www.watchthedeer.com Open in urlscan Pro
47.48.194.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww1.watchthedeer.com/t321990.aspx
Effective URL:
http://www.watchthedeer.com/
Submission: On March 08 via api (March 8th 2021, 4:59:45 pm UTC) from US

Summary HTTP 114 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 114 HTTP transactions. The main IP is 47.48.194.90, located in Smyrna, United States and belongs to CHARTER-20115, US. The main domain is www.watchthedeer.com.

This is the only time www.watchthedeer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 34	47.48.194.90 47.48.194.90	20115 (CHARTER-2...) (CHARTER-20115)
17	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	13.226.159.25 13.226.159.25	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.89 13.226.159.89	16509 (AMAZON-02) (AMAZON-02)
2 2	72.21.202.25 72.21.202.25	16509 (AMAZON-02) (AMAZON-02)
2 2	3.22.151.189 3.22.151.189	16509 (AMAZON-02) (AMAZON-02)
1	13.227.102.176 13.227.102.176	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	99.86.227.218 99.86.227.218	16509 (AMAZON-02) (AMAZON-02)
114	21

34 47.48.194.90 (Smyrna, United States) 4 redirects

ASN20115 (CHARTER-20115, US)
PTR: 047-048-194-090.biz.spectrum.com

ww1.watchthedeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.watchthedeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-25.dus51.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-89.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.202.25 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

cloudfront-labs.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.22.151.189 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-151-189.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.102.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-102-176.gru1.r.cloudfront.net

af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.227.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-227-218.iad79.r.cloudfront.net

a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	536 KB
34	watchthedeer.com 4 redirects ww1.watchthedeer.com www.watchthedeer.com	525 KB
17	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	68 KB
6	google-analytics.com www.google-analytics.com	51 KB
5	googletagservices.com www.googletagservices.com	156 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	google.com 2 redirects adservice.google.com www.google.com	421 B
4	cloudfront.net d31qbv1cthcecs.cloudfront.net af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net	9 KB
2	google.de adservice.google.de	330 B
2	googleadservices.com partner.googleadservices.com	525 B
2	a2z.com 2 redirects redirect.prod.experiment.routing.cloudfront.aws.a2z.com	485 B
2	amazonaws.com 2 redirects cloudfront-labs.amazonaws.com	372 B
2	alexametrics.com certify.alexametrics.com	1 KB
1	googleapis.com fonts.googleapis.com	778 B
114	14

	Domain	Requested by
31	www.watchthedeer.com	1 redirects www.watchthedeer.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	www.watchthedeer.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google-analytics.com	www.watchthedeer.com www.google-analytics.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	ww1.watchthedeer.com	3 redirects
2	www.google.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	2 redirects
2	cloudfront-labs.amazonaws.com	2 redirects
2	certify.alexametrics.com	www.watchthedeer.com
2	d31qbv1cthcecs.cloudfront.net	www.watchthedeer.com
1	a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net	www.watchthedeer.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net	www.watchthedeer.com
114	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
identerprises.net

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://www.watchthedeer.com/
Frame ID: C6C0CBF9AB14D5C073BC4FE114856676
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: 071465BB42E5C1F7D946F9D8B5F0E62A
Requests: 1 HTTP requests in this frame

Frame: http://www.watchthedeer.com/Live.aspx
Frame ID: F771A29D840DDCDAF36F9A532CD12E43
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=3702230721&pi=t.ma~as.3764299431&w=728&lmt=1615222765&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765331&bpp=15&bdt=2420&idt=86&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2734279182556&frm=20&pv=2&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iwsem6EoFa&p=http%3A//www.watchthedeer.com&dtd=111
Frame ID: 13C70CBA3ECFF517B4C4629FF573CC1A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104
Frame ID: B467CBA98C375088D1C70130FF75F4CA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106
Frame ID: FCC43909B2EF447F5790A1D8813D8238
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&adk=1812271804&adf=3025194257&lmt=1615222765&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.watchthedeer.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615222765379&bpp=1&bdt=2468&idt=84&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C120x600&nras=1&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=89
Frame ID: 33B1ABB22A211F942969015D67A38EE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 70D0EDFF0587CB032C8DE1421FBDF63C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 6898D92F7F359C4797DF941479627792
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 346C918940A83657E1E62C7B6E9EA2F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A3F60F57867E4DEF8BE49E102EDC80D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: EE53C4BC3ADC770C963BD5AFCD795DD9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 70478956859E24D7C995C386943C46F6
Requests: 2 HTTP requests in this frame

Frame: http://www.watchthedeer.com/LiveFeed.aspx
Frame ID: FA5A01519C956045BBF747FF8EEB3056
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=1345794752&pi=t.ma~as.3764299431&w=728&lmt=1615222776&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776328&bpp=5&bdt=327&idt=78&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=614&ady=289&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.xy47ps3emxvm&fsb=1&xpc=GMutWJW1xA&p=http%3A//www.watchthedeer.com&dtd=86
Frame ID: 97B3312DF798926AD9744E8238391C38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=2340498195&pi=t.ma~as.3764299431&w=300&lmt=1615222776&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776334&bpp=1&bdt=333&idt=85&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&prev_fmts=728x90&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=491&ady=505&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=2&uci=2.vh4lgl4oa20b&fsb=1&xpc=afV1HYu516&p=http%3A//www.watchthedeer.com&dtd=89
Frame ID: B93792EDB0360A1C1C42BD5E5D757D18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=2365168417&pi=t.ma~as.3764299431&w=120&lmt=1615222776&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776336&bpp=2&bdt=335&idt=90&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1455&ady=518&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=3&uci=3.ibz59ub1dc3q&fsb=1&xpc=K1Brrd3OrR&p=http%3A//www.watchthedeer.com&dtd=94
Frame ID: 5ED55CBB817C1F097B8AA9E3A2B79327
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CB237E32A1BCA3FD540585A88FCCBCE3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ww1.watchthedeer.com/t321990.aspx HTTP 302
http://ww1.watchthedeer.com/CreateThings.aspx?aspxerrorpath=/t321990.aspx HTTP 301
http://ww1.watchthedeer.com/CreateThings?aspxerrorpath=/t321990.aspx HTTP 302
http://www.watchthedeer.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

114
Requests

69 %
HTTPS

67 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

1404 kB
Transfer

4327 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/WatchtheDeercom/286454189597
Title: Please like us on FaceBook!

Search URL Search Domain Scan URL

URL: http://identerprises.net/
Title: id enterprises, inc.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww1.watchthedeer.com/t321990.aspx HTTP 302
http://ww1.watchthedeer.com/CreateThings.aspx?aspxerrorpath=/t321990.aspx HTTP 301
http://ww1.watchthedeer.com/CreateThings?aspxerrorpath=/t321990.aspx HTTP 302
http://www.watchthedeer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 16

http://cloudfront-labs.amazonaws.com/x.png HTTP 301
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
http://af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net/test.png

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 81

http://www.watchthedeer.com/LiveFeed.aspx HTTP 302
http://www.watchthedeer.com/Live.aspx

Request Chain 87

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 98

http://cloudfront-labs.amazonaws.com/x.png HTTP 301
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
http://a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net/test.png

114 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.watchthedeer.com/
Redirect Chain

http://ww1.watchthedeer.com/t321990.aspx
http://ww1.watchthedeer.com/CreateThings.aspx?aspxerrorpath=/t321990.aspx
http://ww1.watchthedeer.com/CreateThings?aspxerrorpath=/t321990.aspx
http://www.watchthedeer.com/

12 KB
12 KB

131ms
131ms

Document
text/html

47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 115eed40bd24f96e2562f73ec02186683f00c096ebd7b30bb56abd74814e1402

Request headers

Host: www.watchthedeer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=mh22gyvfipp2sih0fiecl233; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 08 Mar 2021 16:55:26 GMT
Content-Length: 12318

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://www.watchthedeer.com
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: __AntiXsrfToken=6d863516b6a04c7c9c7f7fef1f13f0fb; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 08 Mar 2021 16:55:26 GMT
Content-Length: 144

GET
H/1.1 200
OK DXR.axd
www.watchthedeer.com/ 316 KB
49 KB 470ms
469ms Stylesheet
text/css 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/DXR.axd?r=1_68,1_69,1_70,1_209,1_206,1_74,1_73-OagLl
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef16c3dbb574e89f4ac5ff4ff25522137c69d26a877ad3b0b7cb34ad74ff577b

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 14:36:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/css
Cache-Control: public, max-age=31536000
Content-Length: 49764
Expires: Wed, 10 Nov 2021 14:36:14 GMT

GET
H/1.1 200
OK Site.css
www.watchthedeer.com/ 5 KB
2 KB 124ms
124ms Stylesheet
text/css 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/Site.css
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f3c6922787c849eb2010cd2f0201f60d3aefbc12224e534d535862b7ebc13bb4

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 14:38:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80cb29f780a8d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1355

GET
H/1.1 200
OK DXR.axd Show response
www.watchthedeer.com/ 749 KB
145 KB 210ms
209ms Script
text/javascript 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/DXR.axd?r=1_64,1_11,1_252,1_12,1_23,1_13,1_14,1_15,1_17,1_24,1_33-OagLl
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 88a2458f1d20738041096324a205a89d91a53cdf4b2370124c68347842b8e738

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 14:36:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Content-Length: 148640
Expires: Wed, 10 Nov 2021 14:36:14 GMT

GET
H/1.1 200
OK small120versionlogojan1008.gif
www.watchthedeer.com/Images/ 4 KB
4 KB 134ms
131ms Image
image/gif 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/Images/small120versionlogojan1008.gif
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9029cba871345186f274b4dccb6ee66efb83e3673faa064bd93e93a8f3f7c137

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:27 GMT
Last-Modified: Thu, 14 Jul 2016 14:46:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "17c6683deddd11:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 3642

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
50 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 08 Mar 2021 16:59:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13215137272821469477
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50479
X-XSS-Protection: 0
Expires: Mon, 08 Mar 2021 16:59:22 GMT

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 19:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 76661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sun, 21 Mar 2021 19:41:41 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK FacebookIcon.png
www.watchthedeer.com/adv_images/ 2 KB
2 KB 242ms
228ms Image
image/png 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/adv_images/FacebookIcon.png
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b8cd648f71c134ed70018b75a45ecaa10192488a522c5bae70f9281addc47683

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:27 GMT
Last-Modified: Thu, 14 Jul 2016 14:46:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "72dd283deddd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2077

GET
H/1.1 200
OK getyoururlhere.png
www.watchthedeer.com/adv_images/ 4 KB
4 KB 243ms
230ms Image
image/png 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/adv_images/getyoururlhere.png
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e75febffb9e943a7307d91c2360caac7a2d9d7000ddc3eeebb717cac149dfac

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:27 GMT
Last-Modified: Thu, 14 Jul 2016 14:46:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7df41383deddd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3680

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3409
date: Mon, 08 Mar 2021 16:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 08 Mar 2021 18:02:36 GMT

GET
H/1.1 200
OK DXR.axd
www.watchthedeer.com/ 1 KB
2 KB 126ms
126ms Image
image/gif 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/DXR.axd?r=1_96-OagLl
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/DXR.axd?r=1_68,1_69,1_70,1_209,1_206,1_74,1_73-OagLl
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a4b8a6ccf01843b25a82dadbb9eabb8cd9bee9df7cda4b6b2ff48cb5b9f6cf7d

Request headers

Referer: http://www.watchthedeer.com/DXR.axd?r=1_68,1_69,1_70,1_209,1_206,1_74,1_73-OagLl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Tue, 10 Nov 2020 14:36:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Content-Length: 1306
Expires: Wed, 10 Nov 2021 14:36:14 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 227 KB
85 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8231981577508149&plah=www.watchthedeer.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 4389487008424739880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Mar 2021 16:59:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame 0714 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210303/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Mar 2021 20:37:42 GMT
expires: Sun, 21 Mar 2021 20:37:42 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 73303
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK LiveFeed.aspx Show response
www.watchthedeer.com/ Frame F771 2 KB
2 KB 131ms
130ms Document
text/html 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/LiveFeed.aspx
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b695f02cb8d3d977ce53fb4a0fa5c87baf5c460ddec7e712a89f8534b71e764f

Request headers

Host: www.watchthedeer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.watchthedeer.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASP.NET_SessionId=mh22gyvfipp2sih0fiecl233
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 08 Mar 2021 16:55:30 GMT
Content-Length: 1934

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
5 KB 24ms
24ms Script
text/javascript 13.226.159.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-25.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 13883078
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: rPOgfzzBLK79AkQY-mYWWGGBa7m3Pwlsb0ky6WRZWp3TV2_84S9k4A==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
50 B 13ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2010369032&t=pageview&_s=1&dl=http%3A%2F%2Fwww.watchthedeer.com%2F&ul=en-us&de=UTF-8&dt=Watch%20the%20Deer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=826099317&gjid=1375879209&cid=64505476.1615222765&tid=UA-3015776-1&_gid=1885678054.1615222765&_r=1&_slc=1&z=1166830395

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.watchthedeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 24ms
23ms Image
image/gif 13.226.159.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Watch%20the%20Deer&time=1615222765399&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.watchthedeer.com%2F&random_number=5783045759&sess_cookie=a75d503517812c77757a302df58&sess_cookie_flag=1&user_cookie=a75d503517812c77757a302df58&user_cookie_flag=1&dynamic=true&domain=watchthedeer.com&account=DxGhj1aAkN000Z&jsv=20130128&user_lang=en-US
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-89.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 04:11:03 GMT
Via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 46103
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: pFHghDlL5n9RKONRzMaPX51N7LlsViS0jvomBshZCmOONvlLhExIAA==

GET
H/1.1

200
OK

test.png
af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
http://af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net/test.png

58 B
58 B

413ms
385ms

Image
text/plain

13.227.102.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net/test.png
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 13.227.102.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-102-176.gru1.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:59:25 GMT
Via: 1.1 5f26efcc09f40c81ef0f61d4bcb1f2c8.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: a8WuV0eyk8pWNLZGBU_P57Z7kG-_gHjkFBoVkw3Lnb-mm3KTNcnK8g==
Expires: Mon, 08 Mar 2021 16:59:25 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Mon, 08 Mar 2021 16:59:25 GMT
Server: Server
Connection: keep-alive
Content-Length: 0
Location: http://af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net/test.png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-3015776-1&cid=64505476.1615222765&jid=826099317&gjid=1375879209&_gid=1885678054.1615222765&_u=IEBAAEAAAAAAAC~&z=528529913

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Mar 2021 16:59:25 GMT
content-type: text/plain
access-control-allow-origin: http://www.watchthedeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
265 B 57ms
55ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.watchthedeer.com&callback=_gfp_s_&client=ca-pub-8231981577508149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8231981577508149&plah=www.watchthedeer.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

dcffa951b573ef36b9193bceed50d5bade5780c99b3a0da0f41ccaf79431a5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.watchthedeer.com&meb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.watchthedeer.com&meb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 13C7 60 KB
21 KB 595ms
595ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=3702230721&pi=t.ma~as.3764299431&w=728&lmt=1615222765&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765331&bpp=15&bdt=2420&idt=86&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2734279182556&frm=20&pv=2&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iwsem6EoFa&p=http%3A//www.watchthedeer.com&dtd=111

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eb668b8ec584b3afaadd412a3a1961a5678b2075d2a47e78251cda2d18b7a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=3702230721&pi=t.ma~as.3764299431&w=728&lmt=1615222765&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765331&bpp=15&bdt=2420&idt=86&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2734279182556&frm=20&pv=2&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iwsem6EoFa&p=http%3A//www.watchthedeer.com&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:26 GMT
server: cafe
content-length: 21077
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:26 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:25 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B467 50 KB
19 KB 1029ms
1028ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

161fb8ecc1f78e7f3dce28f4e5591de7005de18e426e993d783a18f0d90a1575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:26 GMT
server: cafe
content-length: 19256
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:26 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCC4 55 KB
20 KB 482ms
482ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d7d5c85c11aea6e48746d2ca3214d1eb9d0d6840d044d28c2bd11c0dcfb5458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:25 GMT
server: cafe
content-length: 20670
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:25 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33B1 1 KB
616 B 84ms
84ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&adk=1812271804&adf=3025194257&lmt=1615222765&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.watchthedeer.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615222765379&bpp=1&bdt=2468&idt=84&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C120x600&nras=1&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=89

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

210ad492a20358cefc86c84251b460fe364e3b90a7f8f57f82b83cbf2a8940a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&adk=1812271804&adf=3025194257&lmt=1615222765&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.watchthedeer.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615222765379&bpp=1&bdt=2468&idt=84&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C120x600&nras=1&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:25 GMT
server: cafe
content-length: 446
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:25 GMT
cache-control: private

GET
H/1.1 200
OK ImageOne_small.jpg
www.watchthedeer.com/App/live/ Frame F771 4 KB
5 KB 127ms
126ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageOne_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2ddfc60a9e7aee1be76983c053895ac8bbd79b89dc80ea7cb6101f33e563b08a

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: W/"66ddb8d53b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4602

GET
H/1.1 200
OK ImageTwo_small.jpg
www.watchthedeer.com/App/live/ Frame F771 6 KB
6 KB 129ms
128ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageTwo_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b304c12bf3536c556343974c9f0a3fabd5cf84c3e38bd71f8bc1882f395d239a

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:22 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "47dcf3d33b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6124

GET
H/1.1 200
OK Imagethree_small.jpg
www.watchthedeer.com/App/Live/ Frame F771 10 KB
10 KB 128ms
127ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/Live/Imagethree_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: facac59bd82c7b6d8afa0f22bc99b26a16eafc6759a4e1fcac405f09da221141

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: W/"9a1411d63b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10214

GET
H/1.1 200
OK ImageFour_small.jpg
www.watchthedeer.com/App/live/ Frame F771 8 KB
8 KB 132ms
131ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageFour_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ab22feee86432fdfc8840aaf5b6d5d0bc788218e67f58bdc466e91e59f7601dd

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: W/"a96ad0d83b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8369

GET
H/1.1 200
OK ImageFive_small.jpg
www.watchthedeer.com/App/live/ Frame F771 4 KB
4 KB 133ms
132ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageFive_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8f8e6f4df9ecfc621dc7df601962e3d347ec02c82bc6f5fc51e51eccb0ea1ba8

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: W/"906592d03b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4196

GET
H/1.1 200
OK ImageSix_small.jpg
www.watchthedeer.com/App/live/ Frame F771 6 KB
6 KB 130ms
130ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageSix_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 20d2c81d064259094df46701d2cd910e4418136707e737c8ed50354e82783a92

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:30 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2cd58bca3b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6165

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-8231981577508149&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210303_093706&sat=1614980041950&afm=0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=1.290&alldns=1.290&allp=4&pgh=1200&su=www.watchthedeer.com&r=0.1

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 16:59:25 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11477132896826409795
tpc.googlesyndication.com/daca_images/simgad/ Frame FCC4 38 KB
39 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11477132896826409795

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927d5248bfa6812ea50dc4486397cdd43ef706437bd2db68ba1f41a7b87c97ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 04:09:07 GMT
x-content-type-options: nosniff
age: 391818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39415
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 13:55:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 04:09:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame FCC4 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FCC4 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:08 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCC4 110 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FCC4 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:51:19 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame FCC4 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10963
x-xss-protection: 0
server: cafe
etag: 5048180228173261443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 14:07:14 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCC4 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7Z7t7VdGYOrVHcSIlgTn_5zQD9264uFhnb27x60N-fbBxa4OEAEgysbPB2CVAqAByP6rpwLIAQKpAvtEFnKdRoE-qAMByAPJBKoExQFP0OLQOv5nkDxXs4Yb3Vts3QSFWm0Bec6EhdXw1j2WcPK0wHqGNzvWH8S474BXkG2vQaTK5L5-hOe0PnWnQYoMxcseJtITVSKbQptcbkucOWb4VQ9Q8m1fxPMEpyQJHefKSalE3VXMNa3Yc7S9gZyM9LaVuINm9y7kKP7D-oboS0t5tsUGI7HjuOUYxnS7sxRe-HKlT9ZhsAQFpsGSS8wKmGC80V3E9sP9RDSIzY5XxedeqDKGY69J55wBZdBudGEAxEuak8AE67fly7ADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4D18uIBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMDkK9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi04MjMxOTgxNTc3NTA4MTQ5&sigh=ACZ-WeJYr-Y&tpd=AGWhJmtWokNi3ci77ich5K0ESmoqy4rKrdNE6NEsLcs0y9nhAg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 08 Mar 2021 16:59:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:25 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 70D0 143 B
169 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=621139648&pi=t.ma~as.3764299431&w=120&lmt=1615222765&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765354&bpp=2&bdt=2443&idt=104&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1154&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=CHavyP8dZx&p=http%3A//www.watchthedeer.com&dtd=106

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Mar 2021 16:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2165
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FCC4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a52ac19b8a380257c436cf113c0ab31fab1ae29a997b89292b8e7a67575aa01b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 70D0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
256 B

39ms
39ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnj_NRItdU9Sc6K62GS-ccpOZg7nEtZv6O1gnW0h1P3wLpANJaLJ_EW5o7kitc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 08 Mar 2021 16:59:26 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 08-Mar-2021 17:59:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 08 Mar 2021 16:59:26 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6898 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 07:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 33509
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 08 Mar 2022 07:40:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 13C7 6 KB
778 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=3702230721&pi=t.ma~as.3764299431&w=728&lmt=1615222765&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765331&bpp=15&bdt=2420&idt=86&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2734279182556&frm=20&pv=2&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iwsem6EoFa&p=http%3A//www.watchthedeer.com&dtd=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 15:24:26 GMT
server: ESF
date: Mon, 08 Mar 2021 16:59:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Mar 2021 16:59:26 GMT

GET
H3-Q050 200 bg_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/ Frame 13C7 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/bg_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaa629d9f0548932ed3e6e758bb03ba934aa479ca2b03a992e4730d0b4668ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 08:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2880
x-xss-protection: 0
server: cafe
etag: 538336100277915722
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 08:14:00 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 13C7 2 KB
927 B 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:21 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 13C7 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 13C7 3 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:08 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13C7 110 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:26 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 13C7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:51:19 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 13C7 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 07:11:17 GMT
server: sffe
age: 268160
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Thu, 03 Jun 2021 14:30:06 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 13C7 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C87K27VdGYJW1HIGClgSnqYDID5ulh-BhhKz4rNUN29keEAEgysbPB2CVAqAB_66tzwHIAQmoAwHIA8sEqgTDAU_QTwwIG2rhV5xcrM4KkOGifUYnc-ycPRKRPznEn8CMYFFVt6Iiu185ndn1gu6oRqw8gES5c7zIGDBitDYO2Ft39RpYiRsKNG0Q91rHFraXoJz09b528_itQ_Ofjm-yLsV7K2yUnNPQ_E0tjFJYA-fyGQ8dycTBMJ7kc8ZfgtKK-1hbZXByvLwyeZVx_vy1pNsEdWqRJMY-16PKQufOLDCSOA_yOWpSSFZVP5vozo84YrJ_ea9UZNoj7VcH2nKdK-62l8AE7PT747sDkgUECAQYAZIFBAgFGASgBi6AB-nQ0rACqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIenJtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04MjMxOTgxNTc3NTA4MTQ5&sigh=fYQvoe-FDrg&template_id=484&tpd=AGWhJmsHfmRfVG5HcDtqYVqfxX8B-RMiPdVIUCGEtTZGeyU8iQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=3702230721&pi=t.ma~as.3764299431&w=728&lmt=1615222765&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765331&bpp=15&bdt=2420&idt=86&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2734279182556&frm=20&pv=2&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iwsem6EoFa&p=http%3A//www.watchthedeer.com&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 08 Mar 2021 16:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 6592766407814317453
tpc.googlesyndication.com/simgad/1729336731322209104/ Frame 13C7 30 KB
30 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1729336731322209104/6592766407814317453

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8770eb816490db5b8167294abce925dddcb08b7ee69bdd2b88970aebff384468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 14:02:07 GMT
x-content-type-options: nosniff
age: 10639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30513
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 05:20:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:02:07 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1741746008275859207/ Frame 13C7 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1741746008275859207/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478350a4a4d79ba77e1fca3297b1279d1cbc4812b2138f7cd309217756530697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:20:09 GMT
x-content-type-options: nosniff
age: 261557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1815
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:11 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 16:20:09 GMT

GET
DATA 200
OK truncated
/ Frame 13C7 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 13C7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09206ae25df521afe6221ac6b63b0edb8eb38851adfb82ff30d55296c32ae0b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 13C7 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 421615
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 03 Mar 2022 19:52:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 13C7 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 12:56:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 360166
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:56:40 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 13C7 15 KB
16 KB 30ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 598059
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame 346C 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/bg_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 07:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 33509
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 08 Mar 2022 07:40:57 GMT

GET
H3-Q050 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/spam_signals/ Frame B467 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2773
x-xss-protection: 0
server: cafe
etag: 3338119961263385223
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:56:36 GMT

GET
H3-Q050 200 10794155816682749583
tpc.googlesyndication.com/simgad/ Frame B467 58 KB
58 KB 8ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10794155816682749583?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmQ4wu8J4en6b_ebmcgVeLLUcNHGw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05ee78c450733ff0f98d2084bac229f0fc29c689e7e2bb5d79082b7df6ee6840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:38:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 16:45:21 GMT
server: sffe
age: 336082
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58905
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:38:04 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame B467 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B467 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:58:08 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B467 110 KB
33 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:26 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B467 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 16:51:19 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B467 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10963
x-xss-protection: 0
server: cafe
etag: 5048180228173261443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 14:07:14 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B467 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpme77VdGYPiTHdiG9fgPzZefyAnpkPOzYbPs34GnDZeGtqHPGxABIMrGzwdglQKgAcL5-L8DyAECqQKPoD3IPDq3PqgDAcgDyQSqBMABT9B68hvMR8H85zQ-8Mihsb5MjViZzZkzAGAxgBWTbLWXAl4x9_Wc9_peSYufhatfSSZ7pr6EaF-zyXPfWpaR_UrCFGOVaAKco1Z5n-Hw6wjw_ZVZfn-f_bcYVloK8s8_9pGaospL7v4Yn_lRzEqKQF_Fg9hsetIK0tqDhl1AgwcUfxwGJ6fPuGbDSJ2FRvYPppe8toj7CcfbN4PrxXQ7tVEM_FlwCiCwtLeeyNpKPAxnym4tjzbYjiyFhJB9dFx2wATQ-4CLygOSBQQIBBgBkgUECAUYBKAGAoAHpoaHQKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCX0UDSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItODIzMTk4MTU3NzUwODE0OQ&sigh=NIoYQj_ZdlY&tpd=AGWhJmsPJf1O9rzGweSb0sYE1Rty_WyuHPfw8oE7ImQTu8JJtg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 08 Mar 2021 16:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3F6 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnj_NRItdU9Sc6K62GS-ccpOZg7nEtZv6O1gnW0h1P3wLpANJaLJ_EW5o7kitc; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Mar 2021 16:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2166
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3F6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

40ms
40ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnj_NRItdU9Sc6K62GS-ccpOZg7nEtZv6O1gnW0h1P3wLpANJaLJ_EW5o7kitc; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 08 Mar 2021 16:59:26 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 08-Mar-2021 17:59:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 08 Mar 2021 16:59:26 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B467 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71cc9455c0c85e76f70a9449cd227a4acc7ab94f817a895a857ddcd42958c2d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3712dd1e4289b1ce79ce32bc43268902a1567744b4d9d64e6ac3397ac9f46420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 16:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6567
x-xss-protection: 0

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame EE53 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=1576519637&pi=t.ma~as.3764299431&w=300&lmt=1615222765&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2F&flash=0&wgl=1&dt=1615222765350&bpp=3&bdt=2439&idt=100&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2734279182556&frm=20&pv=1&ga_vid=64505476.1615222765&ga_sid=1615222765&ga_hid=2010369032&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=190&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066923%2C21069711&oid=3&pvsid=2852233584073425&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=RuL97BvgqI&p=http%3A//www.watchthedeer.com&dtd=104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 07:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 33509
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 08 Mar 2022 07:40:57 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:26 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7047 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 08 Mar 2021 15:58:45 GMT
expires: Tue, 08 Mar 2022 15:58:45 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3641
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7047 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 07:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 33509
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 08 Mar 2022 07:40:57 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=2852233584073425&bg=!ISKlImHNAAWsVXnBrDsAKQB2-DxaPHSCmg4JfvxqXEltpcxqqa0oCLJg_bXpYFJQ5d96ogM91rrtAgAAAFRSAAAACWgBBwoA-xwocnDttuFvoFDvH0M_7idzgatr-IwNoylOTniGdR1SuIfCdTiNJ7pNCkG35YbXHcvY7Te_YZ8-iWylxtaDdVGR9K2lrTVbMmIxQ87IygcM1-AFQ1aGVmHk2YLqFGEer3BxdMe82KpNUdR0GXffDrgO2LAB5BvOcOFX1koUI0CTwf5-CNJzkK4K7KXgQaRAMOkkhJW5qkFj26DlOiYr9m1WUCShUXaH2IBa8wIqvB913VrKh3tH6VbdWqQLRjji4-mkrBT8T9zhRXWjrdQOyUf9OTRK1sef0WdVCjHu71jwV3o480j4gHg-xbM_WFIHOoN-0tRGmUJ6lykPmQIM1zWAR6EDKfvDUZHE3MpcCJbtGVKE-eEvGN8ihLFha0CzVvlwWwizxoIa-AbGyyxCWTxpxUsVivGa9tlmpNZlqlGSLSSgjtQgIVWS0AFHKdrXGGmPlzm2AOPVgHKgZjuNzCjOBesRDgeml71gWiLpxfIveGgY8u4qh19Wyk8ypTtawmybRYRMdNVdnqkCBAwKfRtkUUaX-hhuRyLdF3aNfzSHiMu_STTBaD2CcBk96cU_-MfAlS8DQgL66MceM1EiR4le73Ep-EmRQCGNGMTtU8Ts4kszGDhs-wZYJMHiSTubDzgT1tGbnnzocu6TwSxN-o4wpSdc27Xvm2tx5m3fKmeBNYUa5GMy8iabgixFKvQJVR3DnPc_j8iy6Vln5bI6mTF4FzYydEhVVumx66J_zgqxJjoVsH8vW2zpUpzs18aZMATV57DdtIMVKZm1ei2UxHp3lVrXBhe6akOkRDnLCAKsdKB_1cQb5I-0jNTCRqivYUPSsIZUAL_Vl5YLslAE8OWId-N1XmBiTemi_kuDFwfFN6df2_bT4mdwzl7OZLfzgwriBU33710LFQpxCizQRbzIFWdiisbq2lHEt4181BO0Nvf1dfmh3iehnEFfjwPKYecAr_EURw7PWo9_mlE4fw2R6ySkJWQctNDcfK5LyN2lftrPquFqcMf9JDdm_-AC7jk4cOvpIBClMVs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCC4 42 B
89 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZCyHgbkcCRRN84ZsWLHXmxp8Lh41MJXz55ahDbJ9jmpuQC3entmfDACf5Q4I8eTp-Ax2piuYV5CTpvN0aLy2Ku__G-bY5chI5V_vQ-ko7Tb-ApFbAQ7eubP8edg&sai=AMfl-YQt6p43faqOl7NFdoju1ecMpX4SBFJDxy103ECzBznVRYVxIlG9FSu0rOrW5C8hUiRAJ7kx1l56KNlu&sig=Cg0ArKJSzDW_y8W9MtxjEAE&id=osdim&mcvt=1000&p=265,1154,865,1274&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4223940128&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615222765462&dlt=486&rpt=26&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 13C7 42 B
66 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyWFRj0MAGRPf49CIREKqCn_cqsEIwTgRJDdYpe2rwJ4YbM0zoDvl2JujFJQvjmMXhTbWemDlccy59edSREmeFKNAoqtZM-oziSaRkp5PeJPysff627ZBrMYymIw&sai=AMfl-YT-hQnIHDVaihIJ5QqwgOFQb3V92MpaABxpAhH5Izoe3BN3Qoh6qNGhhhC0KISU4ok5hmmmd-69ntEJ&sig=Cg0ArKJSzLO0Q7C9WcxSEAE&id=osdim&mcvt=1000&p=36,313,126,1041&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2422062174&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615222765445&dlt=597&rpt=46&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B467 42 B
66 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW0QFIgB57LbP8c9v2YGEryqHCJcP2oqfbusNc5U-872SDRUIE_7ha_y7TQa7I_KD8dieyNb36GLpuFmJzBUEklZLCJaFKkubuONE8nTnGmEvlo7JLqQDLAbE-tQ&sai=AMfl-YQJirrGiC7gBRPUajFhjVGO_QNM3VivS-TYhkBMdLSRTHIWBV43EgtiWx1cgKuHhTLCYS6mLMOl-S1f&sig=Cg0ArKJSzFnWHCUADUp_EAE&id=osdim&mcvt=1000&p=253,190,853,490&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3419418403&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615222765456&dlt=1032&rpt=26&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set Live.aspx Show response
www.watchthedeer.com/ Frame F771
Redirect Chain

http://www.watchthedeer.com/LiveFeed.aspx
http://www.watchthedeer.com/Live.aspx

12 KB
12 KB

132ms
131ms

Document
text/html

47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/Live.aspx
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a3a5000d0a340417fded96d6983281ca14f98f3a3993540ee2abbe86570143a0

Request headers

Host: www.watchthedeer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.watchthedeer.com/LiveFeed.aspx
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/LiveFeed.aspx

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=x50kd10g5sffetbfv2dpamft; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 08 Mar 2021 16:55:40 GMT
Content-Length: 12327

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Live.aspx
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 08 Mar 2021 16:55:40 GMT
Content-Length: 127

GET
H/1.1 200
OK DXR.axd
www.watchthedeer.com/ Frame F771 316 KB
49 KB 162ms
160ms Stylesheet
text/css 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/DXR.axd?r=1_68,1_69,1_70,1_209,1_206,1_74,1_73-OagLl
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef16c3dbb574e89f4ac5ff4ff25522137c69d26a877ad3b0b7cb34ad74ff577b

Request headers

Referer: http://www.watchthedeer.com/Live.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 14:36:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/css
Cache-Control: public, max-age=31536000
Content-Length: 49764
Expires: Wed, 10 Nov 2021 14:36:14 GMT

GET
H/1.1 200
OK Site.css
www.watchthedeer.com/ Frame F771 5 KB
2 KB 149ms
147ms Stylesheet
text/css 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/Site.css
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f3c6922787c849eb2010cd2f0201f60d3aefbc12224e534d535862b7ebc13bb4

Request headers

Referer: http://www.watchthedeer.com/Live.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 14:38:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80cb29f780a8d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1355

GET
H/1.1 200
OK DXR.axd Show response
www.watchthedeer.com/ Frame F771 749 KB
145 KB 219ms
217ms Script
text/javascript 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/DXR.axd?r=1_64,1_11,1_252,1_12,1_23,1_13,1_14,1_15,1_17,1_24,1_33-OagLl
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 88a2458f1d20738041096324a205a89d91a53cdf4b2370124c68347842b8e738

Request headers

Referer: http://www.watchthedeer.com/Live.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 14:36:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Content-Length: 148640
Expires: Wed, 10 Nov 2021 14:36:14 GMT

GET
H/1.1 200
OK small120versionlogojan1008.gif
www.watchthedeer.com/Images/ Frame F771 4 KB
4 KB 129ms
127ms Image
image/gif 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/Images/small120versionlogojan1008.gif
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9029cba871345186f274b4dccb6ee66efb83e3673faa064bd93e93a8f3f7c137

Request headers

Referer: http://www.watchthedeer.com/Live.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Thu, 14 Jul 2016 14:46:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "17c6683deddd11:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 3642

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F771 140 KB
50 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 08 Mar 2021 16:59:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13215137272821469477
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50479
X-XSS-Protection: 0
Expires: Mon, 08 Mar 2021 16:59:36 GMT

GET
H3-Q050

200

urchin.js Show response
www.google-analytics.com/ Frame F771
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

9ms
7ms

Script
text/javascript

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 19:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 76675
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sun, 21 Mar 2021 19:41:41 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK FacebookIcon.png
www.watchthedeer.com/adv_images/ Frame F771 2 KB
2 KB 136ms
135ms Image
image/png 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/adv_images/FacebookIcon.png
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b8cd648f71c134ed70018b75a45ecaa10192488a522c5bae70f9281addc47683

Request headers

Referer: http://www.watchthedeer.com/Live.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Thu, 14 Jul 2016 14:46:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "72dd283deddd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2077

GET
H/1.1 200
OK getyoururlhere.png
www.watchthedeer.com/adv_images/ Frame F771 4 KB
4 KB 134ms
133ms Image
image/png 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/adv_images/getyoururlhere.png
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e75febffb9e943a7307d91c2360caac7a2d9d7000ddc3eeebb717cac149dfac

Request headers

Referer: http://www.watchthedeer.com/Live.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Thu, 14 Jul 2016 14:46:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7df41383deddd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3680

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame F771 46 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3420
date: Mon, 08 Mar 2021 16:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 08 Mar 2021 18:02:36 GMT

GET
H/1.1 200
OK DXR.axd
www.watchthedeer.com/ Frame F771 1 KB
2 KB 218ms
217ms Image
image/gif 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/DXR.axd?r=1_96-OagLl
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/DXR.axd?r=1_68,1_69,1_70,1_209,1_206,1_74,1_73-OagLl
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a4b8a6ccf01843b25a82dadbb9eabb8cd9bee9df7cda4b6b2ff48cb5b9f6cf7d

Request headers

Referer: http://www.watchthedeer.com/DXR.axd?r=1_68,1_69,1_70,1_209,1_206,1_74,1_73-OagLl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Tue, 10 Nov 2020 14:36:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Content-Length: 1306
Expires: Wed, 10 Nov 2021 14:36:14 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame F771 227 KB
85 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8231981577508149&plah=www.watchthedeer.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 4389487008424739880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Mar 2021 16:59:36 GMT

GET
H/1.1 200
OK LiveFeed.aspx Show response
www.watchthedeer.com/ Frame FA5A 2 KB
2 KB 123ms
123ms Document
text/html 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to

Full URL: http://www.watchthedeer.com/LiveFeed.aspx
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b695f02cb8d3d977ce53fb4a0fa5c87baf5c460ddec7e712a89f8534b71e764f

Request headers

Host: www.watchthedeer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.watchthedeer.com/Live.aspx
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASP.NET_SessionId=x50kd10g5sffetbfv2dpamft
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/Live.aspx

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 08 Mar 2021 16:55:40 GMT
Content-Length: 1934

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ Frame F771 4 KB
5 KB 24ms
23ms Script
text/javascript 13.226.159.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-25.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 13883089
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: JM0qLMeOD612p2xaXu-PG8dREmV5Rj-JrCDs3zqpJFG6Bz8l16GqbQ==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame F771 4 B
50 B 13ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=481760551&t=pageview&_s=1&dl=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&ul=en-us&de=UTF-8&dt=Watch%20the%20Deer&sd=24-bit&sr=1600x1200&vp=650x410&je=0&_u=IEBAAEABAAAAAC~&jid=1643811792&gjid=1194951284&cid=515497014.1615222776&tid=UA-3015776-1&_gid=299659273.1615222776&_r=1&_slc=1&z=2066355936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.watchthedeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ Frame F771 1 B
424 B 112ms
36ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-3015776-1&cid=515497014.1615222776&jid=1643811792&gjid=1194951284&_gid=299659273.1615222776&_u=IEBAAEAAAAAAAC~&z=910121250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Mar 2021 16:59:36 GMT
content-type: text/plain
access-control-allow-origin: http://www.watchthedeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame F771 43 B
552 B 23ms
23ms Image
image/gif 13.226.159.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=410&frame_width=650&iframe=1&title=Watch%20the%20Deer&time=1615222776369&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fwww.watchthedeer.com%2FLiveFeed.aspx&host_url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&random_number=8822755667&sess_cookie=ebe9c0a017812c7a2317659fcda&sess_cookie_flag=1&user_cookie=ebe9c0a017812c7a2317659fcda&user_cookie_flag=1&dynamic=true&domain=watchthedeer.com&account=DxGhj1aAkN000Z&jsv=20130128&user_lang=en-US
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-89.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 04:11:03 GMT
Via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 46114
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: bDemy2-SMQS7C8lzin2Mrh0XeZC-77gUESOxdceaSGJkrx8DV-vFHQ==

GET
H/1.1

200
OK

test.png
a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net/ Frame F771
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
http://a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net/test.png

58 B
58 B

214ms
191ms

Image
text/plain

99.86.227.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net/test.png
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/Live.aspx
Protocol: HTTP/1.1
Server: 99.86.227.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-227-218.iad79.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:59:36 GMT
Via: 1.1 e4fa9ecbd3e1a11686d1555c5171b6f7.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: LaQ5PNroS1gtnNUAzLnzOpCd7ri8G115HNpQ4-MEKWZI-Zn7QiT6UQ==
Expires: Mon, 08 Mar 2021 16:59:36 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Mon, 08 Mar 2021 16:59:36 GMT
Server: Server
Connection: keep-alive
Content-Length: 0
Location: http://a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net/test.png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F771 206 B
260 B 56ms
56ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.watchthedeer.com&callback=_gfp_s_&client=ca-pub-8231981577508149

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1b25598603740a2adcf0b31825412e1ba98b95377fc872055c68584cc92ab282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F771 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.watchthedeer.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F771 107 B
165 B 24ms
24ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.watchthedeer.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97B3 399 B
389 B 125ms
125ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=1345794752&pi=t.ma~as.3764299431&w=728&lmt=1615222776&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776328&bpp=5&bdt=327&idt=78&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=614&ady=289&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.xy47ps3emxvm&fsb=1&xpc=GMutWJW1xA&p=http%3A//www.watchthedeer.com&dtd=86

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e8cdd1924e857d4fd8f2816da2f7ac828b6664e867aac547d1af6c39ff39e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&h=90&slotname=3764299431&adk=2422062174&adf=1345794752&pi=t.ma~as.3764299431&w=728&lmt=1615222776&psa=0&format=728x90&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776328&bpp=5&bdt=327&idt=78&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=614&ady=289&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.xy47ps3emxvm&fsb=1&xpc=GMutWJW1xA&p=http%3A//www.watchthedeer.com&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:36 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F771 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:36 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B937 399 B
366 B 156ms
155ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=2340498195&pi=t.ma~as.3764299431&w=300&lmt=1615222776&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776334&bpp=1&bdt=333&idt=85&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&prev_fmts=728x90&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=491&ady=505&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=2&uci=2.vh4lgl4oa20b&fsb=1&xpc=afV1HYu516&p=http%3A//www.watchthedeer.com&dtd=89

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b313c50e38b8b7d3dad6c07c997423fee2a643ee9fa001e25c66c2c572c20c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=3419418403&adf=2340498195&pi=t.ma~as.3764299431&w=300&lmt=1615222776&psa=0&format=300x600&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776334&bpp=1&bdt=333&idt=85&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&prev_fmts=728x90&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=491&ady=505&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=2&uci=2.vh4lgl4oa20b&fsb=1&xpc=afV1HYu516&p=http%3A//www.watchthedeer.com&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:36 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:36 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5ED5 399 B
366 B 133ms
133ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=2365168417&pi=t.ma~as.3764299431&w=120&lmt=1615222776&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776336&bpp=2&bdt=335&idt=90&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1455&ady=518&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=3&uci=3.ibz59ub1dc3q&fsb=1&xpc=K1Brrd3OrR&p=http%3A//www.watchthedeer.com&dtd=94

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44131fffb5c311d3b0842941427b549f308bbbb16f15b544374aaf693c68400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8231981577508149&output=html&h=600&slotname=3764299431&adk=4223940128&adf=2365168417&pi=t.ma~as.3764299431&w=120&lmt=1615222776&psa=0&format=120x600&url=http%3A%2F%2Fwww.watchthedeer.com%2FLive.aspx&flash=0&wgl=1&dt=1615222776336&bpp=2&bdt=335&idt=90&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&prev_fmts=728x90%2C300x600&correlator=2734279182556&frm=21&ife=1&pv=1&ga_vid=515497014.1615222776&ga_sid=1615222776&ga_hid=481760551&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1455&ady=518&biw=1600&bih=1200&isw=650&ish=410&ifk=3755261322&scr_x=0&scr_y=0&eid=44736376&oid=3&pvsid=1992172912725203&top=http%3A%2F%2Fwww.watchthedeer.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C410&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=3&uci=3.ibz59ub1dc3q&fsb=1&xpc=K1Brrd3OrR&p=http%3A//www.watchthedeer.com&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 08 Mar 2021 16:59:36 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 17:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 08 Mar 2021 16:59:36 GMT
cache-control: private

GET
H/1.1 200
OK ImageOne_small.jpg
www.watchthedeer.com/App/live/ Frame FA5A 4 KB
5 KB 176ms
175ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageOne_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 18f6f4101a5ff3ef5476d32737d2736185a49ea7280508a7aa4696af620b4a51

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: W/"c49cb5de3b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4601

GET
H/1.1 200
OK ImageTwo_small.jpg
www.watchthedeer.com/App/live/ Frame FA5A 6 KB
6 KB 127ms
125ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageTwo_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6e9b7304e142723f6c3a73c0b709f3b2948839b929f98971c6f6627bc934b4a0

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "58acf5d93b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6116

GET
H/1.1 200
OK Imagethree_small.jpg
www.watchthedeer.com/App/Live/ Frame FA5A 10 KB
10 KB 127ms
125ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/Live/Imagethree_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e31f49949e9d8a23efe4635e3e454f3aa13f6aaebb893b06461231de926e22db

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:35 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "144515dc3b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10228

GET
H/1.1 200
OK ImageFour_small.jpg
www.watchthedeer.com/App/live/ Frame FA5A 8 KB
8 KB 125ms
124ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageFour_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ab22feee86432fdfc8840aaf5b6d5d0bc788218e67f58bdc466e91e59f7601dd

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: W/"a96ad0d83b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8369

GET
H/1.1 200
OK ImageFive_small.jpg
www.watchthedeer.com/App/live/ Frame FA5A 4 KB
4 KB 131ms
131ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageFive_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: eef142f3a79a6541faca7e8ffddeb44a0fb45131bf6933164a768dfd4b12dc5b

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "13168adc3b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4222

GET
H/1.1 200
OK ImageSix_small.jpg
www.watchthedeer.com/App/live/ Frame FA5A 6 KB
6 KB 192ms
123ms Image
image/jpeg 47.48.194.90
CHARTER-20115

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.watchthedeer.com/App/live/ImageSix_small.jpg
Requested by: Host: www.watchthedeer.com
URL: http://www.watchthedeer.com/LiveFeed.aspx
Protocol: HTTP/1.1
Server: 47.48.194.90 Smyrna, United States, ASN20115 (CHARTER-20115, US),
Reverse DNS: 047-048-194-090.biz.spectrum.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 20d2c81d064259094df46701d2cd910e4418136707e737c8ed50354e82783a92

Request headers

Referer: http://www.watchthedeer.com/LiveFeed.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 16:55:40 GMT
Last-Modified: Mon, 08 Mar 2021 16:55:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2cd58bca3b14d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6165

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F771 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dab0a1d2ddc87c85eff0d0ba1df59801dcd8ee4b79c693f0fd4be1ea3a6cd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6518
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F771 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:59:36 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CB23 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.watchthedeer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.watchthedeer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 08 Mar 2021 15:58:45 GMT
expires: Tue, 08 Mar 2022 15:58:45 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3651
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame CB23 14 KB
6 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 07:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 33519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 08 Mar 2022 07:40:57 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F771 0
121 B 43ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=1992172912725203&bg=!YmGlYSLNAAWsVXnBrDsAKQB2-Dxa0LPM3ruF_A9JE3zzUvmtayyvp7uwyv1nNz6RRcF54-8vfCTrAgAAAFNSAAAADGgBBwoBPrOAzV5-zQIUT359XJtsuKGhpr3U0N2PHUyZA0sD1F3Z42IV8c5qytiYdJT6RCHJOwzeiVDCw8wDCB82QjdzROqJBV78bRAgdw_n2eKupDQ88lbEsoOMGkeAKdRiYfXmIoX9heOqqa_tVO8oqoQcm4Faoqm6DXLPoPWBZP6Z9x9Q9YOdJ3tDrOPez-tmmLQZTf07SyIFNo3BoV7nHv7Hv2q1jSu2LtyZ0QzhmPgMEloR5_0ajmekRMX-wMQSkEmSgaMebG4g6U2Qy2weE_eMOuB-K551MTgw_L15wD48og-1R_c4iteY9ZT2-NuZZlsiuW3QsVoaIaxDYPVHY2fTwakAkIQfWd7BBBpp6DVOr3lXe7xIcM0-J1P8MrwkPEVYu5zF-TyqYNPZubIS4kZlDvP9pjntfSqFSUxemkHBYZkCLbq0d4Gomdydm-LWijadrNF1-1woA6Xp7fC3SbbfV9GWEu_iRpbHKpzJgR1ElfU574_QVLP76HlBGCY-blOPtn4u5OcDYbpeyUevOENfb18fWBFS9KDgi-_8pcfsi9-7RLQgDVgweGxXghsyktdIFFkajVkuLX5tgCMrdGymikHmF5nr_JDLH_KuIw8Gi6tH5tFYLG13KYBOmtOL7tP91NwbNv8-lfWtJ19s8_XSSHjyIiyx27okYP9qUPZqJ-vMvExbttQ_NiS7QqrJaXMGcWBVbF7hya2DmcZAcn2cjrZeIgcfIXBhx4l2UfBMLmBd2gttZFHwL0ZLqHUJ-0dwpuszrqd6wvBCcUhoLShOcxVdFds1KnuIyGJggfC9sZJo53NWDIUE3cIds8qcxyO8W57JCv51-5sSXYpNbKbvkrvbhEgoSmXdUGLC1jMEg6FNRMU6FOrQp3nvaIRV4LHQ0pD9rgfAcsrtCJxVcxNaQcbKZPhy3187WVWwdS587CHQPDdfg8Jga1lZzMT7M0LwKPjdiGSUTnCW-ObxqGeRCRCUZGwdna76EqOuqA3HzkYEtQMzgdli55e6L5qLnwxQci4XKiWBp1hMJ5nwprEkCErvCnj363R70kLJiYpbqPzslEyIJlFCJ0z8rZQ-JvpBFN0fGddgWQMKHS-BuC7OggwApJ0N2dIyCg9ywIaWFCN7ES2VZ5jfB6oWhgerW4L7jp0Bxczccutn3ZERN0VG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.watchthedeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 16:59:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:40:23	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 02:01:58	Name: IDE Value: AHWqTUnj_NRItdU9Sc6K62GS-ccpOZg7nEtZv6O1gnW0h1P3wLpANJaLJ_EW5o7kitc
.watchthedeer.com/	1970-01-20 01:27:25	Name: __auc Value: a75d503517812c77757a302df58
.watchthedeer.com/	1970-01-20 02:01:58	Name: __gads Value: ID=6ba22040566e2f37-22b9328eb6ba0070:T=1615222765:RT=1615222765:S=ALNI_MaQhSjD8-N3MNH4PSxhcDSBjKB6fg
.watchthedeer.com/	1970-01-19 16:41:49	Name: _gid Value: GA1.2.1885678054.1615222765
.watchthedeer.com/	1970-01-19 16:40:24	Name: __asc Value: a75d503517812c77757a302df58
www.watchthedeer.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mh22gyvfipp2sih0fiecl233
.watchthedeer.com/	1970-01-19 16:40:22	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 16:40:26	Name: DSID Value: NO_DATA
.watchthedeer.com/	1970-01-20 10:11:34	Name: _ga Value: GA1.2.64505476.1615222765

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a96b687c19a07fab40751ff0f51c745a1.profile.iad79-c3.cloudfront.net
adservice.google.com
adservice.google.de
af03eea422d49b9134aa4f10db3c1fe14.profile.gru1-c1.cloudfront.net
certify.alexametrics.com
cloudfront-labs.amazonaws.com
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ww1.watchthedeer.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.watchthedeer.com
13.226.159.25
13.226.159.89
13.227.102.176
142.250.186.34
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9b
2a00:1450:400c:c1b::9b
3.22.151.189
47.48.194.90
72.21.202.25
99.86.227.218
05ee78c450733ff0f98d2084bac229f0fc29c689e7e2bb5d79082b7df6ee6840
09206ae25df521afe6221ac6b63b0edb8eb38851adfb82ff30d55296c32ae0b5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
115eed40bd24f96e2562f73ec02186683f00c096ebd7b30bb56abd74814e1402
161fb8ecc1f78e7f3dce28f4e5591de7005de18e426e993d783a18f0d90a1575
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f6f4101a5ff3ef5476d32737d2736185a49ea7280508a7aa4696af620b4a51
1b25598603740a2adcf0b31825412e1ba98b95377fc872055c68584cc92ab282
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
20d2c81d064259094df46701d2cd910e4418136707e737c8ed50354e82783a92
210ad492a20358cefc86c84251b460fe364e3b90a7f8f57f82b83cbf2a8940a1
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2d7d5c85c11aea6e48746d2ca3214d1eb9d0d6840d044d28c2bd11c0dcfb5458
2ddfc60a9e7aee1be76983c053895ac8bbd79b89dc80ea7cb6101f33e563b08a
3712dd1e4289b1ce79ce32bc43268902a1567744b4d9d64e6ac3397ac9f46420
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
478350a4a4d79ba77e1fca3297b1279d1cbc4812b2138f7cd309217756530697
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
5dab0a1d2ddc87c85eff0d0ba1df59801dcd8ee4b79c693f0fd4be1ea3a6cd7f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9b7304e142723f6c3a73c0b709f3b2948839b929f98971c6f6627bc934b4a0
71cc9455c0c85e76f70a9449cd227a4acc7ab94f817a895a857ddcd42958c2d2
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7eb668b8ec584b3afaadd412a3a1961a5678b2075d2a47e78251cda2d18b7a76
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8770eb816490db5b8167294abce925dddcb08b7ee69bdd2b88970aebff384468
88a2458f1d20738041096324a205a89d91a53cdf4b2370124c68347842b8e738
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e8cdd1924e857d4fd8f2816da2f7ac828b6664e867aac547d1af6c39ff39e36
8f8e6f4df9ecfc621dc7df601962e3d347ec02c82bc6f5fc51e51eccb0ea1ba8
9029cba871345186f274b4dccb6ee66efb83e3673faa064bd93e93a8f3f7c137
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
927d5248bfa6812ea50dc4486397cdd43ef706437bd2db68ba1f41a7b87c97ec
9e75febffb9e943a7307d91c2360caac7a2d9d7000ddc3eeebb717cac149dfac
a3a5000d0a340417fded96d6983281ca14f98f3a3993540ee2abbe86570143a0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b8a6ccf01843b25a82dadbb9eabb8cd9bee9df7cda4b6b2ff48cb5b9f6cf7d
a52ac19b8a380257c436cf113c0ab31fab1ae29a997b89292b8e7a67575aa01b
ab22feee86432fdfc8840aaf5b6d5d0bc788218e67f58bdc466e91e59f7601dd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b304c12bf3536c556343974c9f0a3fabd5cf84c3e38bd71f8bc1882f395d239a
b313c50e38b8b7d3dad6c07c997423fee2a643ee9fa001e25c66c2c572c20c30
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b695f02cb8d3d977ce53fb4a0fa5c87baf5c460ddec7e712a89f8534b71e764f
b8cd648f71c134ed70018b75a45ecaa10192488a522c5bae70f9281addc47683
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c44131fffb5c311d3b0842941427b549f308bbbb16f15b544374aaf693c68400
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcffa951b573ef36b9193bceed50d5bade5780c99b3a0da0f41ccaf79431a5f1
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e31f49949e9d8a23efe4635e3e454f3aa13f6aaebb893b06461231de926e22db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
eaa629d9f0548932ed3e6e758bb03ba934aa479ca2b03a992e4730d0b4668ae9
eef142f3a79a6541faca7e8ffddeb44a0fb45131bf6933164a768dfd4b12dc5b
ef16c3dbb574e89f4ac5ff4ff25522137c69d26a877ad3b0b7cb34ad74ff577b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c6922787c849eb2010cd2f0201f60d3aefbc12224e534d535862b7ebc13bb4
facac59bd82c7b6d8afa0f22bc99b26a16eafc6759a4e1fcac405f09da221141

www.watchthedeer.com Open in urlscan Pro 47.48.194.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

69 %HTTPS

67 %IPv6

14 Domains

21 Subdomains

21 IPs

3 Countries

1404 kBTransfer

4327 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.watchthedeer.com Open in urlscan Pro
47.48.194.90 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

69 %
HTTPS

67 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

1404 kB
Transfer

4327 kB
Size

10
Cookies

114 HTTP transactions
4 data transactions