8919-77b8679c26a2&brwsrsig=zflwe-ThZQgmTPq2jO0KrXwLSMRVeM
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Server: 52.51.32.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-32-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 01:55:17 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
content-length: 50
expires: Wed, 20 Mar 2024 01:54:08 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2024 01:55:17 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://travelstart.zwjlk6.net/i/1214309/1440070/5446?level=1&srcref=https%3A%2F%2Fwww.bigonwild.co.za%2F&brwsr=e65fc65a-e65c-11ee-8919-77b8679c26a2&brwsrsig=zflwe-ThZQgmTPq2jO0KrXwLSMRVeM
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Wed, 20 Mar 2024 01:55:17 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 89ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RWE7W2G4NH&gtm=45Pe43i0v893202221za200&_p=1710899716874&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=44879777.1710899717&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710899717&sct=1&seg=0&dl=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&dt=BLOG%20%E2%80%93%20Big%20on%20Wild&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2943
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NFP5FQK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 01:55:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bigonwild.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/ 407 KB
138 KB 106ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9936630980125094&plah=www.bigonwild.co.za&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9936630980125094&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b43a7eb2f0f2ba8efa75b30fcb83860a0563ff2a7f355e83bf1531c4a875fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141425
x-xss-protection: 0
server: cafe
etag: 16755622000935168398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 01:55:17 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 8624 116 KB
22 KB 227ms
227ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&adk=1812271804&adf=3025194257&lmt=1710899717&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C188x540_r&format=0x0&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717053&bpp=7&bdt=1067&idt=168&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7848299677362&frm=20&pv=2&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=184

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9936630980125094&plah=www.bigonwild.co.za&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81ff7d4d4daee39b1cc1029bec60df9828bafa89b2bb42992be1dfa5eebb3266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 22588
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 01:55:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame DE4E 116 KB
39 KB 727ms
727ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b4f55bdb59d4739aedbca6a4f84c43de0ab15dadeb93df5dedc2dba42563ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40042
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 01:55:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wp-emoji-release.min.js Show response
www.bigonwild.co.za/wp-includes/js/ 18 KB
18 KB 222ms
221ms Script
application/javascript 196.41.130.157
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigonwild.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: www.bigonwild.co.za
URL: https://www.bigonwild.co.za/category/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 196.41.130.157 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: cpt-cpanel-07.mweb.co.za
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/category/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
last-modified: Thu, 30 Mar 2023 00:24:24 GMT
server: Apache
accept-ranges: bytes
content-length: 18692
content-type: application/javascript

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/ 166 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4357689004ee8dfae68d1bf62533865eed06e7797ef209de496725cce07dcea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57451
x-xss-protection: 0
server: cafe
etag: 569457315017370234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 01:55:17 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame BA0D 117 KB
39 KB 521ms
521ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19e42e626860c07c88da45cd83110a68a44816b825e72e4d9267b4cf9e4def30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40087
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 01:55:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame DD46 117 KB
39 KB 527ms
526ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9450e070c1e3f294c6b160ddf7b3203097a98569d0be0307f007255958155a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 01:55:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 2D5F 35 KB
14 KB 293ms
292ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef4c88c386a10dc8d62e95ea744025695dc05abfd1708188e5393ee851f533ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14275
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 01:55:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 4B9C 9 KB
4 KB 177ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:35:58 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:35:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/ Frame 131E 9 KB
4 KB 171ms
24ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240314/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 00:35:58 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 00:35:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 2D5F 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame 2D5F 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:42 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2D5F 206 KB
62 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 02:12:42 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F00F 131 KB
46 KB 178ms
90ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfpCBQAJTMwH_ZNjAAc-1Hn33YJI1ryEctYN4A&u=%7C0rt66guK9Ws0O4q%2FRnlE7I7s7ZZ2kXA%2BF4u8Vz2ulkI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy9X0VE5931RGJtz5JHYPiYe1fKHqoEFtCUKR8-MMXXTy4b-d_o54fWKem87njyXXTbGabcElefnXdXbxSuC5yT8kHRyj6lgiB9V5bX78EBFXEV62NiieklrpHtQwNgoJXPxUGUNUJ5J2V0KIAN-DUR8CxWEo_DOwHxGYsrzBOLl8RP4wxvZ2PFGcIJC5MpHQqgjE2PptfOr0FHkS4zdwtLw2sHDh1BzvOMweZLLR9PajSZY2LvSZv4CkrmM2NXdBmR-mi06SHnKquvHVBXzDhBvC0QMSZkhTNdEpqiSjxMpC0K_1KINU2yYoEdhV7gnjG37EP0SENZ2catinmmaR9u2T8wTVdo2ITfEXO4KD685faMHbkg4SPSBJ24peqP_vSLc1qOEJCXl1YstXTOVyhA6SceFrKbU_4WSu8a8u4JNkR43qNQchs3rLz04weJRxkeiNjkWl0gA5C5G6e5wKqN5MpTYA67mmFKJQIzu4UYkdsfxwDExLxiW06g57PWs0Kb8KbuBWOhExVlBW_9IxvUg10ojXNNArlQKOlS-7Lbu6K4RO2VmQifQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfsrBUL6ZcyZJeOm9u8P1P2cyA3JntKxXJXJlPdwwI23ARABIABglQKCARdjYS1wdWItOTkzNjYzMDk4MDEyNTA5NMgBCakCmkDlQE4xsj6oAwHIAwKqBJMCT9D5unbBqUmR-zXU5rUFHunxOMuQWC-Kurciqkf4z1G-BVHYpTRYa3kS6hS1-U58cRA2TGvdwVde3b3CRv5M2761o9084-O6mmZ9jqfSwMZ3Sz1HOSXkbu-c0muoWOp_Sg1SgWDgpjGSLcE_Y4GNRXlhAjAub4wA31eflbGkqNC2GtWr-NNLb2rmsdzuqf3sEZ3mb3rMWjOLLZ3ROSnW5wnQYpxIvtQDyLgcXLRSO9BMgZ_NNS7IRRNmeONzDfPAAvCAH0ntvHfoXyv7ZarWYH1Ao0-XhWZ66gWEmKZfHHxPWbTjgb8wS3uQ5RFkIAKjMgFsYPNVA5QtrzMlE1-UwarXzs1fhrhhHYX3vqYND2egZnmABuLXhqSKgJujDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCgIkeGAcBABMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WJCYqI_egYUD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sD0g3aRSqAu9PLEnS9OrPejG0pA%26client%3Dca-pub-9936630980125094%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bccc99a7f796311376b5be6aa7ddfe8b2efa779e629ec74aabc6c31531bbd9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pagead2.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 01:55:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=B2Lzn5D8AHj7F9bjjWPwYCPgNipZJd8QBHipT-OoQuX8NvQ7f6rj7qZHPce4cvBzV-ErUyz5coQtwyvydLbfAQdVPmAE6PVwdmKddsEU7O3okzeZB_Jfm_mId1sRC0U1Hq7J5Vsj-i0BfojWu6HyNBGGWWoXqDORVMpxSWgAYZEi_SOITFooATsridjTGgPNs2atz7FbO-UMIvgzZxw2PPz-mXluUj4i8_YWkr4q8UmzwuFk38eLCfRfwNCHflN2ibA1FQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 44040596
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2D5F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e6b0ec88f5a2dc1ad7b13176f365020c044776b0e8e8669a8d94f737bc7105

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 2D5F 0
19 B 57ms
56ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CxSwVBUL6ZcyZJeOm9u8P1P2cyA3JntKxXJXJlPdwwI23ARABIABglQKCARdjYS1wdWItOTkzNjYzMDk4MDEyNTA5NMgBCakCmkDlQE4xsj6oAwHIAwKqBJACT9D5unbBqUmR-zXU5rUFHunxOMuQWC-Kurciqkf4z1G-BVHYpTRYa3kS6hS1-U58cRA2TGvdwVde3b3CRv5M2761o9084-O6mmZ9jqfSwMZ3Sz1HOSXkbu-c0muoWOp_Sg1SgWDgpjGSLcE_Y4GNRXlhAjAub4wA31eflbGkqNC2GtWr-NNLb2rmsdzuqf3sEZ3mb3rMWjOLLZ3ROSnW5wnQYpxIvtQDyLgcXLRSO9BMgZ_NNS7IRRNmeONzDfPAAvCAH0ntvHfoXyv7ZarWYH1Ao0-XhWZ66gWEmKZfHHxPWbTjgb8wS3uQpxNFsoIw4jzKsNSPj7TECz0CGeme77JVegViIEreA6nvJmyZL46ABuLXhqSKgJujDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCgIkeGAcBABMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WJCYqI_egYUDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk5MzY2MzA5ODAxMjUwOTQYAA&sigh=VjHEjF_EWQs&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 01:55:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 2D5F 0
126 B 120ms
35ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=mPzSGbr5RIsGmAKdg2ICAgAAAN_Wi1-t6SsSEARC-mXfwQuEFHYomxVdAAASAAAKCkFRVUJBUUVCQVHTpR2fN7IT_V_qffBEMXW3&wp=ZfpCBQAJTMwH_ZNjAAc-1Hn33YJI1ryEctYN4A&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:17 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 124413
server: Kestrel
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DE4E 4 KB
775 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 01:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 00:02:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 01:55:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame DE4E 2 KB
822 B 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame DE4E 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame DE4E 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame DE4E 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:42 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DE4E 206 KB
62 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 02:12:42 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame DE4E 36 KB
15 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:44:59 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15732097773305340160/ Frame DE4E 24 KB
24 KB 89ms
25ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15732097773305340160/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18558f5bde036dd9cb2dce5fe8a8b53326ebe51a7a73110e0c76238e68afb298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 18 Mar 2025 13:43:05 GMT
date: Mon, 18 Mar 2024 13:43:05 GMT
x-content-type-options: nosniff
age: 130333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24279
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 16:22:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4993217691887194574/ Frame DE4E 10 KB
11 KB 86ms
22ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4993217691887194574/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8709e26d61bab50cdc652883fa5428c94fd2a23b41deed8901c12902da97355a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 03:31:58 GMT
date: Tue, 19 Mar 2024 03:31:58 GMT
x-content-type-options: nosniff
age: 80600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10418
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 23:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame DE4E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38bfdaa069c9531e61af61c835c4d96c38d461ab9807a059b317265b34513043

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DE4E 16 KB
16 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 113110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 18:30:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DE4E 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options: nosniff
age: 65391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:45:27 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F00F 2 KB
1 KB 124ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfpCBQAJTMwH_ZNjAAc-1Hn33YJI1ryEctYN4A&u=%7C0rt66guK9Ws0O4q%2FRnlE7I7s7ZZ2kXA%2BF4u8Vz2ulkI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy9X0VE5931RGJtz5JHYPiYe1fKHqoEFtCUKR8-MMXXTy4b-d_o54fWKem87njyXXTbGabcElefnXdXbxSuC5yT8kHRyj6lgiB9V5bX78EBFXEV62NiieklrpHtQwNgoJXPxUGUNUJ5J2V0KIAN-DUR8CxWEo_DOwHxGYsrzBOLl8RP4wxvZ2PFGcIJC5MpHQqgjE2PptfOr0FHkS4zdwtLw2sHDh1BzvOMweZLLR9PajSZY2LvSZv4CkrmM2NXdBmR-mi06SHnKquvHVBXzDhBvC0QMSZkhTNdEpqiSjxMpC0K_1KINU2yYoEdhV7gnjG37EP0SENZ2catinmmaR9u2T8wTVdo2ITfEXO4KD685faMHbkg4SPSBJ24peqP_vSLc1qOEJCXl1YstXTOVyhA6SceFrKbU_4WSu8a8u4JNkR43qNQchs3rLz04weJRxkeiNjkWl0gA5C5G6e5wKqN5MpTYA67mmFKJQIzu4UYkdsfxwDExLxiW06g57PWs0Kb8KbuBWOhExVlBW_9IxvUg10ojXNNArlQKOlS-7Lbu6K4RO2VmQifQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfsrBUL6ZcyZJeOm9u8P1P2cyA3JntKxXJXJlPdwwI23ARABIABglQKCARdjYS1wdWItOTkzNjYzMDk4MDEyNTA5NMgBCakCmkDlQE4xsj6oAwHIAwKqBJMCT9D5unbBqUmR-zXU5rUFHunxOMuQWC-Kurciqkf4z1G-BVHYpTRYa3kS6hS1-U58cRA2TGvdwVde3b3CRv5M2761o9084-O6mmZ9jqfSwMZ3Sz1HOSXkbu-c0muoWOp_Sg1SgWDgpjGSLcE_Y4GNRXlhAjAub4wA31eflbGkqNC2GtWr-NNLb2rmsdzuqf3sEZ3mb3rMWjOLLZ3ROSnW5wnQYpxIvtQDyLgcXLRSO9BMgZ_NNS7IRRNmeONzDfPAAvCAH0ntvHfoXyv7ZarWYH1Ao0-XhWZ66gWEmKZfHHxPWbTjgb8wS3uQ5RFkIAKjMgFsYPNVA5QtrzMlE1-UwarXzs1fhrhhHYX3vqYND2egZnmABuLXhqSKgJujDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCgIkeGAcBABMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WJCYqI_egYUD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0sD0g3aRSqAu9PLEnS9OrPejG0pA%26client%3Dca-pub-9936630980125094%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F00F 2 KB
1 KB 125ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F00F 308 B
637 B 122ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F00F 293 B
621 B 126ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F00F 43 B
348 B 118ms
32ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TpQbVyWAo-FZMGMtlB5t4HZGEaRWt8srgacZeTZYjOVZozNenyz8Vq6a5eX7VuCEF8pBxkvVE3nV13iRrnmUTb7idSXXdSgWY5xwpTWxgf5uu1cbT1zlmi2SVd-zjPzSqrPMkysfPCvbpUjJxb1o-bmQqmrUynqdMIgomBIJ_QtWGNeQk0U_r5H62oqXIi51qLTCm8FTv7Mpk74zT6VwOCzH33CWk2pNiYKRaixvFiwlyczFXbRD9G6EqbMtcTHMrsG3SnKL_LdWStUQzBgciWiMAFA6N36tXhcDZID-J1SN-LjnhfT7P45c6tbEBhaCuPvhx0qkUQDRv4kUQLrpR61M0ui0KKG19AdxHyFIW7d6vHmG8VsgDTLpPBwRQxQgI2bt1kQ0QxYCEH2S0fgBWSVdbl8McL1zCAh5bh9Ngf-B0Jmk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 01:55:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1693531
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA0D 4 KB
679 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 01:06:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 01:55:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame BA0D 2 KB
822 B 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame BA0D 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame BA0D 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame BA0D 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:42 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BA0D 206 KB
62 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 02:12:42 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame BA0D 36 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:44:59 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame DE4E 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CEZGuBUL6ZYS7EOaK7_UPpYCKeOTlgZl2pOnom9wR2dkeEAEg_cq0VmCVAqAB84_7qSnIAQmpAppA5UBOMbI-qAMByAPLBKoEogJP0GJyNAiK34154sZZ3q9t965UgjgDOGdkQDHbcNJOf2gMnevA3Jz0XDelCGWJUgCwkFiUthHyYugarrcvEI_nxAwGNyG3dvEgklxbA8jvSl9EdFDo99cnU3hLhVeMQ79YaYbatiQnaQeSlgUJ69776AvrVg7v8ejqhlscGNUysKkZZhgR5lgw1n2L3QFwndHewVb6AkKrAys_u0cJfgomqLu-xS92dmTZsQw82Ym5hiL1oypzVvP4O9MfTrCekrxtOuuQmCIxjNe1DLtlx9pIBHxGS-Jqz-Xehvxt1hOCAOXEnPJKJnTSzHbNa1sS-opouo46d0hUs6iz_icsZF-9pFuV3xX3a5L8VCiHXwMS4EZ-KBm9wY5N8WJ4ZfMrZt8CP8AEsri8z6AEiAXK-IvlS5IFBAgEGAGSBQQIBRgEoAYugAfzx8uJBKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEENPeCtIIKgiR4YBwEAEYHzIH64uA4L-ADToIAICAgICAlChIvf3BOljRtJOP3oGFA5oJnwFodHRwczovL2RlLnNob2Zhc3QuY29tL2Rzcj9xPXdhcmVob3VzZSUyMG1hbmFnZW1lbnQlMjBzb2Z0d2FyZSZhc2lkPXNmX2NoNDM1JmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwd2FyZWhvdXNlJTIwbWFuYWdlbWVudCUyMHNvZnR3YXJlJmFjPTKACgHICwG4E-QD2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTk5MzY2MzA5ODAxMjUwOTQYALIYCRICsV8YLiIBAA&sigh=S5Hji1w_QqY&uach_m=%5BUACH%5D&ase=2&template_id=484&cbvp=2&vis=1&nis=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 01:55:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame E34C 52 KB
20 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:48:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:48:54 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F00F 12 KB
5 KB 84ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 44872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoeSakr8r1OZHArP8saWAJDDJmGjXhDYgz3h2C6kDq%2Fu6s5J5VChGNYZHt74iwYWNgq0smhl38fr6LOskj4I3M7z5b9nwQwq1Zm1gziFGFXk6g2GdS6g0oTB9A5I0mcarDXTJlj6bJ6bBP%2F9Rxjt8xy7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 867214469f33bbda-FRA
expires: Mon, 10 Mar 2025 01:55:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DD46 4 KB
679 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 00:09:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 01:55:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame DD46 2 KB
822 B 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/ Frame DD46 23 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/abg_lite_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame DD46 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 17:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 17:54:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/ Frame DD46 20 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Apr 2024 19:33:42 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DD46 206 KB
62 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 02:12:42 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame DD46 36 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:44:59 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15732097773305340160/ Frame BA0D 13 KB
13 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15732097773305340160/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84e236db7d112844c0ce7be08dbc9a5cbed52af65544c56702ce3eda22cadbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 18 Mar 2025 13:44:24 GMT
date: Mon, 18 Mar 2024 13:44:24 GMT
x-content-type-options: nosniff
age: 130254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13449
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 16:22:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4787201946102440511/ Frame BA0D 7 KB
7 KB 27ms
26ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4787201946102440511/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dcf2f2f68cae89462c755099974c86fec1314ea65b61295feebe9f96cb7b4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 09:20:37 GMT
date: Tue, 19 Mar 2024 09:20:37 GMT
x-content-type-options: nosniff
age: 59681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7112
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 20:21:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F00F 12 KB
6 KB 83ms
59ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F00F 71 KB
71 KB 167ms
76ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=50716&q=80&r=2&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRY3LDsIgEAB_xey5gBr1wK-IaXDZvmwLYZc0sem_W714mdNMZgXOCBY6kcTWGWeWZdFDxI5mxdgt1L8p60DOpBxDQVENUXCG69P5crzpIbWHfzz5ftYsXnrUA09BtTmWpDFOznhmEnamDtT4Mkpd0hh9qJ8FXyTONLugCj0pzx47KXOrfgt1-k6ggmYUsPcVMoFdAXNMYK8V7JRcaNse2wc.jpg&v=3&w=800&rid=4&s=wnFlJXY86ioSRq2aruCNwBh_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e114490516cfb94f077f3d0e7cbd6174fcf32923b873e930f3076d3ac4707749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 72852
expires: Tue, 04 Mar 2025 06:54:07 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F00F 0
128 B 137ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=B2Lzn5D8AHj7F9bjjWPwYCPgNipZJd8QBHipT-OoQuX8NvQ7f6rj7qZHPce4cvBzV-ErUyz5coQtwyvydLbfAQdVPmAE6PVwdmKddsEU7O3okzeZB_Jfm_mId1sRC0U1Hq7J5Vsj-i0BfojWu6HyNBGGWWoXqDORVMpxSWgAYZEi_SOITFooATsridjTGgPNs2atz7FbO-UMIvgzZxw2PPz-mXluUj4i8_YWkr4q8UmzwuFk38eLCfRfwNCHflN2ibA1FQ&sds=2&rev=91140.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Mar 2024 01:55:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F00F 2 KB
1 KB 55ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F00F 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16357660976642874340/ Frame DD46 28 KB
29 KB 34ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16357660976642874340/14763004658117789537

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f88cca171fe919c301685893d8da2375ce02125266be32dac2ee6f1427c392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 18 Mar 2025 22:08:43 GMT
date: Mon, 18 Mar 2024 22:08:43 GMT
x-content-type-options: nosniff
age: 99995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29139
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 09:20:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12412536725761401162/ Frame DD46 5 KB
5 KB 32ms
19ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12412536725761401162/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 13:42:35 GMT
date: Tue, 19 Mar 2024 13:42:35 GMT
x-content-type-options: nosniff
age: 43963
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4885
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 13:31:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame BA0D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d20184cd007fd1ff4bbb6ba42dc8de566c26a920e8d3a83af5c96fbf1dfb780

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA0D 16 KB
16 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 113110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 18:30:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA0D 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options: nosniff
age: 65391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:45:27 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame BA0D 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CrGKJBUL6ZcbgJJ6k9u8Pls6P0Azk5YGZdqTp6JvcEdnZHhABIP3KtFZglQKgAfOP-6kpyAEJqQKaQOVATjGyPqgDAcgDywSqBKcCT9Do7qBB9mhFxKaXlqtuvCas-e_653_o6fqU-JQzF5lT9-z0ZDO8JovsqYGcECfRFBoJixOCPZ7tPJNMAlQizM6FRvQPBRv6sOp4Vek51YvH9qwS7vKB8HwmAi135YeCk1GLmSM8ZMIp02Y6CW7ea5Y73HX7GwI0hARqjd1d4rfQuh7AVYyOJCmyfAAGLdTUJthN3jnWWh_vjgo71vOi37RvVSj6ui6pRrR5wtAdfN14Yzo2TBe2WGPsGzyvWZjSWWR6BotqDi-fSS5Ox8SB9mivZDjIq7YHTTswxsdN44ZhwydFgeKhhmHCTWTEG2SNmkoxfAClAF48S7oMiprbB7Y2xgT6uB70Vr0v74knotYjPGgBe0dDf84Xtg2_h267uG_e_M-WIcAEsri8z6AEiAXK-IvlS5IFBAgEGAGSBQQIBRgEoAYugAfzx8uJBKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEEOjPAtIIKgiR4YBwEAEYHzIH64uA4L-ADToIAICAgICAlChIvf3BOliD1KeP3oGFA5oJnwFodHRwczovL2RlLnNob2Zhc3QuY29tL2Rzcj9xPXdhcmVob3VzZSUyMG1hbmFnZW1lbnQlMjBzb2Z0d2FyZSZhc2lkPXNmX2NoNDM1JmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwd2FyZWhvdXNlJTIwbWFuYWdlbWVudCUyMHNvZnR3YXJlJmFjPTKACgHICwG4E-QD2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTk5MzY2MzA5ODAxMjUwOTQYALIYCRICsV8YLiIBAA&sigh=6iagG2KuZr4&uach_m=%5BUACH%5D&ase=2&template_id=484&cbvp=2&vis=1&nis=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 01:55:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame E702 52 KB
20 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=2850496063&pi=t.aa~a.2938596761~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1581&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:48:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:48:54 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame F00F 2 KB
900 B 37ms
37ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame F00F 2 KB
899 B 38ms
38ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
DATA 200
OK truncated
/ Frame DD46 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 940f56a4f7af4ad6c33916ad210b0e9cea8e3e08211b0721dfcb4a84ab1140d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD46 16 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 113110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 18:30:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD46 15 KB
15 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options: nosniff
age: 65391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:45:27 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame DD46 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CyJQ-BUL6ZbSDJZ-C7_UPsa6g4AXM49WKdrfwysOyErnZsZvMCBABIP3KtFZglQKgAdqig_spyAEJqQKaQOVATjGyPqgDAcgDywSqBJsCT9AaTkvdQz8vEiOjqQYYuqLLsfAzT9k7FoRTLW9g5SuW5K1w5G_B5BJTpwGGhzRglctsC-fzjhpR4QxKtl55sR0Qfs_oLllbnjABkiYaLQ5Zcysdq9p6SCODq6TstCftjh3rbhRRnJx3qjAfpr2tNUfY3qMC7MrBsv6tKIYZsZUoKFZZk2YYA8YTmR0qabYK2qFA5S4MmE579Y19ef7P4gANTB2BcOX5ZlXC1fTElc5VFD_oxxrM9RXkgC6kxLu7EjOFf3AK6DM7VXjdmIxYCM13xDFGYegcnCwZNcm5t70yQZxrdtUWkJoa8s7Aa7cXOq-sdjDRuub5VXZ4NyOrU7iElvOLKOq8w70ETBWZBdx3RAMheni-a_fP0sAEhorswMwEiAXF1Iy4TpIFBAgEGAGSBQQIBRgEoAYugAfa2tPaBKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEENqfBtIIKgiR4YBwEAEYHzIH64uA4L-ADToIAICAgICAlChIvf3BOljx_KeP3oGFA5oJG2h0dHBzOi8vdGVtcG9zZWFyY2guY29tL2RzcoAKAcgLAbgT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItOTkzNjYzMDk4MDEyNTA5NBgAshgJEgKLVBguIgEA&sigh=1oskJ9BIsfE&uach_m=%5BUACH%5D&ase=2&template_id=484&cbvp=2&vis=1&nis=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Mar 2024 01:55:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C3A 52 KB
20 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=4249996091&pi=t.aa~a.811485448~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=-M&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280&nras=4&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:48:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:48:54 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame F00F 16 KB
17 KB 197ms
107ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame F00F 16 KB
16 KB 108ms
88ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Mar 2025 01:55:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 38ms
37ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240314&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76ed6699e945444f90e7ba9df93a51b341a39a023ac9a6acf2e56aa6b10fd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12227
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 01:55:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BED 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigonwild.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Mar 2024 16:02:25 GMT
expires: Wed, 19 Mar 2025 16:02:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BED 40 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 16:01:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3BED 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rh5zSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 01:55:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE4E 42 B
66 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTSlftgo9EUOWa9Req0qT_H8vt3bliiLzyHLvQd2IHZ3o0xR3tVHy6FV_mbOMX4VEh4NjRb8YcuFjDNL0tqFKnxnLK8Yh1XFPEHRMyBlymndFKZBNp2jnK-1wp1cPYKqUGOTtiwKyUNpO6UKMFpT9X5t5KroswPdQqWHJyIwI&sig=Cg0ArKJSzD-WsuC4lPPiEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240318&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4188038881&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=683251800&rst=1710899717246&rpt=863&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=4188038881&adf=501445130&pi=t.aa~a.1043414356~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=1200x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717060&bpp=1&bdt=1073&idt=184&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 01:55:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240314&jk=4337049594431379&bg=!w8ClwI_NAAZaswqNerM7ADQBe5WfOAwTNaazzXMpGek-ttG9xonS0xfEOZwec8fdBXq6Q35mf5kE_ovmIkd_PehlzyKHAgAAACxSAAAAAmgBB34ANSFB9i8Vxn59Y2mHJf8ytkfB7PhyQptOcgA7mTywr9G57MN1LAnabK0tgwZBENn1n-vcuiuVCgB4yx1ftFHZmrX2IZxLG3zX9dfGjp_NL8IB7otfCDXUqIs7s2zViflW9Cj3fvRpm9BBeFOe29EGnaTYEZUxeBgr92XPn_y8ltFzagCv8qsDfCsd-sgxNGjqvshKrzUDXMiMBTDqPLuxdBvTbUV6BDFLEJ9T6O68aTW3mQJjL_40HxDIWEeTq5oRARy0vfRQGtoP4h8VODqd9Eb1J8Al6fQA1U8NMjWABeXV39Ch5QOZ0xZoeakJMC_pErOSJUesh6QqfSBVOvh7oouR9sdejb0JmcF562wm-v2LG8XEzvqmQ-naU_B2z1Z3ersSBx3LRSXpKOxYEa5aSf0f5ofoLd47r7b3XoB0lA8_y5Km5e8JaT7gpFASIM7QKUV-dqdSZkAbAuTfspqw5lOejS_mXHtymzHPVRKFHikMaDtdYYXXFsebKy4J5jwHAt1J3CmlEno5FVj_wOmLkYdXzD5Y1z10tdiy1ihzITKvdq1-2t1C73Iwo8jj_PJ4ZJ5LMOX5GuJRR7hLqReCYwWNNbrw1Q_wkDAtaiSbzZcAxJyUpNsMc7ReYa8XBNly9AQDt1Iz94HUdH6VNTpRWAc6iqJAXGB52a0d1X8Dh2y7NrSpFo4JuFDBh2-I4GCj4KsYIGaxj2VOHq0jkMRS4kMY3MRSQKhi_2l_gDJSa_z-LBMSEQUWi36y3b-dUyTD41-mz7CdlMwJb2oyRegsKSZtScBX9jLlLMNZPe_yYumzHWC6Oilos8_m0pmdiajcyDqZcZViDqB47htcMSorUhFNl8ipfCZ9wvpkH_J32ijbhlSGZCNEU4-yDBtwui76r3f-LwmlCTB3GMQWEkgtWfzsevYZUvv0anaURxv7kTG5PQwQh51xiCJ1tlUH8yqX32gD3gfTO4Tr47YWRlJp8ogBZJkF-mkFJEisWg2Jt0qYmtyVWU-aCKvydOeaRFWhVjtVD6d3676oA6RqUxQSXtR6v5AAzAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigonwild.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigonwild.co.za/	1970-01-21 04:50:59	Name: _ga_RWE7W2G4NH Value: GS1.1.1710899717.1.0.1710899717.0.0.0
.bigonwild.co.za/	1970-01-21 04:50:59	Name: _ga Value: GA1.1.44879777.1710899717
.ojrq.net/	1970-01-21 04:50:59	Name: brwsr Value: e65fc65a-e65c-11ee-8919-77b8679c26a2
travelstart.zwjlk6.net/	1970-01-20 19:25:04	Name: AWSALBCORS Value: Sa+VZrTW36yTCSrDZRF23whzsCLpD0gtiX4PY6zfk+K7RfchOO1Zy1RwmIMqLHn65F4gK15PS6DPYBDzS9NoJS1/HJuZofQUsDXge3MIwyGag5d24mpSuYhCSbs/
.zwjlk6.net/	1970-01-21 04:50:59	Name: brwsr Value: e65fc65a-e65c-11ee-8919-77b8679c26a2
.bigonwild.co.za/	1970-01-20 23:34:11	Name: __eoi Value: ID=335e8ae819630f4a:T=1710899717:RT=1710899717:S=AA-AfjZgxW4FVnVAA3xH0Yi_udDZ
.criteo.com/	1970-01-21 04:36:35	Name: receive-cookie-deprecation Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.bigonwild.co.za/category/blog/(Line 572) Message: Mixed Content: The page at 'https://www.bigonwild.co.za/category/blog/' was loaded over HTTPS, but requested an insecure element 'http://travelstart.zwjlk6.net/i/1214309/1440070/5446'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.bigonwild.co.za/category/blog/ Message: Mixed Content: The page at 'https://www.bigonwild.co.za/category/blog/' was loaded over HTTPS, but requested an insecure element 'http://travelstart.zwjlk6.net/i/1214309/1440070/5446'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://www.bigonwild.co.za/category/blog/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bigonwild.co.za/category/blog/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bigonwild.co.za/category/blog/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bigonwild.co.za/category/blog/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bigonwild.co.za/category/blog/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9936630980125094&output=html&h=280&adk=2849783052&adf=781603987&pi=t.aa~a.2938589472~rp.4&w=779&fwrn=1&fwrnh=100&lmt=1710899717&rafmt=1&to=qs&pwprc=6565069256&format=779x280&url=https%3A%2F%2Fwww.bigonwild.co.za%2Fcategory%2Fblog%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710899717567&bpp=1&bdt=1580&idt=1&shv=r20240314&mjsv=m202403140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C779x280%2C779x280&nras=5&correlator=7848299677362&frm=20&pv=1&ga_vid=44879777.1710899717&ga_sid=1710899717&ga_hid=1883237653&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=3796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081906%2C95321957&oid=2&pvsid=4337049594431379&tmod=1775002557&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=19 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.impactradius-go.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
travelstart.zwjlk6.net
www.bigonwild.co.za
www.googletagmanager.com
www.gstatic.com
www.ojrq.net
178.250.1.6
196.41.130.157
2001:4860:4802:34::36
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
3.160.150.63
34.95.127.121
52.51.32.100
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0604b682a01afc20cc714c188a8a5f9f8cb370e2e1e9662cf1ccc965458e090d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0d20184cd007fd1ff4bbb6ba42dc8de566c26a920e8d3a83af5c96fbf1dfb780
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
18558f5bde036dd9cb2dce5fe8a8b53326ebe51a7a73110e0c76238e68afb298
18ae0c174a271d3e82802628858778eb8115292a0cbb8b06a94a097675a05406
19e42e626860c07c88da45cd83110a68a44816b825e72e4d9267b4cf9e4def30
1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67
1dcf2f2f68cae89462c755099974c86fec1314ea65b61295feebe9f96cb7b4ee
21ae75ea935671b87b6fdb614f908e67290b1d29b635dc439f78b1621a01e093
21cf0bfb23fc6cb8710079c1cba197834d8bed5a884dd4873f42404373ccfea5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38bfdaa069c9531e61af61c835c4d96c38d461ab9807a059b317265b34513043
3b4f55bdb59d4739aedbca6a4f84c43de0ab15dadeb93df5dedc2dba42563ae4
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4357689004ee8dfae68d1bf62533865eed06e7797ef209de496725cce07dcea4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69f7c9cc787c09c2bed8d9c1cc5ec28d9cd570fb06c19f5eb4cfd4e9ab52b0f4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76ed6699e945444f90e7ba9df93a51b341a39a023ac9a6acf2e56aa6b10fd445
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81ff7d4d4daee39b1cc1029bec60df9828bafa89b2bb42992be1dfa5eebb3266
84e236db7d112844c0ce7be08dbc9a5cbed52af65544c56702ce3eda22cadbde
8709e26d61bab50cdc652883fa5428c94fd2a23b41deed8901c12902da97355a
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
8bccc99a7f796311376b5be6aa7ddfe8b2efa779e629ec74aabc6c31531bbd9c
8ce4108fb1a8a40ca5e76584efd945e9b348f6c84a2cd5e138d32c4bfaef0e9e
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
940f56a4f7af4ad6c33916ad210b0e9cea8e3e08211b0721dfcb4a84ab1140d8
963eac4f093c46d94499209d3e9cabf85fc9976fc8696e45f28b4737bf42b369
99017850c36c87f4e6a277be3499836d812867a4540625ea441f9aee01ad36b4
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3b094d766bdafcf994c9de526db059884feaa93afb66f9b0f2a1fdab3490656
b5b43a7eb2f0f2ba8efa75b30fcb83860a0563ff2a7f355e83bf1531c4a875fc
b6c3794592f3b9cd21a0314a00c772381fae9c2e5b2f81ca8a0420573f0e36ca
b7b336681550c485865a29632db501b77f679be30e14c463f24fc65f7ec69749
b9450e070c1e3f294c6b160ddf7b3203097a98569d0be0307f007255958155a4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6e22d64c8b4d5953a94f39b8b0575bd20a295fe776d5e2b0dd5a7df397fa6db
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
df7691a8f4418bb41eac88b770c6a246868d345fa09fbc39bf8851ae645973f0
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e114490516cfb94f077f3d0e7cbd6174fcf32923b873e930f3076d3ac4707749
e2e6b0ec88f5a2dc1ad7b13176f365020c044776b0e8e8669a8d94f737bc7105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ac10dd256e07cb0d3f1d47de1ef1252aad1a2211066bf382fa23bd34094bc4
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4c88c386a10dc8d62e95ea744025695dc05abfd1708188e5393ee851f533ae
f2d3cf79ee0efe9296c50cfd195687b134f17afc643219cba622c297b378721f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6454b24fbb31634f0e39f02808d7ab61982209a981fd5e5312c9da17fcefbb2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f88cca171fe919c301685893d8da2375ce02125266be32dac2ee6f1427c392
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fc0bb4c63390d75ed3ceaa180167bba780a58eee849804944daa6b2e65b1537b

www.bigonwild.co.za Open in urlscan Pro 196.41.130.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

98 %HTTPS

74 %IPv6

13 Domains

19 Subdomains

19 IPs

5 Countries

3709 kBTransfer

5669 kBSize

7 Cookies

5 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bigonwild.co.za Open in urlscan Pro
196.41.130.157 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

98 %
HTTPS

74 %
IPv6

13
Domains

19
Subdomains

19
IPs

5
Countries

3709 kB
Transfer

5669 kB
Size

7
Cookies

110 HTTP transactions
4 data transactions