urlscan.io logo urlscan.io
SecurityTrails logo

www.heatbud.com Open in urlscan Pro
44.236.67.76  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Submission: On May 21 via manual from DE — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 3 countries across 15 domains to perform 109 HTTP transactions. The main IP is 44.236.67.76, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.heatbud.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on January 15th 2022. Valid for: a year.
This is the only time www.heatbud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 44.236.67.76 16509 (AMAZON-02)
1 142.250.185.74 15169 (GOOGLE)
1 99.86.7.29 16509 (AMAZON-02)
2 142.250.186.170 15169 (GOOGLE)
1 142.250.185.200 15169 (GOOGLE)
14 142.250.186.34 15169 (GOOGLE)
3 52.92.193.113 16509 (AMAZON-02)
4 142.250.186.67 15169 (GOOGLE)
1 65.9.63.37 16509 (AMAZON-02)
1 3.65.88.85 16509 (AMAZON-02)
3 142.250.185.78 15169 (GOOGLE)
9 142.250.185.98 15169 (GOOGLE)
4 52.218.169.216 16509 (AMAZON-02)
1 142.250.185.194 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 65.9.63.85 16509 (AMAZON-02)
1 99.86.7.44 16509 (AMAZON-02)
2 66.155.71.94 13768 (COGECO-PEER1)
4 142.250.186.66 15169 (GOOGLE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 34.234.168.173 14618 (AMAZON-AES)
12 142.250.185.97 15169 (GOOGLE)
1 142.250.186.163 15169 (GOOGLE)
19 142.250.185.198 15169 (GOOGLE)
1 143.204.215.126 16509 (AMAZON-02)
2 142.250.181.226 15169 (GOOGLE)
1 44.240.95.154 16509 (AMAZON-02)
1 174.129.16.30 14618 (AMAZON-AES)
1 142.250.185.196 15169 (GOOGLE)
109 29
15    44.236.67.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-67-76.us-west-2.compute.amazonaws.com
www.heatbud.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
ajax.googleapis.com
1    99.86.7.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-29.fra6.r.cloudfront.net
platform-api.sharethis.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
14    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
3    52.92.193.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
postheadshots.s3.amazonaws.com
4    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
1    65.9.63.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-37.fra56.r.cloudfront.net
buttons-config.sharethis.com
1    3.65.88.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-88-85.eu-central-1.compute.amazonaws.com
l.sharethis.com
3    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
9    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
4    52.218.169.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.com
1    65.9.63.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-85.fra56.r.cloudfront.net
count-server.sharethis.com
1    99.86.7.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-44.fra6.r.cloudfront.net
platform-cdn.sharethis.com
2    66.155.71.94 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
node-uk-eng3he.sitescout.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googletagservices.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.234.168.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-168-173.compute-1.amazonaws.com
q.adrta.com
12    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.gstatic.com
19    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
1    143.204.215.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-126.fra53.r.cloudfront.net
pix.adrta.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
1    44.240.95.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-95-154.us-west-2.compute.amazonaws.com
ipv6.adrta.com
1    174.129.16.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-16-30.compute-1.amazonaws.com
adrta.com
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
285 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
123 KB
15 heatbud.com
www.heatbud.com
673 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
ad.doubleclick.net — Cisco Umbrella Rank: 202
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
80 KB
7 amazonaws.com
postheadshots.s3.amazonaws.com
s3-us-west-2.amazonaws.com
599 KB
5 adrta.com
q.adrta.com — Cisco Umbrella Rank: 2196
pix.adrta.com — Cisco Umbrella Rank: 3029
ipv6.adrta.com — Cisco Umbrella Rank: 2318
adrta.com — Cisco Umbrella Rank: 1679
13 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
95 KB
5 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5086
buttons-config.sharethis.com — Cisco Umbrella Rank: 5896
l.sharethis.com — Cisco Umbrella Rank: 4718
count-server.sharethis.com — Cisco Umbrella Rank: 11354
platform-cdn.sharethis.com — Cisco Umbrella Rank: 11424
45 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
114 KB
4 sitescout.com
node-uk-eng3he.sitescout.com — Cisco Umbrella Rank: 465186
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
fonts.googleapis.com — Cisco Umbrella Rank: 46
36 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
694 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
40 KB
109 15
Domain Requested by
18 s0.2mdn.net www.heatbud.com
s0.2mdn.net
googleads.g.doubleclick.net
15 www.heatbud.com www.heatbud.com
ajax.googleapis.com
13 pagead2.googlesyndication.com www.heatbud.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
www.heatbud.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
4 www.googletagservices.com googleads.g.doubleclick.net
www.googletagservices.com
4 s3-us-west-2.amazonaws.com www.heatbud.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.heatbud.com
3 postheadshots.s3.amazonaws.com www.heatbud.com
2 googleads4.g.doubleclick.net www.heatbud.com
2 q.adrta.com googleads.g.doubleclick.net
q.adrta.com
2 pixel-sync.sitescout.com 2 redirects
2 node-uk-eng3he.sitescout.com googleads.g.doubleclick.net
2 fonts.googleapis.com www.heatbud.com
googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 adrta.com pix.adrta.com
1 ipv6.adrta.com pix.adrta.com
1 pix.adrta.com q.adrta.com
1 ad.doubleclick.net www.googletagservices.com
1 www.gstatic.com googleads.g.doubleclick.net
1 cm.g.doubleclick.net googleads.g.doubleclick.net
1 platform-cdn.sharethis.com www.heatbud.com
1 count-server.sharethis.com platform-api.sharethis.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.googletagmanager.com www.heatbud.com
1 platform-api.sharethis.com www.heatbud.com
1 ajax.googleapis.com www.heatbud.com
109 31

This site contains links to these domains. Also see Links.

Domain
commons.wikimedia.org
www.facebook.com
okcasino.com
Subject Issuer Validity Valid
heatbud.com
SSL.com RSA SSL subCA		 2022-01-15 -
2023-02-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.adrta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-10 -
2022-06-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Frame ID: 535E7323B48C700098AC449F21038298
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 8DF0A2800D5DF7DB935F2CD9700B1BEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=400&slotname=1269067337&adk=2282960181&adf=1227276847&pi=t.ma~as.1269067337&w=200&lmt=1653120128&psa=0&format=200x400&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128119&bpp=3&bdt=1369&idt=296&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&correlator=5020411459050&frm=20&pv=2&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=50&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Fmu62Dlfh&p=https%3A//www.heatbud.com&dtd=311
Frame ID: E41878500223DA57A0F482A142DB84CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&adk=1812271804&adf=3025194257&lmt=1653120128&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128439&bpp=1&bdt=1688&idt=1&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=4&uci=a!4&fsb=1&dtd=10
Frame ID: E342980E3DDF3E3AB530199769BEA71B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Frame ID: CE1FEDCFA14763DE46528BFFE0891683
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Frame ID: 07F1D3CA0EA663EE51803028E2EEBF5B
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1653120128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&psa=0&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128719&bpp=2&bdt=1968&idt=2&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90%2C728x90&nras=2&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wETJ5myLrp&p=https%3A//www.heatbud.com&dtd=14
Frame ID: AF63FEC1D86C4FD85E5E2AE6463DFE63
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: 6765D2C13D476D5326AB2087700B6B18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB0CD75AE52755A45578B74593AA21C1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/11401073/1650913349015/index.html
Frame ID: D4A30BDCAA48B0B1E3BE4E117155E835
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2252360DFAEB6ED692E505F72D5572B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02BABEF55A1BD6ABDFE506391978B3AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heatbud | Lifestyle - Free On the web Betting Through NBA Baseball Fantasy Activities

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

99 %
HTTPS

0 %
IPv6

15
Domains

31
Subdomains

29
IPs

3
Countries

2125 kB
Transfer

3467 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KsF7AYojSQ2TwBsyvK-WAGKInIE

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
www.heatbud.com/post/ 		53 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
3dc8862656abf631f5b3ce6264ddfbf81738c301681966aa364999ecb96afce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
is-IS
content-type
text/html;charset=UTF-8
date
Sat, 21 May 2022 08:02:06 GMT
expires
0
pragma
no-cache
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 May 2022 23:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 23:25:14 GMT
heatbud-images-min.js
www.heatbud.com/resources/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/resources/js/heatbud-images-min.js?20190402
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
12942e23b47319bc5eb290ab03aa490d10166cf91f01c70e66f2ecede33e0b56

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:06 GMT
last-modified
Wed, 25 Apr 2018 09:08:48 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
8209
content-type
application/javascript
heatbud-mrl-min.js
www.heatbud.com/resources/js/ 		52 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/resources/js/heatbud-mrl-min.js?20190402
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
7c622f6c7cdbc1b53eb31b7eb6aa1e4187b0ced352069a6ad92773b64363fe79

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:06 GMT
last-modified
Wed, 05 Aug 2020 19:09:08 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
53118
content-type
application/javascript
heatbud-common-min.js
www.heatbud.com/resources/js/ 		375 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/resources/js/heatbud-common-min.js?20190402
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
bbe304b0dd064917968a509ab78208157438bf56add5f497bbfeda98eafdb0bb

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:06 GMT
last-modified
Sat, 02 Feb 2019 20:09:40 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
375
content-type
application/javascript
heatbud-pagebox-min.js
www.heatbud.com/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/resources/js/heatbud-pagebox-min.js?20190402
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
34586a8b3f0d9723be13ff897264acaa4a59c45912cd33313d273687af2c4f24

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Sun, 13 Jan 2019 07:57:46 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
1725
content-type
application/javascript
sharethis.js
platform-api.sharethis.com/js/ 		187 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-29.fra6.r.cloudfront.net
Software
/
Resource Hash
aeef17cb37c9f11b40b147b04e3f16ee3a2fdaa90bae2d503a7e3e99399ea682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:55:18 GMT
content-encoding
gzip
vary
Accept-Encoding
age
409
etag
W/"2ed4f-4+kfuOk8lynXIin2Z82IybFv7jo"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA6-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
ZxCbhlfPWbhihhE5hW_-4DEhkhdY1et5me2bqkSofHJR0Cfa4_GkCQ==
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
9db314e6dc393fbc9c4e4f4d5672a12cb016d108791afb983d8c1a160302eb4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 May 2022 08:02:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 21 May 2022 08:02:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 May 2022 08:02:07 GMT
main-min.css
www.heatbud.com/resources/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/resources/css/main-min.css?20190402
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
357b43b23a327e02e7e5a8987441641f43e57caec9516a77c0516e4c7d3e6030

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:06 GMT
last-modified
Sun, 31 May 2020 16:42:20 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
7434
content-type
text/css
gtm.js
www.googletagmanager.com/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RMV88N
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f5bb73131e7eb4aa04861cabcc0651b9a2842b6acc868fc9123277d98cd52b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40939
x-xss-protection
0
last-modified
Sat, 21 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 May 2022 08:02:07 GMT
heatbud-logo.png
www.heatbud.com/resources/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/heatbud-logo.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
a046289a29195690b7aec507f3bc7ce55bf243c578c018165aee5999fe19188b

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Wed, 28 Mar 2018 15:00:00 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
9174
content-type
image/png
home.png
www.heatbud.com/resources/images/ 		923 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/home.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
312aa0f053c0ae9f532190b359463560436fbf9286c1368573b978a71c3c1606

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Wed, 11 Feb 2015 16:16:54 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
923
content-type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c5f83f947ac883d7c254b4bb0b8259fd3a0b07df5a1968c1740157b4d1d867bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56604
x-xss-protection
0
server
cafe
etag
2444901683974878183
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 May 2022 08:02:07 GMT
vote-up.png
www.heatbud.com/resources/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/vote-up.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
e4655e8131deb0ca8914ced0601db2ab8034b9b1d076bbace1902860c4c5b870

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Sun, 27 Jan 2019 15:36:22 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
4745
content-type
image/png
vote-down.png
www.heatbud.com/resources/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/vote-down.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
57c3d613989fd2d291b6dea679565b24be8706278a42dfc4cf22538acf720e8f

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Sun, 27 Jan 2019 15:36:24 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
5941
content-type
image/png
comments.png
www.heatbud.com/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/comments.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
0cc853a4507613bd6e3ecbe3e2e32549aedaa506817f9345a7e2083a2fd01a90

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Sun, 27 Jan 2019 16:04:36 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
4161
content-type
image/png
whatis.png
www.heatbud.com/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/whatis.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
c78c9fdbd5288466815fa3f8c60cdebcde9311d35c1bea58a528e368192789cb

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Tue, 10 Mar 2015 22:08:44 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
3744
content-type
image/png
ckeditor.js
www.heatbud.com/resources/js/ckeditor/ 		515 KB
518 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/resources/js/ckeditor/ckeditor.js
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
3d25a4eabdba10572ee71e0e338f1c609f0d47fc7eb61a04ec368daea3fa1bc2

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Thu, 30 Jan 2014 18:53:06 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
526864
content-type
application/javascript
lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
postheadshots.s3.amazonaws.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postheadshots.s3.amazonaws.com/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.193.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
67094fe35f0e97109f4306ae2be8a8d8e270ffbc1ba401c2626c307a7c1a220e

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:09 GMT
Last-Modified
Sat, 14 May 2022 13:12:43 GMT
Server
AmazonS3
x-amz-request-id
G3V87EF2H2D85WW7
ETag
"b02565f73d513f549cfdb3485c50509c"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
12718
x-amz-id-2
1r3CDPozNZhh7bNqpvfu7bCGi+3Wi4HC1ybrWbROLZfdZsq1fENe5F+eJ7PBf/+QLnD8Qg9ghTA=
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heatbud.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 May 2022 11:57:13 GMT
x-content-type-options
nosniff
age
417894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 11:57:13 GMT
wlpzgwTPBVpjpCuwkuEB3kZK.woff2
fonts.gstatic.com/s/faunaone/v13/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/faunaone/v13/wlpzgwTPBVpjpCuwkuEB3kZK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ef7949fcabf4b5b0421194d350223cf551b194abc6292cec9a9e951b388fc08d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heatbud.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 00:01:12 GMT
x-content-type-options
nosniff
age
115255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:27:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 00:01:12 GMT
get-related-posts
www.heatbud.com/action/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heatbud.com/action/get-related-posts
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
de3049a0f430a170819809f7ef7eaeb40b2c36ba19629b2f477217ea8aa07675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
X-Requested-With
XMLHttpRequest
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:07 GMT
x-content-type-options
nosniff
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
x-frame-options
DENY
content-type
application/json;charset=ISO-8859-1
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
2755
x-xss-protection
1; mode=block
expires
0
button-bg.gif
www.heatbud.com/resources/images/ 		155 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heatbud.com/resources/images/button-bg.gif
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/resources/css/main-min.css?20190402
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.67.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-67-76.us-west-2.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
e218adca7626fd89e0b1ecc2fdd8acccb715707fe24b2b144f3f5126b9105c82

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/resources/css/main-min.css?20190402
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:07 GMT
last-modified
Mon, 02 Dec 2013 21:57:40 GMT
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
accept-ranges
bytes
content-length
155
content-type
image/gif
Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo%7CDroid+Sans+Mono%7CFauna+One%7CImprima%7CLato%7CMarvel%7COffside%7COpen+Sans%7COxygen+Mono%7CPermanent+Marker%7CRaleway%7CRoboto+Mono%7CScope+One%7CText+Me+One%7CUbuntu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heatbud.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 May 2022 00:17:49 GMT
x-content-type-options
nosniff
age
287058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29564
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 17:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 00:17:49 GMT
5a9e07be57f7f1001382393f.js
buttons-config.sharethis.com/js/ 		443 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5a9e07be57f7f1001382393f.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
852942cd647c48a81ed1918477cae3dc3d5a8a64ddb5fb791cee2d2ef8f46722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:09 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
last-modified
Sat, 10 Mar 2018 03:25:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"c12b36559f9673022a2b11992c01f2bd"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
443
x-amz-cf-id
BNRuIN76ecnXXFDEeJP-asH1pumVbcIqGgu1xMiF9nsOaCW8diMdQA==
pview
l.sharethis.com/ 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.heatbud.com&location=%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&product=inline-share-buttons&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20the%20web%20Betting%20Through%20NBA%20Baseball%20Fantasy%20Activities&cms=unknown&publisher=5a9e07be57f7f1001382393f&sop=true&version=st_sop.js&lang=en&description=Free%20On%20the%20web%20Betting%20Through%20NBA%20Baseball%20Fantasy%20Activities
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.88.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-88-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://www.heatbud.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RMV88N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1642
date
Sat, 21 May 2022 07:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 21 May 2022 09:34:46 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/ 		311 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f8558f85d4be6397176f4401d8d9f85e23801a54c22c94a7d1f5c5f512d6fe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113662
x-xss-protection
0
server
cafe
etag
9218498395781769821
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 08:02:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 8DF0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

age
43424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 19:58:24 GMT
etag
1428802124239944296
expires
Fri, 03 Jun 2022 19:58:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
beauty-fashion-appeal-of-online-casino-activities-2
postheadshots.s3.amazonaws.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postheadshots.s3.amazonaws.com/beauty-fashion-appeal-of-online-casino-activities-2
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.193.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ab71d17333557f2e3ee1abfd393503aabd01d18ed8630ebcb6a3f6f473919406

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:09 GMT
Last-Modified
Thu, 12 May 2022 07:46:09 GMT
Server
AmazonS3
x-amz-request-id
G3VCK419DKKNPDZ0
ETag
"6c4b4c0302e3519af597f9c8aa53d1c5"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
8411
x-amz-id-2
BFyrb+tXn7reQERUKeuHcEGcafg4V0qhKVKwsWg2E+8Ll03qS4BWP36XHi+nSu+2jRn6XXq8XBo=
31611581594-3ee19c3b68-z.jpg
s3-us-west-2.amazonaws.com/heatbudimages/jn/thumbs/common/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/heatbudimages/jn/thumbs/common/31611581594-3ee19c3b68-z.jpg
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
cada21d6f3a541cae8b4717ae0c6fcb7e6100721e6bcbb3e564cb910f1681862

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:10 GMT
Last-Modified
Wed, 22 Nov 2017 22:42:17 GMT
Server
AmazonS3
x-amz-request-id
XZ4HQW8A4JR03588
ETag
"5068e8d9c91eb547ca4aa3be783186fe"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
177909
x-amz-id-2
zndI735GU1JFRuQpuwwg34ADZaUdK0IgVxgxYv9e+PQm6O/QWSUKbd63un328sXNw5CEir1XfA4=
7.png
s3-us-west-2.amazonaws.com/heatbudimages/hannahsjennaj2/thumbs/common/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/heatbudimages/hannahsjennaj2/thumbs/common/7.png
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b7ac183c684b582f044b0aa05436e680925552f9b58a94c3d21b071f66f088d

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:10 GMT
Last-Modified
Sat, 13 Jan 2018 01:53:46 GMT
Server
AmazonS3
x-amz-request-id
XZ4J6RC9AXM50XX7
ETag
"9059535869476be30452cc52c4817f31"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
146430
x-amz-id-2
WL53UNKmUQyeT4cFMlJZcXl0EjvL/7jVoZmGysJogNTjOBNGJxKf1NTy4YOG1r0E18nQtgRPtOc=
cropped-banner-rafting.jpg
s3-us-west-2.amazonaws.com/heatbudimages/jamtoursandtransfer/thumbs/common/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/heatbudimages/jamtoursandtransfer/thumbs/common/cropped-banner-rafting.jpg
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
1bdca305f0af054b1c641b1568aa65505bde6e58bbeadf09fe8b1691ab652869

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:10 GMT
Last-Modified
Sat, 07 Oct 2017 11:52:34 GMT
Server
AmazonS3
x-amz-request-id
XZ4KDES60BG9NAVW
ETag
"6dea055e36616e7bdaac34dd675d931a"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
113446
x-amz-id-2
QYRWDZrM8jmNtlUz+yxGkE5iKbZi6c3hOd0UqAjyztbdzUaP2EW6bYHX/jMK7zhJxGENWij5cAA=
10612671-1853544198205413.jpg
s3-us-west-2.amazonaws.com/heatbudimages/thegreatescaperoom-com/thumbs/common/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/heatbudimages/thegreatescaperoom-com/thumbs/common/10612671-1853544198205413.jpg
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
baa62b9fda862d726e42b07cd71bdbb163a9a7843fd43bd9ab80ac2ae7641f20

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:10 GMT
Last-Modified
Thu, 30 Aug 2018 08:45:23 GMT
Server
AmazonS3
x-amz-request-id
XZ4N3SZ9M5R3V893
ETag
"3ad5bc630a516dd8915fd286e71cbb80"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
146601
x-amz-id-2
ceV+A3aKslyCLlHdWAV2KbbG/VrPDMGJ+qS05k4dd3wpttqYPFxzFx5pyyOb8faZjOr4d+bRHF4=
trendy-women-tops-that-will-help-you-to-improve-slot-activities-at-online
postheadshots.s3.amazonaws.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postheadshots.s3.amazonaws.com/trendy-women-tops-that-will-help-you-to-improve-slot-activities-at-online
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.193.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
89084c2b260795f6dd1c317c4eaa00c672829ad448e902ace3e9016fb881d2ee

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 May 2022 08:02:09 GMT
Last-Modified
Thu, 18 Feb 2021 15:29:23 GMT
Server
AmazonS3
x-amz-request-id
G3VAN0J2C910JH8P
ETag
"f9f789732f06d8d5e7018e6ccec1718f"
Content-Type
image/jpeg
Cache-Control
max-age=36000
Accept-Ranges
bytes
Content-Length
4646
x-amz-id-2
MaL5jdfsY5zimF6EOXiwz/cEwTHw77F3nXqBTOW2BbLwYLHivLkZ/HW6+hEqkd6mjzNBoaFHxzw=
cookie.js
partner.googleadservices.com/gampad/ 		389 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.heatbud.com&callback=_gfp_s_&client=ca-pub-3344897177583439&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
992b25caf94bf94dd1ebbbfd324a69942a383aa3dc27907a5c8b2360756189d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heatbud.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 May 2022 08:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E418 		430 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=400&slotname=1269067337&adk=2282960181&adf=1227276847&pi=t.ma~as.1269067337&w=200&lmt=1653120128&psa=0&format=200x400&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128119&bpp=3&bdt=1369&idt=296&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&correlator=5020411459050&frm=20&pv=2&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=50&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Fmu62Dlfh&p=https%3A//www.heatbud.com&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
00ed7fcaa6945b58388ddc5a40dee33479eb480400494e1864b664a65fe2882b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 08:02:08 GMT
expires
Sat, 21 May 2022 08:02:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&tn=DIV&id=cookieConsent&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&tn=TABLE&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E342 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&adk=1812271804&adf=3025194257&lmt=1653120128&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128439&bpp=1&bdt=1688&idt=1&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=4&uci=a!4&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
cad86f38746abb87da6703b478a8c17785b0f1d21befac2e2febc08003739515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4912
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 08:02:08 GMT
expires
Sat, 21 May 2022 08:02:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=618247322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&ul=en-us&de=UTF-8&dt=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20the%20web%20Betting%20Through%20NBA%20Baseball%20Fantasy%20Activities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=2135812993&gjid=686000120&cid=572144627.1653120128&tid=UA-48436913-1&_gid=667473869.1653120128&_r=1&gtm=2wg5b05RMV88N&cd2=1653120128029&cd3=%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&cd4=NULL&cd5=0&cd6=(not%20set)&z=726468139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heatbud.com/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heatbud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CE1F 		105 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
7e8e1b4a8985578df68929977a0bd9b0f82bde9adac0d5546aeaed2961e9a644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32971
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 08:02:09 GMT
expires
Sat, 21 May 2022 08:02:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 07F1 		24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
33145969ab074922c65c36ef5ce96ae781d9454d71c5a4fae5504cdda382a18b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9843
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 08:02:09 GMT
expires
Sat, 21 May 2022 08:02:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
get_counts
count-server.sharethis.com/v2.0/ 		202 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-85.fra56.r.cloudfront.net
Software
/
Resource Hash
cb597cf2fc182727501b91928aba16362bdebf8a858f794777291f847381868f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:08 GMT
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
d5386cdcd1f63a0f71612721393c9405
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
content-length
202
apigw-requestid
Sd1kKiq8oAMESKA=
x-amz-cf-id
VMqljl-LiwGDZIv8IOV2kqlx1-FLAsTkU6Lvy_I97vbzS4KTVIK2tQ==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-44.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 29 Apr 2022 01:59:16 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1922573
etag
"deecdaa377907db5cc1722fc831670a1"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
514
x-amz-cf-id
fzOGrzR1A8c5ytSN8SU8Kb_uVvodWw5je_57BLZnkLoa424jOFkNEg==
ads
googleads.g.doubleclick.net/pagead/ Frame AF63 		430 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=280&adk=3556840665&adf=2988049681&pi=t.aa~a.4113737628~i.15~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1653120128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1813280895&psa=0&ad_type=text_image&format=800x280&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128719&bpp=2&bdt=1968&idt=2&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90%2C728x90&nras=2&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wETJ5myLrp&p=https%3A//www.heatbud.com&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
aba0c80e34be708e3027dc1dd3d050007357ea5176a6480ba30aeb8fcc6f0fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
205
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 08:02:09 GMT
expires
Sat, 21 May 2022 08:02:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=618247322&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&ul=en-us&de=UTF-8&dt=Heatbud%20%7C%20Lifestyle%20-%20Free%20On%20the%20web%20Betting%20Through%20NBA%20Baseball%20Fantasy%20Activities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20Id&ea=trackClientId&_u=aDjAAEABAAAAAC~&jid=&gjid=&cid=572144627.1653120128&tid=UA-48436913-1&_gid=667473869.1653120128&gtm=2wg5b05RMV88N&cd1=572144627.1653120128&z=1023420276
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 23:15:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31580
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
aid:62889c8089b3942b03650008;c:YoicgAAJIAMKoR0CAAZKjteyhNSzBLOf78pX0g;cid:2088800;ts:1653120128726
node-uk-eng3he.sitescout.com/adx/px/ Frame 07F1 		43 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-uk-eng3he.sitescout.com/adx/px/aid:62889c8089b3942b03650008;c:YoicgAAJIAMKoR0CAAZKjteyhNSzBLOf78pX0g;cid:2088800;ts:1653120128726
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.94 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 08:02:09 GMT
Server
A
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control
max-age=0,no-cache,no-store
Connection
close, close
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Oct 1977 12:34:56 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 07F1 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9377
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 21 May 2022 08:59:09 GMT
pixel
cm.g.doubleclick.net/ Frame 07F1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KsF7AYojSQ2TwBsyvK-WAGKInIE
170 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KsF7AYojSQ2TwBsyvK-WAGKInIE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:09 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KsF7AYojSQ2TwBsyvK-WAGKInIE
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
aa.js
q.adrta.com/ Frame 07F1 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/aa.js?cb=1653120128725
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.168.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-168-173.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d05abd3dda98ad864ddb307bc7a3954b0f04e743bb2078d1275cf3731a157a8b

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 21 May 2022 08:02:09 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
881
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 07F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSRk5gJyIYoPAJIK6hAWOlZnQA4n4vJBh-__y1aoNwI23ARABIABgycayh9yj8BCCARdjYS1wdWItMzM0NDg5NzE3NzU4MzQzOcgBCagDAaoElAJP0DZBrUL6ZZV7TuwZGDQLyZTrpraX1e3hIXLpGBHydUcF87OeSXuG0-NyT_KcligaIZs1IIGn6X2J-X9ZWym9s8g7ivqvj1FDzs4htQuimts9sxw2FUZzXav95V4zzAiANRRigaJ9yRX4gU4qZWrL6psvFLj_iHt41bkxQ5_ZSKjbLDJzT6QwljHt2GgfPlAcfRkMNChLvACZfQV6WYrZGg6KGmJImnLk11F_7D7RhUtgGhn2l65dAy3cUrV5_KiMAeZ8iG1maFPeNdzEdlbELnCn_jchu1EMR3WXt6WsB--p8pj0O2gAVswTHh4u1HnOhFOI5KvwHAo80oYZc425frsXeCLjudqTKZk-f6kLzkRm4_iABqShgs6r1deP_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzM0NDg5NzE3NzU4MzQzORgA&sigh=7VzFx6p5JCs&uach_m=[UACH]&cid=CAQSGwCNIrLMy1CR2NlmTmvbuy00-I_-6_K3TDNQLxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 May 2022 08:02:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
aid:62889c8089b3942b03650008;c:YoicgAAJIAMKoR0CAAZKjteyhNSzBLOf78pX0g;cid:2088800;ts:1653120128726;d:5941190
node-uk-eng3he.sitescout.com/adx/win/ Frame 07F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://node-uk-eng3he.sitescout.com/adx/win/aid:62889c8089b3942b03650008;c:YoicgAAJIAMKoR0CAAZKjteyhNSzBLOf78pX0g;cid:2088800;ts:1653120128726;d:5941190
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.94 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 08:02:09 GMT
Server
A
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0,no-cache,no-store
Connection
close
Content-Length
0
Expires
Tue, 11 Oct 1977 12:34:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 07F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:54:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07F1 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 May 2022 08:02:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 07F1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 05:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7175
x-xss-protection
0
server
cafe
etag
14106299915199171216
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 05:40:19 GMT
css
fonts.googleapis.com/ Frame CE1F 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 May 2022 07:32:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 21 May 2022 08:02:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 May 2022 08:02:09 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame CE1F 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:55:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:55:47 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CE1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CU-ergJyIYtKXJMGWhQbP9JHABN35y41qjJaCsMAP7sWtgI8OEAEg78r2IWDJxrKH3KPwEKAB4L692QPIAQmoAwHIA8sEqgSdAk_QZKJ-ju8dz21Ao7PUnK_tyCILZQnEgAJDI2AqIDhrQMwhmCBHnLNmB_KOaQDCz1LXe6szJVGJYZ08DcXsRK8D-E-bs9rLdB5-RQwGryQApmawvkiESRdrF2u35hL3RSBIBrQxM3UKkCMoybeRF9Wnhm3nPVnvK3YMcOKtFrljGs4qDtz6BuZOYXlG0Gub2zas3ycqUoxnVf1dseRBJvtEgH26iK-g88dqQOn3c59CDNxlkD9Kmm3mgbJ_U46pvN7_-pvcYW3NF3uZZDS2ateE1kyu-XCNbn6EtSUWCo9ohYc5R5ajhAbTdhREV5Wtco9dbvYWfeFQdwt_Q_jEEnMM62sWV4qQL6FflRMD3nW72F7MWfOX8lvwRLDNC8AEr7Hz4e8DkgUECAQYAZIFBAgFGASgBi6AB4jBwiaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCcsg7SCAcIgGEQARgfgAoByAsBmAzX47_A9QO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTMzNDQ4OTcxNzc1ODM0MzkYAA&sigh=he4q-IYiiKI&uach_m=[UACH]&template_id=515
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 May 2022 08:02:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
18015688069658422261
tpc.googlesyndication.com/simgad/ Frame CE1F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18015688069658422261?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
46df14aefbfbba6d7ed8188bde22c68b488781bbf3a6685bcec256eedaf89603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 May 2022 14:44:28 GMT
x-content-type-options
nosniff
age
235061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2421
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 13:29:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 May 2023 14:44:28 GMT
truncated
/ Frame CE1F 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CE1F 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CE1F 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame CE1F 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8611
x-xss-protection
0
server
cafe
etag
11030745046341915621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:56:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame CE1F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:55:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame CE1F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 07:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 07:55:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE1F 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 May 2022 08:02:09 GMT
8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame CE1F 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12291
x-xss-protection
0
last-modified
Wed, 11 May 2022 08:21:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Aug 2022 13:38:13 GMT
impl_v88.js
www.googletagservices.com/dcm/ Frame 07F1 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v88.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 May 2022 09:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 May 2023 09:59:09 GMT
truncated
/ Frame CE1F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fdf46f5a7997548c700b47ac5cda9361e4163f298fb8cbe3b9e9fa14e7eee20

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame CE1F 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 May 2022 22:13:40 GMT
x-content-type-options
nosniff
age
294510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 22:13:40 GMT
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 6765 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
91447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 06:38:03 GMT
B27657814.334752890;dc_ver=88.258;sz=728x90;u_sd=1;gdpr=0;dc_adk=623461844;ord=9kncq8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMjpsgJyIYoPAJIK6hAWOlZnQA4n4vJBh...
ad.doubleclick.net/ddm/adj/N46002.3027484BASISDSP/ Frame 07F1 		62 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N46002.3027484BASISDSP/B27657814.334752890;dc_ver=88.258;sz=728x90;u_sd=1;gdpr=0;dc_adk=623461844;ord=9kncq8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMjpsgJyIYoPAJIK6hAWOlZnQA4n4vJBh-__y1aoNwI23ARABIABgycayh9yj8BCCARdjYS1wdWItMzM0NDg5NzE3NzU4MzQzOcgBCagDAaoElwJP0DZBrUL6ZZV7TuwZGDQLyZTrpraX1e3hIXLpGBHydUcF87OeSXuG0-NyT_KcligaIZs1IIGn6X2J-X9ZWym9s8g7ivqvj1FDzs4htQuimts9sxw2FUZzXav95V4zzAiANRRigaJ9yRX4gU4qZWrL6psvFLj_iHt41bkxQ5_ZSKjbLDJzT6QwljHt2GgfPlAcfRkMNChLvACZfQV6WYrZGg6KGmJImnLk11F_7D7RhUtgGhn2l65dAy3cUrV5_KiMAeZ8iG1maFPeNdzEdlbELnCn_jchu1EMR3WXt6WsB--p8pj0O2gAVswTHh4ulnvvFpcHN6pOz0jZL5X3pp-hdD8eVjpmSj-Ax0aoboUTCO6t4kZrWCKABqShgs6r1deP_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33kZbYuJM-WUlLkXs7q8XTKircFw%2526client%253Dca-pub-3344897177583439%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252Fad375265aa49a2d2%25252F8ccf19f641cd433a%25252F62889c8089b3942b03650008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.heatbud.com%2F$0;xdt=1;crlt=PSwNn*7EOi;gcsr=m;stc=1;chaa=1;sttr=381;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
0f537d849503cc3b4e71ca44324a77415781ff15c051a57485fb6812d4490f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26666
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 07F1 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:38:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 07F1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.3027484BASISDSP/B27657814.334752890;dc_ver=88.258;sz=728x90;u_sd=1;gdpr=0;dc_adk=623461844;ord=9kncq8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMjpsgJyIYoPAJIK6hAWOlZnQA4n4vJBh-__y1aoNwI23ARABIABgycayh9yj8BCCARdjYS1wdWItMzM0NDg5NzE3NzU4MzQzOcgBCagDAaoElwJP0DZBrUL6ZZV7TuwZGDQLyZTrpraX1e3hIXLpGBHydUcF87OeSXuG0-NyT_KcligaIZs1IIGn6X2J-X9ZWym9s8g7ivqvj1FDzs4htQuimts9sxw2FUZzXav95V4zzAiANRRigaJ9yRX4gU4qZWrL6psvFLj_iHt41bkxQ5_ZSKjbLDJzT6QwljHt2GgfPlAcfRkMNChLvACZfQV6WYrZGg6KGmJImnLk11F_7D7RhUtgGhn2l65dAy3cUrV5_KiMAeZ8iG1maFPeNdzEdlbELnCn_jchu1EMR3WXt6WsB--p8pj0O2gAVswTHh4ulnvvFpcHN6pOz0jZL5X3pp-hdD8eVjpmSj-Ax0aoboUTCO6t4kZrWCKABqShgs6r1deP_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33kZbYuJM-WUlLkXs7q8XTKircFw%2526client%253Dca-pub-3344897177583439%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252Fad375265aa49a2d2%25252F8ccf19f641cd433a%25252F62889c8089b3942b03650008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.heatbud.com%2F$0;xdt=1;crlt=PSwNn*7EOi;gcsr=m;stc=1;chaa=1;sttr=381;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jun 2022 08:00:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 07F1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 May 2022 11:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 11:48:32 GMT
r.js
q.adrta.com/ Frame 07F1 		110 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/r.js?v=21.20&rcb=256931&cb=1653120128725
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1653120128725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.168.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-168-173.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
11c3f722909904fda434eafa32107c70050c8efb94f04cf027ae6ad133049dfe

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 21 May 2022 08:02:10 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
110
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
truncated
/ Frame 07F1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8d309c574121f3fbb590de380bbaed0c57b357c0f1883ab5c145fc3f52ce565

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cdnf.js
pix.adrta.com/ Frame 07F1 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.90
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1653120128725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-126.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gQKNnPDF2oRplSlO3PhR6NV_ppMFdCpa
content-encoding
gzip
last-modified
Sat, 04 Dec 2021 05:41:34 GMT
server
AmazonS3
age
22365
etag
W/"684ed23431ba46a7fc6c71928e6e4ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
date
Sat, 21 May 2022 01:49:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QDzJsUqE_OXSmS-Y6gUB9OTLY2m3-DEHvOijlzLV6N5v7bLRWsSGIw==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FB0C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ranges
bytes
age
245618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 May 2022 11:48:33 GMT
expires
Thu, 18 May 2023 11:48:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame CE1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRwmLgJyIYtKXJMGWhQbP9JHABN35y41qjJaCsMAP7sWtgI8OEAEg78r2IWDJxrKH3KPwEKAB4L692QPIAQmoAwGqBJ0CT9Bkon6O7x3PbUCjs9Scr-3IIgtlCcSAAkMjYCogOGtAzCGYIEecs2YH8o5pAMLPUtd7qzMlUYlhnTwNxexErwP4T5uz2st0Hn5FDAavJACmZrC-SIRJF2sXa7fmEvdFIEgGtDEzdQqQIyjJt5EX1aeGbec9We8rdgxw4q0WuWMazioO3PoG5k5heUbQa5vbNqzfJypSjGdV_V2x5EEm-0SAfbqIr6Dzx2pA6fdzn0IM3GWQP0qabeaBsn9Tjqm83v_6m9xhbc0Xe5lkNLZq14TWTK75cI1ufoS1JRYKj2iFhzlHlqOEBtN2FERXla1yj11u9hZ94VB3C39D-MQScwzraxZXipAvoV-VEwPedbvYXsxZ85fyW_BEsM0LwASvsfPh7wOSBQQIBBgBkgUECAUYBKAGLoAHiMHCJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJyyDtIIBwiAYRABGB-ACgHICwGYDNfjv8D1A7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzM0NDg5NzE3NzU4MzQzORgA&sigh=sXbQiZdlV0I&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=9339129043&adk=3547088801&adf=660706590&pi=t.ma~as.9339129043&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=339&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=53&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RZGkqN6xFq&p=https%3A//www.heatbud.com&dtd=342
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 May 2022 08:02:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CE1F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsve5F2d0vUe2IJgdzgDCM1OX01cMrXpKpoyphMN-NPx-UeirwYCJ6QkWL-Go78FuITPSZt-fOMQRmw8At1s7VbSBYAOgS10u07uWwu2SglzYCZmX4wR0_3VuQpcv9IFRgPR_1XDhCDT95PqZk4wWprrUclwK4lyoAyRuw&sai=AMfl-YTSTzS8g76YUjDqnpfk_STB5q7huiso96T_eC4DeTvORRIS30X4A5VXXoOkciIBfXRvK4BZMvTyvP5C&sig=Cg0ArKJSzJfljMn4RyJcEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3547088801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653120128465&rpt=1604&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		95 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/11401073/1650913349015/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
283ffba9f3a9f46fef0635f6241cb2f132c757d11316c72ad636954b2a18b7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19972
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 09:34:15 GMT
expires
Sat, 21 May 2022 09:34:15 GMT
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 07F1 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_ec7nnbbBv5Woq2OdZkikUILrsBHCEXb4CYc0EGpkAJpnAD5V2S5oACsZs_LgCo0Thyenh3DvTn34hTkKCQKCN_yw386jAN-fYdUtCtMCsuDGjXGZ6IIbyXyd7R_6mJ0GeC5ALuNkaSWXkipTCg&sig=Cg0ArKJSzICPk2nvBWdsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=504&cbvp=1&cstd=501&cisv=r20220518.62753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 May 2022 08:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame FB0C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
91448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 06:38:03 GMT
/
ipv6.adrta.com/ Frame 07F1 		0
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1653120131301
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.95.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-95-154.us-west-2.compute.amazonaws.com
Software
nginx/1.10.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:11 GMT
content-length
0
server
nginx/1.10.3
i
adrta.com/ Frame 07F1 		144 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=5579740&__aasv=22.91&__aaii=12562721442270527032&__aait=1653120130759&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=1&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=2&__aart=3&__aaax=0&__aaay=0&__aasz=728x90&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1653120128725&__aaxf=45.133.192.164%2C%2010.1.1.137&__aaci=ss&paid=ss&avid=114076&caid=2088800&publisherId=pub-3344897177583439&kv5=1&plid=5941190&segment=&kv4=45.133.192.0&kv14=&kv1=728x90&siteId=&kv7=8&kv15=BELOW_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=62889c8089b3942b03650008&kv3=&kv55=1.0,1!google.com,pub-3344897177583439,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&kv2=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads&__aapr=https%3A%2F%2Fwww.heatbud.com&__aatu=https%3A%2F%2Fwww.heatbud.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.16.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-16-30.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
cc12c5e87b2049c78249103ee157db0d3694c131839b51501f0fdadc78bbdbca

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:11 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
content-length
101
expires
Thu, 01 Jan 1970 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame D4A3 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/11401073/1650913349015/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:38:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB0C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM-3CgpyIYumzHcGl3gO25augDwAAAAA4AeAEAg&bg=!e3ileDzNAAZ4vKt9WLw7ACkAdvg8WpurqEvhEsC9mrbVtq2nqHbpgzUn2vIShXIaSOoOdHD04_FK4AIAAABWUgAAAAFoAQcKAC7r7RDnO850iwDkaGT9GDA3NUkZm7--3MSiBvC0VyKN-ZqKZMh8GxjRFQPXlqaKmQK52KpmoU_x9F0oIvAFZfw8Ic4WeOvcTn_BlJQSpBF6yI-1qEOmZo8uZI1syPJs5vDu5lFHfcsv8d86oxsSc4kbISl0L8lez46ZjxRFKvWTfQC0OlWcgkCOv_Plg2BLE5vhJ4oHnrtvImDdSu9fEbdXFIaz66BgmG0US-6nPPOCyTZG177eqgvdIoPWGtCZY2CZbofIe46PvjFhNEMoDA6ONy6ZChFH1Rkx7cHeXpgiCOkWiEnjXuOjWEsBjdHAdYN5cCw3InYGNoEtY4zc--kjnyBtQxvEYJ3lybtLG8ZxgAsigKclIyl0ufytEODrinSqY2z4fTfCVUMQXcTgyjSDYOTsocP0Y4Mi7cXqWVpROG3BD1EiyU1rCvimKj6uWV7tkL5Sk8lnFoF9Dho-hGNi22NccgI5taoza__5ej_PZ0dsf859_nWcLI_9G0bkodmDmDfdCmCx2-jZ8ttbfU5HwTnWML8IPTpxuWUFvndU_dhQcp_pUGKZSSxBRmwwcrOHo9hLmNPoVlISC9gQ9ceKHQnfAfICI0uxD-Oa9k4b6JjU7IUEXLjns-1iBoVq5eRwM11QR7AZtGy13rKOmp7DuxoVkGxrM-MZmXeuErC7SgAbLP3FP6h-XgTG1ZoxhNVyiGKGpwcmIaPoLRdYHpXF3V7eztsROG-was3TvHj7rKEGlBc2G8-LGBWpI4TshGER3NLlO5jZICQv6JfaEYYvL88P6Jzq1IGFcHqiV_OEdLD3Z_GwRfziH3hze39dgR5DHJlBIDJOu-CNX7v2HEmSuve4HnzheFCMuaXY7iXA7JAsTb5jPIkQOXIaRaca_oEzcclOSkb049i_hnLu9pSg9mlllUdbTEJ_4jIv4z3jgHapxEobsepNbaQssYbAT7DFHIoW_Kcxc6E0d4gNJ3Ie27LcL3J1n801QA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 08:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 07F1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_ec7nnbbBv5Woq2OdZkikUILrsBHCEXb4CYc0EGpkAJpnAD5V2S5oACsZs_LgCo0Thyenh3DvTn34hTkKCQKCN_yw386jAN-fYdUtCtMCsuDGjXGZ6IIbyXyd7R_6mJ0GeC5ALuNkaSWXkipTCg&sig=Cg0ArKJSzICPk2nvBWdsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1011&vt=11&dtpt=507&dett=3&cstd=501&cisv=r20220518.62753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.heatbud.com
URL: https://www.heatbud.com/post/lifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 May 2022 08:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
text11.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text11.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
44952faa9fc2ac49fe01926d0725e0d7c7b7182ca9db179c0d77a8aa170ddd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1353
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text10.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text10.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
ba0e7bf3885bfb6d405c1b0dd5fbb06e9d201067e70008f89092eccbc8c43fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1371
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text9.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		835 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text9.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
15b2f7a504d48374374225d9084f6b4c8be7040cdc088d719405fb1871d8daa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
835
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text8.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text8.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
32a1a7fa02f61980275e7dc1722b2763f3b464bb3f716a9393149e46a4fc5a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1668
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text7.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text7.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
470c3671ec687b2a175fa59255c0a4870016f1cfbf703bd355d00d769af7f046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 01:09:45 GMT
x-content-type-options
nosniff
age
24746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 01:09:45 GMT
text6.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text6.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
0880c4bfa1541fb8685608c7059df0f17033fb8b5199ce722016252d334cdf5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1417
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text5.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text5.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
7430fd396b2810f518e66d3a149216de3191374838f13e07e92bf373701c801b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1075
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text4.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text4.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
44725a3ad10fbb626c6801f9c68f4d4e24876a122c21d10b25183caa74e7025f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1700
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text3.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text3.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
af9cf8fb57e5f53f54b7a078a3d4141d27b93df373d4b281296a5c64a9251b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1657
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text2.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
1e5e069282f0bf164826b9e70651dc6bdeece52e021b0d9dd140a89bb1171cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1266
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
text1.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/text1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
cd8e2fc3967870b407eeea125b884674a1ca65204dee679f3880c61b69eb681a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
logo.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
1969babca7935d8d282a781105022182838df19b7e648e56051a14645a144536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32623
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
battery.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/battery.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
8effbdd46c85f9a5bea73c3b5c475d70029ca70e9ff4227f12d4ff81708806a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6783
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
cta.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
1c5c8060040c83c1cf2e41e6e8cfcb4bdd6eb104c4bfc702c21e43215de2d381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1374
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
bg.png
s0.2mdn.net/11401073/1650913349015/ Frame D4A3 		372 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/11401073/1650913349015/bg.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344897177583439&output=html&h=90&slotname=3601724811&adk=2316262305&adf=2110950078&pi=t.ma~as.3601724811&w=728&lmt=1653120128&psa=0&format=728x90&url=https%3A%2F%2Fwww.heatbud.com%2Fpost%2Flifestyle-free-on-the-web-betting-through-nba-baseball-fantasy-activities&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653120128122&bpp=1&bdt=1371&idt=347&shv=r20220518&mjsv=m202205180101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x400%2C0x0%2C728x90&nras=1&correlator=5020411459050&frm=20&pv=1&ga_vid=572144627.1653120128&ga_sid=1653120128&ga_hid=618247322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=3325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531556%2C31067698&oid=2&pvsid=2953310612352913&pem=426&tmod=492970235&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4d2g8iEtur&p=https%3A//www.heatbud.com&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
b98a7a2e71502395a5a964554171e07b343d0181d5e2e58292dab022dd4f94b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://s0.2mdn.net/11401073/1650913349015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:10:59 GMT
x-content-type-options
nosniff
age
67872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
372
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 19:02:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 13:10:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f32ed6fca434de6b16708b61e8c1fd99d789edd8d69e262cd4a60123b4aa07fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 May 2022 08:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10637
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205180101/show_ads_impl_fy2021.js?bust=31067698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 May 2022 08:02:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2252 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ranges
bytes
age
35197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 22:15:35 GMT
expires
Sat, 20 May 2023 22:15:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 02BA 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
70fd8e17276977ce4d6c72a617087a3e19e2a77828daeb14d31eedc48e9e18f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U0G8gAfkAcngAurd9yuShw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heatbud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-U0G8gAfkAcngAurd9yuShw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 08:02:12 GMT
expires
Sat, 21 May 2022 08:02:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 2252 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
91449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 06:38:03 GMT
generate_204
tpc.googlesyndication.com/ Frame 2252 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Jy9MFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 May 2022 08:02:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 02BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=2953310612352913&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=2953310612352913&bg=!CgmlCU3NAAZ4vKt9WLw7ACkAdvg8WlM2FjbGOGQ4ohQgbg2e1Ri99MIy3wnrfnAilvCpKJrQIMr-_gIAAABPUgAAAANoAQcKAHy3emHquId9eH6tPUfGtTh-1UzqrNb6aKCtcBkJaDVU-q4Dy2BRwLs1TrGzhOAxoFGvqAOS2VnnrGQqYS2FzrrE1BVZPhPpvEfLWCmnbglLp6qrU4H81L8AccTwFGvdfY_8mBNZKhVmEm1NgzRSj9W3NaycNBkhFnjc-wGkmQKjACGf1l1j2QeOxPBmti8-fFUlc-t_AyS3coWkTKYdZeji76r0tQpelSRWax3QGinQDZAWRGBN4Smqb4v2xMTDm1YugKQpY-eKnIp-goygfadIigRMJfziKxfvGDMZrDDK_F2Xi9f2Dc_--u9zUE2TV50MC3gXAhWElUNyB1SElxD7UTXN6q4ucIm1VLAPiJ6EGq9_GlpptSiXn9AXfztm1VfzdH7oqs_BVXiXcMYRSohPTosQa5Ov6aecTq3cpieQpcIua6oSffnSSzAfVDymDd0x71EeT4Npb1874ivpUlXTlSxMmhmWgFpO1FdNYgWHIxRiRKXlLtJPRBl6niHtbcFrb7lZPTcUaHkqNmAu9MFmS-ACfnp2kHPl1OarH3l2OlCc_JiF0S4YZ4JafP2mSWOFP2MsU8WTbvio35ktEqchHO3nXTjlTMiMYftg6vMm9U3EZwmFbMDVh1VswLh9qdB80Y7iJCZQ5gjYu24gJEpF_ts6VdS4XMe7oac9tHK56ieCjvbgYEneuL2TawF3RgSka-6nRd14AWEdC3wdSaAfw-C5o6psqKAQ9ZLZex_pWIS5eT6bka4vuMzZLQU-PHjwzD65Xt3z_JK6S_gyw0Prtj_CoBiyujEkaU812POA22jgMejr7CpwCSSSK2WZNgLfEqHOM1dEO5XGqE1snxBuOfjbI7OiocLBXzc7IrNenvRDIpFA0wyC3SAbx5zmrhIZs9zLuNZwyK2qwNiPaOZqoRk0LJdwln6LhkKocnDO3t_neuuM2B_dDX0bmAplgzpNFcmDJBAT8hq8yL-0pqi7BqUTp3hB3YRWo7ladn8Wgh0KUsUDThlzr5IGtYE8xyqWMA2tUfJgsgXQLbmntfvdnlrBfWQJnKRxIthSpQwTbWnS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.heatbud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer function| $ function| jQuery function| showCreateFolder function| cancelCreateFolder function| createFolder function| populateFolders function| uploadImage function| selectImage function| chooseImage function| selectAndChooseImage function| deleteImage function| deleteFolder function| showContents function| populateImages string| editor string| html object| config string| autoSaveId boolean| saveInProgress function| enterMyZone function| enterTopZone function| enterZone function| createZone function| deleteMyZone function| approveAdmin function| removeAdmin function| favoriteZone function| favoriteZoneById function| populateMyZones function| populateTopZones function| editZoneName function| cancelZoneName function| saveZoneName function| saveZoneHeadshot function| showImageBox function| savePost function| autoSavePost function| deletePost function| purgePost function| closeEditor function| refreshMRL function| voteDownPost function| voteUpPost function| showEmailPostBox function| closeEmailPostBox function| sendEmailPost function| populateComments function| editComment function| cancelComment function| saveComment function| reportComment function| thankComment function| showCommentBox function| hideCommentBox function| postComment function| deleteComment function| checkSimilarPosts function| getRelatedPosts function| populateRelatedPosts function| prettyNumber object| PL object| adsbygoogle function| showPageBox function| selectPageAndClose function| selectPage object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| CKEDITOR function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| jQuery110204401895585303852 object| google_image_requests object| gaplugins object| gaData object| googletag object| GoogleGcLKhOms

15 Cookies

Domain/Path Name / Value
www.heatbud.com/ Name: JSESSIONID
Value: 81CA1C76B97315EC44B34F837D78A0A9
.heatbud.com/ Name: _ga
Value: GA1.2.572144627.1653120128
.heatbud.com/ Name: _gid
Value: GA1.2.667473869.1653120128
.heatbud.com/ Name: _gat_UA-48436913-1
Value: 1
.heatbud.com/ Name: __gads
Value: ID=6998f6da923c3954-2236d7f49acd0028:T=1653120128:RT=1653120128:S=ALNI_MYwminihqL8DkwQIHEs5F5DIo7X6Q
.heatbud.com/ Name: __gpi
Value: UID=0000068e461dbcfe:T=1653120128:RT=1653120128:S=ALNI_MYRIB80FFbcSuwgmpRwe3twTLAB_g
.doubleclick.net/ Name: IDE
Value: AHWqTUk3dr9aOxG0uaijf49-DNQ3lAXA59FjTbMh2m00qw_7msoheL7d-MApiYMEnnI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sitescout.com/ Name: ssdspallvtc-61855916d12b1423
Value: 62889c8089b3942b03650008
.sitescout.com/ Name: ssi
Value: 2ac17b01-8a23-490d-93c0-1b32bcaf9600#1653120129729
.sitescout.com/ Name: _ssuma
Value: e30
.adrta.com/ Name: __aavi
Value: 13813851751706206513
.adrta.com/ Name: __aavt
Value: 1653120129907
.adrta.com/ Name: __aasi
Value: 2183529486172806186
.adrta.com/ Name: __aast
Value: 1653120129907

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adrta.com
adservice.google.com
ajax.googleapis.com
buttons-config.sharethis.com
cm.g.doubleclick.net
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ipv6.adrta.com
l.sharethis.com
node-uk-eng3he.sitescout.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.adrta.com
pixel-sync.sitescout.com
platform-api.sharethis.com
platform-cdn.sharethis.com
postheadshots.s3.amazonaws.com
q.adrta.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heatbud.com
142.250.181.226
142.250.185.194
142.250.185.196
142.250.185.198
142.250.185.200
142.250.185.74
142.250.185.78
142.250.185.97
142.250.185.98
142.250.186.163
142.250.186.170
142.250.186.34
142.250.186.66
142.250.186.67
142.250.186.98
143.204.215.126
174.129.16.30
3.65.88.85
34.234.168.173
44.236.67.76
44.240.95.154
52.218.169.216
52.92.193.113
65.9.63.37
65.9.63.85
66.155.71.25
66.155.71.94
99.86.7.29
99.86.7.44
00ed7fcaa6945b58388ddc5a40dee33479eb480400494e1864b664a65fe2882b
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e
0880c4bfa1541fb8685608c7059df0f17033fb8b5199ce722016252d334cdf5e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc853a4507613bd6e3ecbe3e2e32549aedaa506817f9345a7e2083a2fd01a90
0f537d849503cc3b4e71ca44324a77415781ff15c051a57485fb6812d4490f01
0fdf46f5a7997548c700b47ac5cda9361e4163f298fb8cbe3b9e9fa14e7eee20
11c3f722909904fda434eafa32107c70050c8efb94f04cf027ae6ad133049dfe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12942e23b47319bc5eb290ab03aa490d10166cf91f01c70e66f2ecede33e0b56
15b2f7a504d48374374225d9084f6b4c8be7040cdc088d719405fb1871d8daa9
1969babca7935d8d282a781105022182838df19b7e648e56051a14645a144536
1bdca305f0af054b1c641b1568aa65505bde6e58bbeadf09fe8b1691ab652869
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1c5c8060040c83c1cf2e41e6e8cfcb4bdd6eb104c4bfc702c21e43215de2d381
1e5e069282f0bf164826b9e70651dc6bdeece52e021b0d9dd140a89bb1171cee
283ffba9f3a9f46fef0635f6241cb2f132c757d11316c72ad636954b2a18b7a8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
312aa0f053c0ae9f532190b359463560436fbf9286c1368573b978a71c3c1606
32a1a7fa02f61980275e7dc1722b2763f3b464bb3f716a9393149e46a4fc5a7e
33145969ab074922c65c36ef5ce96ae781d9454d71c5a4fae5504cdda382a18b
34586a8b3f0d9723be13ff897264acaa4a59c45912cd33313d273687af2c4f24
357b43b23a327e02e7e5a8987441641f43e57caec9516a77c0516e4c7d3e6030
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
3d25a4eabdba10572ee71e0e338f1c609f0d47fc7eb61a04ec368daea3fa1bc2
3dc8862656abf631f5b3ce6264ddfbf81738c301681966aa364999ecb96afce5
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44725a3ad10fbb626c6801f9c68f4d4e24876a122c21d10b25183caa74e7025f
44952faa9fc2ac49fe01926d0725e0d7c7b7182ca9db179c0d77a8aa170ddd12
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46df14aefbfbba6d7ed8188bde22c68b488781bbf3a6685bcec256eedaf89603
470c3671ec687b2a175fa59255c0a4870016f1cfbf703bd355d00d769af7f046
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c3d613989fd2d291b6dea679565b24be8706278a42dfc4cf22538acf720e8f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67094fe35f0e97109f4306ae2be8a8d8e270ffbc1ba401c2626c307a7c1a220e
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70fd8e17276977ce4d6c72a617087a3e19e2a77828daeb14d31eedc48e9e18f9
7430fd396b2810f518e66d3a149216de3191374838f13e07e92bf373701c801b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c622f6c7cdbc1b53eb31b7eb6aa1e4187b0ced352069a6ad92773b64363fe79
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7e8e1b4a8985578df68929977a0bd9b0f82bde9adac0d5546aeaed2961e9a644
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
852942cd647c48a81ed1918477cae3dc3d5a8a64ddb5fb791cee2d2ef8f46722
89084c2b260795f6dd1c317c4eaa00c672829ad448e902ace3e9016fb881d2ee
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8effbdd46c85f9a5bea73c3b5c475d70029ca70e9ff4227f12d4ff81708806a6
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
992b25caf94bf94dd1ebbbfd324a69942a383aa3dc27907a5c8b2360756189d6
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9b7ac183c684b582f044b0aa05436e680925552f9b58a94c3d21b071f66f088d
9db314e6dc393fbc9c4e4f4d5672a12cb016d108791afb983d8c1a160302eb4d
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
a046289a29195690b7aec507f3bc7ce55bf243c578c018165aee5999fe19188b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab71d17333557f2e3ee1abfd393503aabd01d18ed8630ebcb6a3f6f473919406
aba0c80e34be708e3027dc1dd3d050007357ea5176a6480ba30aeb8fcc6f0fae
aeef17cb37c9f11b40b147b04e3f16ee3a2fdaa90bae2d503a7e3e99399ea682
af9cf8fb57e5f53f54b7a078a3d4141d27b93df373d4b281296a5c64a9251b9b
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
b98a7a2e71502395a5a964554171e07b343d0181d5e2e58292dab022dd4f94b5
ba0e7bf3885bfb6d405c1b0dd5fbb06e9d201067e70008f89092eccbc8c43fc3
baa62b9fda862d726e42b07cd71bdbb163a9a7843fd43bd9ab80ac2ae7641f20
bbe304b0dd064917968a509ab78208157438bf56add5f497bbfeda98eafdb0bb
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c5f83f947ac883d7c254b4bb0b8259fd3a0b07df5a1968c1740157b4d1d867bc
c78c9fdbd5288466815fa3f8c60cdebcde9311d35c1bea58a528e368192789cb
c8d309c574121f3fbb590de380bbaed0c57b357c0f1883ab5c145fc3f52ce565
cad86f38746abb87da6703b478a8c17785b0f1d21befac2e2febc08003739515
cada21d6f3a541cae8b4717ae0c6fcb7e6100721e6bcbb3e564cb910f1681862
cb597cf2fc182727501b91928aba16362bdebf8a858f794777291f847381868f
cc12c5e87b2049c78249103ee157db0d3694c131839b51501f0fdadc78bbdbca
cd8e2fc3967870b407eeea125b884674a1ca65204dee679f3880c61b69eb681a
d05abd3dda98ad864ddb307bc7a3954b0f04e743bb2078d1275cf3731a157a8b
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d
de3049a0f430a170819809f7ef7eaeb40b2c36ba19629b2f477217ea8aa07675
e218adca7626fd89e0b1ecc2fdd8acccb715707fe24b2b144f3f5126b9105c82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4655e8131deb0ca8914ced0601db2ab8034b9b1d076bbace1902860c4c5b870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7949fcabf4b5b0421194d350223cf551b194abc6292cec9a9e951b388fc08d
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f32ed6fca434de6b16708b61e8c1fd99d789edd8d69e262cd4a60123b4aa07fb
f5bb73131e7eb4aa04861cabcc0651b9a2842b6acc868fc9123277d98cd52b2f
f8558f85d4be6397176f4401d8d9f85e23801a54c22c94a7d1f5c5f512d6fe68