www.threatcrowd.org Open in urlscan Pro
2400:cb00:2048:1::681f:a9a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.threatcrowd.org/domain.php?domain=bit.do
Submission: On August 14 via manual (August 14th 2017, 3:32:30 am UTC) from CA

Summary HTTP 49 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 49 HTTP transactions. The main IP is 2400:cb00:2048:1::681f:a9a, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.threatcrowd.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 23rd 2017. Valid for: 5 months.

This is the only time www.threatcrowd.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2400:cb00:204... 2400:cb00:2048:1::681f:a9a	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
2	94.31.29.55 94.31.29.55	6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth Inc)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY - Fastly)
4	2400:cb00:204... 2400:cb00:2048:1::6810:4ea6	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY - Fastly)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY - Fastly)
1	198.232.125.113 198.232.125.113	54104 (AS-NETDNA) (AS-NETDNA - netDNA)
3	92.123.93.2 92.123.93.2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f029:16:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	195.93.42.12 195.93.42.12	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
1	92.123.93.251 92.123.93.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	62.67.193.85 62.67.193.85	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	198.47.127.15 198.47.127.15	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2	54.217.217.90 54.217.217.90	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	54.228.202.86 54.228.202.86	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.203.101.54 34.203.101.54	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	37.252.172.53 37.252.172.53	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	34.199.130.102 34.199.130.102	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
49	26

15 2400:cb00:2048:1::681f:a9a (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.threatcrowd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.55 (United Kingdom)

ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US)
PTR: 94.31.29.55.IPYX-077437-ZYO.above.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

threatcrowd.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::6810:4ea6 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.232.125.113 (Los Angeles, United States)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 113-125-232-198.static.unitasglobal.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.93.2 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-2.deploy.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f029:16:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.93.42.12 (United Kingdom)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtech-ssp-ums-adtech-frr-a.evip.aol.com

ums.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.93.251 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.85 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.15 (Redwood City, United States)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.217.90 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-217-90.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.202.86 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-202-86.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.101.54 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-101-54.compute-1.amazonaws.com

sync.monarchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.53 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 156.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.130.102 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-130-102.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	threatcrowd.org www.threatcrowd.org	93 KB
6	adroll.com s.adroll.com d.adroll.com	14 KB
4	disquscdn.com c.disquscdn.com	190 KB
3	disqus.com threatcrowd.disqus.com disqus.com links.services.disqus.com	20 KB
2	facebook.net connect.facebook.net	20 KB
2	google-analytics.com www.google-analytics.com	13 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	40 KB
1	facebook.com www.facebook.com	53 B
1	openx.net us-u.openx.net	43 B
1	rlcdn.com idsync.rlcdn.com	43 B
1	adnxs.com ib.adnxs.com
1	twitter.com analytics.twitter.com	74 B
1	monarchads.com sync.monarchads.com	43 B
1	yahoo.com ads.yahoo.com
1	taboola.com trc.taboola.com
1	pubmatic.com simage2.pubmatic.com	1 B
1	rubiconproject.com pixel.rubiconproject.com	42 B
1	casalemedia.com dsum-sec.casalemedia.com	43 B
1	adtech.de ums.adtech.de	43 B
1	jquery.com code.jquery.com	33 KB
1	googleapis.com ajax.googleapis.com	33 KB
49	21

	Domain	Requested by
15	www.threatcrowd.org	www.threatcrowd.org
4	c.disquscdn.com	threatcrowd.disqus.com
3	d.adroll.com
3	s.adroll.com	www.threatcrowd.org s.adroll.com
2	connect.facebook.net	s.adroll.com connect.facebook.net
2	www.google-analytics.com	www.threatcrowd.org
2	maxcdn.bootstrapcdn.com	www.threatcrowd.org
1	www.facebook.com
1	us-u.openx.net
1	idsync.rlcdn.com
1	ib.adnxs.com
1	analytics.twitter.com
1	sync.monarchads.com
1	ads.yahoo.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	dsum-sec.casalemedia.com
1	ums.adtech.de
1	code.jquery.com	www.threatcrowd.org
1	links.services.disqus.com	c.disquscdn.com
1	disqus.com	threatcrowd.disqus.com
1	threatcrowd.disqus.com	www.threatcrowd.org
1	ajax.googleapis.com	www.threatcrowd.org
49	24

This site contains links to these domains. Also see Links.

Domain
threatcrowd.blogspot.co.uk
github.com
otx.alienvault.com
www.threatminer.org
www.virustotal.com
malwr.com
threatcrowd.blogspot.com
www.alienvault.com
status.otx.alienvault.com

Subject Issuer	Validity	Valid
sni51902.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-06-23` - `2017-11-17`	5 months	crt.sh
*.bootstrapcdn.com RapidSSL SHA256 CA	`2016-10-13` - `2017-10-13`	a year	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-08-02` - `2017-10-25`	3 months	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-08-02` - `2017-10-25`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2015-02-04` - `2018-04-09`	3 years	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2016-12-18` - `2017-12-18`	a year	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2017-08-09` - `2018-09-03`	a year	crt.sh
code.jquery.com AlphaSSL CA - SHA256 - G2	`2017-07-25` - `2018-07-26`	a year	crt.sh
*.adroll.com Symantec Class 3 Secure Server CA - G4	`2016-11-07` - `2018-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
ums.adtech.de Entrust Certification Authority - L1K	`2016-02-22` - `2019-02-21`	3 years	crt.sh
san.casalemedia.com GeoTrust SSL CA - G3	`2017-02-28` - `2017-09-30`	7 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2017-08-07` - `2017-11-16`	3 months	crt.sh
ad.yieldmanager.com Symantec Class 3 Secure Server CA - G4	`2015-08-20` - `2017-08-19`	2 years	crt.sh
*.monarchads.com Amazon	`2017-02-13` - `2018-03-13`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
*.adnxs.com GeoTrust SSL CA - G3	`2016-02-25` - `2018-05-26`	2 years	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.openx.net GeoTrust SSL CA - G3	`2017-05-11` - `2020-07-09`	3 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.threatcrowd.org/domain.php?domain=bit.do
Frame ID: 15343.1
Requests: 37 HTTP requests in this frame

Frame: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Frame ID: 15343.2
Requests: 11 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=threatcrowd&t_u=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do&t_d=Domain%20%3E%20bit.do%20%7C%20Threatcrowd.org%20Open%20Source%20Threat%20Intelligence&t_t=Domain%20%3E%20bit.do%20%7C%20Threatcrowd.org%20Open%20Source%20Threat%20Intelligence&s_o=default
Frame ID: 15343.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

49
Requests

98 %
HTTPS

28 %
IPv6

21
Domains

24
Subdomains

26
IPs

4
Countries

457 kB
Transfer

1502 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://threatcrowd.blogspot.co.uk/2015/03/tutorial.html
Title: Help

Search URL Search Domain Scan URL

URL: https://github.com/threatcrowd/ApiV2
Title: API

Search URL Search Domain Scan URL

URL: http://threatcrowd.blogspot.co.uk/2016/02/crowdsourced-feeds-from-threatcrowd.html
Title: Feed

Search URL Search Domain Scan URL

URL: http://threatcrowd.blogspot.co.uk/p/threatcrowd-maltego-transform.html
Title: Maltego

Search URL Search Domain Scan URL

URL: https://otx.alienvault.com/indicator/hostname/bit.do/?utm_medium=InProduct&utm_source=ThreatCrowd
Title: AlienVault OTX

Search URL Search Domain Scan URL

URL: https://www.threatminer.org/domain.php?q=dazzleboy.bit.do
Title: View on ThreatMiner

Search URL Search Domain Scan URL

URL: https://otx.alienvault.com/
Title: AlienVault OTX

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://malwr.com/
Title: Malwr

Search URL Search Domain Scan URL

URL: https://threatcrowd.blogspot.com/
Title: others

Search URL Search Domain Scan URL

URL: https://www.alienvault.com/terms/website-terms-of-use19july2016
Title: Legal

Search URL Search Domain Scan URL

URL: http://status.otx.alienvault.com/
Title: Status

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 29

https://d.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP?pv=20425514697.065174&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do
https://s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/4OCRKBF4JJENXICP676FJT.js

Request 32

https://ums.adtech.de/mapuser?providerid=1076;userid=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1502681539;userid=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI

Request 33

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expiration=1534217540
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expiration=1534217540&C=1

Request 34

https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expires=365

Request 35

https://d.adroll.com/cm/pubmatic/out
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI

Request 36

https://d.adroll.com/cm/taboola/out
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI

Request 38

https://d.adroll.com/cm/r/out
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

Request 40

https://x.bidswitch.net/sync?dsp_id=7&user_id=fe40f134-faaf-4287-917d-5934190afe97&user_group=3&ssp=monarch
https://sync.monarchads.com/?pid=bidswitch&xid=2d27a589-1b04-48ed-80aa-046d653de0fc

Request 41

https://d.adroll.com/cm/w/out
https://analytics.twitter.com/i/adsct?p_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&p_id=823423

Request 42

https://d.adroll.com/cm/x/out
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI%27)

Request 43

https://idsync.rlcdn.com/377928.gif?partner_uid=d804bf3caa0131df98ff528ff7d3a9f2
https://idsync.rlcdn.com/377928.gif?partner_uid=d804bf3caa0131df98ff528ff7d3a9f2&redirect=1

Request 44

https://us-u.openx.net/w/1.0/sd?id=537103138&val=d804bf3caa0131df98ff528ff7d3a9f2
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d804bf3caa0131df98ff528ff7d3a9f2

Request 45

https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=2AS_PKoBMd-Y_1KP99Op8g&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
S 200 Primary Request domain.php Show response
www.threatcrowd.org/ 25 KB
7 KB 695ms
660ms Document
text/html 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / PHP/5.6.30
Resource Hash: adc9e7e6b6b7b1c34b58007f553225d2a6de758a42250c1f9d098bc4d89e28c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
content-encoding: gzip
server: cloudflare-nginx
x-powered-by: PHP/5.6.30
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 38e0d8968de76469-FRA

GET
S 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
23 KB 29ms
13ms Stylesheet
text/css 94.31.29.55
Zayo Bandwidth Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.55 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US),
Reverse DNS: 94.31.29.55.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2015 19:49:46 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
expires: Thu, 09 Aug 2018 03:32:17 GMT

GET
S 200 custom.css
www.threatcrowd.org/css/ 3 KB
946 B 9ms
9ms Stylesheet
text/css 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/css/custom.css
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 36d49adc0a8b75eb50b21cc253e13021f042850322192fa91ab09b83919b05b4

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "ab8-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d89aaea86469-FRA
content-length: 928
expires: Tue, 22 Aug 2017 03:32:17 GMT

GET
S 200 home.png
www.threatcrowd.org/img/ 1 KB
1 KB 8ms
8ms Image
image/png 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatcrowd.org/img/home.png
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1b8b1d761a96d958fd8dbb46dd03dc4fd472324fc2570d587bc054f722b73611

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "4d4-5540e8a0df880"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d89adeae6469-FRA
content-length: 1236
expires: Tue, 22 Aug 2017 03:32:17 GMT

GET
S 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/ 18 KB
18 KB 27ms
12ms Font
application/font-woff2 94.31.29.55
Zayo Bandwidth Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.55 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US),
Reverse DNS: 94.31.29.55.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Origin: https://www.threatcrowd.org

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
last-modified: Sat, 28 Nov 2015 18:26:59 GMT
server: NetDNA-cache/2.2
status: 200
etag: "448c34a56d699c29117adc64c43affeb"
vary: Accept-Encoding
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31104000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
content-length: 18028
expires: Thu, 09 Aug 2018 03:32:17 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 32 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

86a91c5efc8a8bc3cdb5630040f43ce896adde299660951a2d3ceb278d693ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Aug 2017 03:25:32 GMT
server: Golfe2
age: 1978
date: Mon, 14 Aug 2017 02:59:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 13249
expires: Mon, 14 Aug 2017 04:59:19 GMT

GET
S 200 graphHtml.php Show response
www.threatcrowd.org/ Frame 1534 20 KB
3 KB 896ms
896ms Document
text/html 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / PHP/5.6.30
Resource Hash: 21a119ac4e3fdee96e615eafb49cb056f3bfd5a47317e3a49612e506700fcffc

Request headers

Upgrade-Insecure-Requests: 1
Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:18 GMT
content-encoding: gzip
server: cloudflare-nginx
x-powered-by: PHP/5.6.30
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 38e0d89c0edb6469-FRA

GET
S 200 collect
www.google-analytics.com/r/ 35 B
53 B 13ms
13ms Image
image/gif 2a00:1450:4001:820::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j58&a=724393004&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do&ul=en-us&de=UTF-8&dt=Domain%20%3E%20bit.do%20%7C%20Threatcrowd.org%20Open%20Source%20Threat%20Intelligence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABI~&jid=489424448&gjid=1289277384&cid=1013998147.1502681538&tid=UA-61293969-1&_gid=618587226.1502681538&_r=1&z=1341181991

Requested by

Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2017 03:32:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Tue, 08 Aug 2017 22:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449491
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 33434
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Aug 2018 22:40:46 GMT

GET
S 200 bootstrap.min.js Show response
www.threatcrowd.org/js/ 35 KB
9 KB 7ms
7ms Script
application/javascript 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/js/bootstrap.min.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "8b11-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d89c4ede6469-FRA
content-length: 9441
expires: Tue, 22 Aug 2017 03:32:17 GMT

GET
S 200 ie10-viewport-bug-workaround.js Show response
www.threatcrowd.org/js/ 694 B
462 B 10ms
9ms Script
application/javascript 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/js/ie10-viewport-bug-workaround.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "2b6-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d89c4edf6469-FRA
content-length: 444
expires: Tue, 22 Aug 2017 03:32:17 GMT

GET
H/1.1 200
OK embed.js Show response
threatcrowd.disqus.com/ 53 KB
18 KB 286ms
265ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://threatcrowd.disqus.com/embed.js

Requested by

Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

116aa994702d8bb71107959498f8b6bfaf5746e8afbfc69a5e855aee43d44eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 03:32:18 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 18179

GET
S 200 lounge.bc7354ca6ae32b9a98350e133ae534eb.css
c.disquscdn.com/next/embed/styles/ 84 KB
16 KB 58ms
30ms Stylesheet
text/css 2400:cb00:2048:1::6810:4ea6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.bc7354ca6ae32b9a98350e133ae534eb.css

Requested by

Host: threatcrowd.disqus.com
URL: https://threatcrowd.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

843eabf84b49b49f77e031a48c651e8d25bb76cd634f7b4c6ab39dffc0e01b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 16427
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 10 Aug 2017 23:46:09 GMT
server: cloudflare-nginx
fastly-debug-digest: 8a771181f91b616060d0fe83bb8b2136c216632ad5faf8c750d5435ca73db571
etag: "598cf041-402b"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 38e0d89e4d596349-FRA
expires: Sat, 11 Aug 2018 00:01:33 GMT

GET
S 200 common.bundle.9fcff11af667507b1757062f0192b821.js Show response
c.disquscdn.com/next/embed/ 242 KB
81 KB 60ms
32ms Script
application/javascript 2400:cb00:2048:1::6810:4ea6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9fcff11af667507b1757062f0192b821.js

Requested by

Host: threatcrowd.disqus.com
URL: https://threatcrowd.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

4e7ab0334a7e2ac7902aad6e28ef2156bc105c2be336b9bc4755d4aece65d2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 82676
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 31 Jul 2017 17:14:09 GMT
server: cloudflare-nginx
fastly-debug-digest: 33d3328d4b8b724628edf4804122a505405f285de6d7ac9fbaa403564693560d
etag: "597f6561-142f4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 38e0d89e4d5a6349-FRA
expires: Tue, 31 Jul 2018 17:20:44 GMT

GET
S 200 lounge.bundle.a2a782cf5eaf94a1c41f23272756a905.js Show response
c.disquscdn.com/next/embed/ 333 KB
87 KB 37ms
10ms Script
application/javascript 2400:cb00:2048:1::6810:4ea6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a2a782cf5eaf94a1c41f23272756a905.js

Requested by

Host: threatcrowd.disqus.com
URL: https://threatcrowd.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

5f3040bf645a02fe9a57fe7390843c62b629db5e014abc923992331f561dada6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 88935
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 10 Aug 2017 23:46:09 GMT
server: cloudflare-nginx
fastly-debug-digest: a3c7c1a851465428e0237d4974f02c3cdedc7073f53988db9e23c61bd6406d5a
etag: "598cf041-15b67"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 38e0d89e4d5b6349-FRA
expires: Sat, 11 Aug 2018 00:01:33 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 3 KB
2 KB 20ms
7ms Script
application/javascript 151.101.192.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: threatcrowd.disqus.com
URL: https://threatcrowd.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

4f567869eee2ad5408f5be20da15f03bf216a81b3d7fa34cc131cf6b68f5acc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 03:32:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 37
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1598
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET /
disqus.com/embed/comments/ Frame 1534 0
0

GET
S 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
6 KB 9ms
9ms Script
application/javascript 2400:cb00:2048:1::6810:4ea6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: threatcrowd.disqus.com
URL: https://threatcrowd.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

e61c7f56c3fb5b17270ffd87a4c738d40cd2370b9a192b0234dc3bbb90bc89b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 6603
timing-allow-origin: *
last-modified: Mon, 24 Oct 2016 20:57:14 GMT
server: cloudflare-nginx
fastly-debug-digest: baac760ca1e6f62ea6380d62d4f07b5dfbb97755c19df0448623d4ede950e2e4
etag: "580e75aa-19cb"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 38e0d8a09db46349-FRA
expires: Wed, 25 Oct 2017 19:15:13 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 278 B
278 B 60ms
41ms XHR
text/javascript 151.101.112.64
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do&subId=3570221&v=1&jsonp=vglnk_jsonp_15026815386690
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 01a70b05146073a6972c21cce82108dae20956dded36f58ff53f728e9fcc5b24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36
Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
Origin: https://www.threatcrowd.org

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:18 GMT
Via: 1.1 varnish
Server: Apache-Coyote/1.1
X-Timer: S1502681539.691090,VS0,VE36
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.threatcrowd.org
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 278
X-Served-By: cache-hhn1550-HHN

GET
S 200 jquery-2.0.3.min.js Show response
code.jquery.com/ Frame 1534 82 KB
33 KB 29ms
8ms Script
application/javascript 198.232.125.113
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.0.3.min.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.232.125.113 Los Angeles, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS: 113-125-232-198.static.unitasglobal.net
Software: NetDNA-cache/2.2 /
Resource Hash: b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:18 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"54499a47-1469c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S 200 cytoscape.min.js Show response
www.threatcrowd.org/js/ Frame 1534 208 KB
57 KB 886ms
885ms Script
application/javascript 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/js/cytoscape.min.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: fd81620c131af05d3f49bbdc0358763e20916385bef2941a8f6577430131d643

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:19 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "33ecc-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=691200
cf-ray: 38e0d8a1af8b6469-FRA
expires: Tue, 22 Aug 2017 03:32:19 GMT

GET
S 200 cytoscape-cxtmenu.js Show response
www.threatcrowd.org/js/c/menu/ Frame 1534 5 KB
2 KB 680ms
679ms Script
application/javascript 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/js/c/menu/cytoscape-cxtmenu.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: bce4d1d83d42ffde5b205b6d8ca777717c324bf76c11d8161d8514e07504a9c6

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:19 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "142c-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a1af8c6469-FRA
content-length: 1993
expires: Tue, 22 Aug 2017 03:32:19 GMT

GET
S 200 cytoscape.js-navigator.css
www.threatcrowd.org/js/c/nav/ Frame 1534 600 B
331 B 661ms
661ms Stylesheet
text/css 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/js/c/nav/cytoscape.js-navigator.css
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3e1d0697bfac1230dcaa39d33cfa6fe7af3e922d2cdd55937633d8f224c73f50

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:19 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "258-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a1af8a6469-FRA
content-length: 313
expires: Tue, 22 Aug 2017 03:32:19 GMT

GET
S 200 cytoscape.js-navigator.js Show response
www.threatcrowd.org/js/c/nav/ Frame 1534 9 KB
2 KB 690ms
689ms Script
application/javascript 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatcrowd.org/js/c/nav/cytoscape.js-navigator.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a985d1c01e66718e9fcb4150f7dc7c73038af3f2447d435e90030b28d9727e70

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:19 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "2210-5540e8a0df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a1af8d6469-FRA
content-length: 2533
expires: Tue, 22 Aug 2017 03:32:19 GMT

GET
S 200 network.png
www.threatcrowd.org/img/ Frame 1534 2 KB
2 KB 662ms
661ms Image
image/png 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatcrowd.org/img/network.png
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e6615745d99ac9ea184b3efddb2f0a3933b82419170beedf1e65c5372e1dabe3

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:19 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "68d-5540e8a0df880"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a1af8e6469-FRA
content-length: 1677
expires: Tue, 22 Aug 2017 03:32:19 GMT

GET
S 200 table.png
www.threatcrowd.org/img/ Frame 1534 144 B
162 B 692ms
692ms Image
image/png 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatcrowd.org/img/table.png
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4b0fe0a5f37dd9d6c0a8b31cd5ad0cb944347cabc2a4a3b244b49c50ee047def

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:19 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "90-5540e8a0df880"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a1af8f6469-FRA
content-length: 144
expires: Tue, 22 Aug 2017 03:32:19 GMT

GET
S 200 globe.png
www.threatcrowd.org/img/ Frame 1534 4 KB
4 KB 662ms
662ms Image
image/png 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatcrowd.org/img/globe.png
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8a56a567773a9260f561dbc11d04dc26dee34dc9c0fd07d79d6997def2dad1f1

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:20 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "ea9-5540e8a0df880"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a5c8366469-FRA
content-length: 3753
expires: Tue, 22 Aug 2017 03:32:20 GMT

GET
S 200 twitter.png
www.threatcrowd.org/img/ Frame 1534 1 KB
1 KB 671ms
671ms Image
image/png 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatcrowd.org/img/twitter.png
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7c63a1302e11c3843637bfb335ef3da437c2e84e78ff33a4527ac7bbf2c3d7e3

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:20 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "4b0-5540e8a0df880"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a5d8376469-FRA
content-length: 1200
expires: Tue, 22 Aug 2017 03:32:20 GMT

GET
S 200 embed.png
www.threatcrowd.org/img/ Frame 1534 1 KB
1 KB 675ms
675ms Image
image/png 2400:cb00:2048:1::681f:a9a
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatcrowd.org/img/embed.png
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:a9a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 35e04150b1e3cb239586736d51aec9621ee4df09fc380f9a3ca12e2eca2fd67c

Request headers

Referer: https://www.threatcrowd.org/graphHtml.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:20 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 18:05:06 GMT
server: cloudflare-nginx
etag: "566-5540e8a0df880"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 38e0d8a5e83b6469-FRA
content-length: 1382
expires: Tue, 22 Aug 2017 03:32:20 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 25 KB
8 KB 29ms
14ms Script
text/javascript 92.123.93.2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.threatcrowd.org
URL: https://www.threatcrowd.org/domain.php?domain=bit.do
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-2.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 118e1e9f8051a3d2cb41438c802ef354febdf61ad6050a9ddce076e6640231e6

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

x-amz-version-id: R5lZgL5Vf4YSub4wvlfYTYRVXmsCA67G
Content-Encoding: gzip
ETag: "2f435e54dc8269d75f07c013612d63dd"
x-amz-request-id: C5CAB06ADDDC037B
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8171
x-amz-id-2: PPPUPWOQQtihPIWjeDoZYiFcd6mc/nR1WSy1hSGu9Wqun8f2mlnmDZqwgGfz12IwTyy8NKrLO5Q=
Last-Modified: Thu, 01 Jun 2017 18:26:48 GMT
Server: AmazonS3
Date: Mon, 14 Aug 2017 03:32:20 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

4OCRKBF4JJENXICP676FJT.js Show response
s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/
Redirect Chain

https://d.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP?pv=20425514697.065174&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do
https://s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/4OCRKBF4JJENXICP676FJT.js

15 KB
4 KB

186ms
186ms

Script
text/javascript

92.123.93.2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/4OCRKBF4JJENXICP676FJT.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-2.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7cd423c056facc0f29b18b229b91ae35f861ee41bddee36cc2b83409ba2471ba

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

x-amz-version-id: xBl1qBKDbLdjMCjP8beavXNmQzYabqgw
Content-Encoding: gzip
ETag: "176d573559a872d3bb280d7200e67800"
x-amz-request-id: 31825DC42EF7E51F
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4207
x-amz-id-2: GxW+kCL9jUoyPfvOkQRiyiblhd0e/kfB4KgySeytc8y9Av6K29mFA3pac68jem5xQAQAveHamwU=
Last-Modified: Wed, 12 Jul 2017 21:45:16 GMT
Server: AmazonS3
Date: Mon, 14 Aug 2017 03:32:20 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 14 Aug 2017 03:32:20 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.10.2
X-Rule: *
X-Segment-Eid: 4OCRKBF4JJENXICP676FJT
Location: https://s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/4OCRKBF4JJENXICP676FJT.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: KDBRCBINVREGNJUXIQKBDP
X-Segment-Name: *
X-Advertisable-Eid: PIUCN4PSYRCCHBHOGPVN5Q
X-Conversion-Currency

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 36 KB
11 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f029:16:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/4OCRKBF4JJENXICP676FJT.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f029:16:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bc011e8c419d4ffc917eed3db17dfa4847b3a1879e76c7ec1495352a98829025

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 11487
x-xss-protection: 0
pragma: public
x-fb-debug: bSLd9QX05QeRSHkii90PNq9fEZow1ULO+Vje6/TmFQr10enYXsXrj/Hj5A0nTBUily7Mch1JrjDoA3eiZ5EQ9g==
x-frame-options: DENY
date: Mon, 14 Aug 2017 03:32:20 GMT
strict-transport-security: max-age=15552000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
2 KB 6ms
6ms Script
text/javascript 92.123.93.2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP/4OCRKBF4JJENXICP676FJT.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-2.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2739cf70a13b93c9eb0d4ebe43027962bb45557e5b177f2ec6ce7f7734de7f2b

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

x-amz-version-id: 7aNvSGd9yT8ByPx3BvccNYhBVXDuhn_t
Content-Encoding: gzip
ETag: "9c75cbd7818ca10405cc43f31bcf04ca"
x-amz-request-id: C616AA34CF36559E
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2038
x-amz-id-2: jFsNPrK0GHfYpTTfv87TDZRjSRw+Dr7ltjM7c1tOLw6kpS+1OR1HT4w/zIK/t84DCH7fqObvJZ4=
Last-Modified: Wed, 09 Aug 2017 17:29:13 GMT
Server: AmazonS3
Date: Mon, 14 Aug 2017 03:32:20 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

mapuser
ums.adtech.de/
Redirect Chain

https://ums.adtech.de/mapuser?providerid=1076;userid=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1502681539;userid=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI

43 B
43 B

6ms
6ms

Image
image/gif

195.93.42.12
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1502681539;userid=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 195.93.42.12 , United Kingdom, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtech-ssp-ums-adtech-frr-a.evip.aol.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Location: https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1502681539;userid=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expiration=1534217540
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expiration=1534217540&C=1

43 B
43 B

14ms
12ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expiration=1534217540&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 14 Aug 2017 03:32:20 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expiration=1534217540&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 14 Aug 2017 03:32:20 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expires=365

42 B
42 B

8ms
8ms

Image
image/gif

62.67.193.85
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: M2jmlY-_0muZ_kBVg0iYAg
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: /tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&expires=365
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI

1 B
1 B

49ms
12ms

Image
text/html

198.47.127.15
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 198.47.127.15 Redwood City, United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
X-lat: Pug22056:0:397
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 161

GET
S

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI

0
0

33ms
14ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:20 GMT
via: 1.1 varnish
server: nginx/1.10.1
x-timer: S1502681541.790827,VS0,VE8
x-served-by: cache-hhn1541-HHN
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H/1.1 200
OK KDBRCBINVREGNJUXIQKBDP
d.adroll.com/onp/PIUCN4PSYRCCHBHOGPVN5Q/ 35 B
35 B 119ms
29ms Image
image/gif 54.217.217.90
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/onp/PIUCN4PSYRCCHBHOGPVN5Q/KDBRCBINVREGNJUXIQKBDP?pv=20425514697.065174&ev=t%3Dtop%26f%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.217.90 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-217-217-90.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
X-Advertisable-Eid: PIUCN4PSYRCCHBHOGPVN5Q
Content-Length: 35

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

0
0

128ms
31ms

Image
text/plain

2a00:1288:110:422::3000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: ATS
Connection: keep-alive
Age: 0
Content-Length: 0
Strict-Transport-Security: max-age=0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 181

GET
H/1.1 200
OK out
d.adroll.com/cm/f/ 35 B
35 B 31ms
30ms Image
image/gif 54.228.202.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/f/out
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.202.86 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-202-86.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35

GET
H/1.1

200
OK

/
sync.monarchads.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=7&user_id=fe40f134-faaf-4287-917d-5934190afe97&user_group=3&ssp=monarch
https://sync.monarchads.com/?pid=bidswitch&xid=2d27a589-1b04-48ed-80aa-046d653de0fc

43 B
43 B

101ms
101ms

Image
image/gif

34.203.101.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.monarchads.com/?pid=bidswitch&xid=2d27a589-1b04-48ed-80aa-046d653de0fc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.101.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-203-101-54.compute-1.amazonaws.com
Software: go /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 03:32:21 GMT
Server: go
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Mon, 14 Aug 2017 03:32:21 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //sync.monarchads.com/?pid=bidswitch&xid=2d27a589-1b04-48ed-80aa-046d653de0fc
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
S

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://d.adroll.com/cm/w/out
https://analytics.twitter.com/i/adsct?p_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&p_id=823423

43 B
74 B

128ms
113ms

Image
image/gif

104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&p_id=823423

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block
x-response-time: 107
pragma: no-cache
last-modified: Mon, 14 Aug 2017 03:32:20 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: dfea726b0ba835e119d6d861a83c34fc
x-transaction: 00b1551700620f9c
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://analytics.twitter.com/i/adsct?p_user_id=ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI&p_id=823423
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 109

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI%27)

0
0

29ms
5ms

Image
text/html

37.252.172.53
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI%27)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.252.172.53 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

156.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.11.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:22 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 156.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.22:80
AN-X-Request-Uuid: 2d927a4c-5c34-4259-b93c-f0e5b130ddbb
Server: nginx/1.11.5
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('ZDgwNGJmM2NhYTAxMzFkZjk4ZmY1MjhmZjdkM2E5ZjI')
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 113

GET
H/1.1

200
OK

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://idsync.rlcdn.com/377928.gif?partner_uid=d804bf3caa0131df98ff528ff7d3a9f2
https://idsync.rlcdn.com/377928.gif?partner_uid=d804bf3caa0131df98ff528ff7d3a9f2&redirect=1

43 B
43 B

102ms
102ms

Image
image/gif

34.199.130.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=d804bf3caa0131df98ff528ff7d3a9f2&redirect=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.130.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-130-102.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length: 43
Content-Type: image/gif; charset=ISO-8859-1

Redirect headers

Location: https://idsync.rlcdn.com/377928.gif?partner_uid=d804bf3caa0131df98ff528ff7d3a9f2&redirect=1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 0
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"

GET
H/1.1

200
OK

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537103138&val=d804bf3caa0131df98ff528ff7d3a9f2
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d804bf3caa0131df98ff528ff7d3a9f2

43 B
43 B

17ms
17ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d804bf3caa0131df98ff528ff7d3a9f2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/11.107.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: OXGW/11.107.1
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d804bf3caa0131df98ff528ff7d3a9f2
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: OXGW/11.107.1
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=2AS_PKoBMd-Y_1KP99Op8g&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

35 B
35 B

29ms
29ms

Image
image/gif

54.217.217.90
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.217.90 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-217-217-90.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2017 03:32:20 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2017 03:32:20 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 845756422156575 Show response
connect.facebook.net/signals/config/ 27 KB
9 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f029:16:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/845756422156575?v=2.7.19

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f029:16:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4fb9375e04065ad228e43362946da98dae2095a620f762c361414f310aa1f7bb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: IAUtPiuLaI7DfYYHhiTz5EF8i7bSSz3KmEGvj6wUWhxYnaJcWkhOhrPvu3E4Jon0tD58eIEWWksSU68HJLU6JA==
x-frame-options: DENY
date: Mon, 14 Aug 2017 03:32:20 GMT
strict-transport-security: max-age=15552000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
53 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=845756422156575&ev=PageView&dl=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do&rl=&if=false&ts=1502681540729&cd[segment_eid]=WSHLBTOPTNENBHIR3IKXBN%2CKRUTSKUGEFEQTJVTXBH3RA%2CVSVNSN2L2JGI5AYCWFL47B%2CNJHKX3JAL5HMJFD4XI6P4T%2C4OCRKBF4JJENXICP676FJT&v=2.7.19&ec=0&o=29&ttf=3722.9500000000003&tts=3654.1200000000003&ttse=3721.55
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.threatcrowd.org/domain.php?domain=bit.do
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 03:32:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 14 Aug 2017 03:32:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=threatcrowd&t_u=https%3A%2F%2Fwww.threatcrowd.org%2Fdomain.php%3Fdomain%3Dbit.do&t_d=Domain%20%3E%20bit.do%20%7C%20Threatcrowd.org%20Open%20Source%20Threat%20Intelligence&t_t=Domain%20%3E%20bit.do%20%7C%20Threatcrowd.org%20Open%20Source%20Threat%20Intelligence&s_o=default

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.disqus.com/	9999-12-31 12:00:00	Name: G_ENABLED_IDPS Value: google
.disqus.com/	2018-08-14 03:32:18	Name: disqus_unique Value: 2efh6dh88iepf
disqus.com/	2017-08-14 04:02:18	Name: __jid Value: 2efh6dg3t6l5vk
.threatcrowd.org/	2017-08-14 03:33:17	Name: _gat Value: 1
.threatcrowd.org/	2019-08-14 03:32:17	Name: _ga Value: GA1.2.1013998147.1502681538
www.threatcrowd.org/	1970-01-01 00:00:00	Name: FirstVisit Value: No
.google.com/	2018-02-13 03:32:18	Name: NID Value: 109=SkKlNKG-0ekCNDyAzvBpSKZHaz95oPk6eTRLOY0qEb4bAXStJKdrnlDXWpiOfQNgSuNarkKIO_MQfJFLqReQRF-OR47BEgTtynvPKAdWnZeSlmplDFCE35JicTG19cpY
.threatcrowd.org/	2017-08-15 03:32:17	Name: _gid Value: GA1.2.618587226.1502681538
.threatcrowd.org/	2018-08-14 03:32:17	Name: __cfduid Value: db8b3ae9ba651533e4016855cc38360491502681537

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e12` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e12` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e14` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e14` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e23` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e23` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e28` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e28` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e44` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e44` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e45` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e45` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e46` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e46` with unspecified target
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e49` with unspecified source
console-api	error	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 17) Message: Can not create edge `e49` with unspecified target
console-api	info	URL: https://www.threatcrowd.org/js/cytoscape.min.js(Line 23) Message: Layout took 220 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
ajax.googleapis.com
analytics.twitter.com
c.disquscdn.com
code.jquery.com
connect.facebook.net
d.adroll.com
disqus.com
dsum-sec.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
links.services.disqus.com
maxcdn.bootstrapcdn.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
sync.monarchads.com
threatcrowd.disqus.com
trc.taboola.com
ums.adtech.de
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.threatcrowd.org
disqus.com
104.244.42.3
151.101.112.134
151.101.112.64
151.101.114.2
151.101.192.134
173.241.240.143
195.93.42.12
198.232.125.113
198.47.127.15
2400:cb00:2048:1::6810:4ea6
2400:cb00:2048:1::681f:a9a
2a00:1288:110:422::3000
2a00:1450:4001:814::200a
2a00:1450:4001:820::200e
2a03:2880:f029:16:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.199.130.102
34.203.101.54
37.252.172.53
54.217.217.90
54.228.202.86
62.67.193.85
92.123.93.2
92.123.93.251
94.31.29.55
01a70b05146073a6972c21cce82108dae20956dded36f58ff53f728e9fcc5b24
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116aa994702d8bb71107959498f8b6bfaf5746e8afbfc69a5e855aee43d44eff
118e1e9f8051a3d2cb41438c802ef354febdf61ad6050a9ddce076e6640231e6
1b8b1d761a96d958fd8dbb46dd03dc4fd472324fc2570d587bc054f722b73611
21a119ac4e3fdee96e615eafb49cb056f3bfd5a47317e3a49612e506700fcffc
2739cf70a13b93c9eb0d4ebe43027962bb45557e5b177f2ec6ce7f7734de7f2b
35e04150b1e3cb239586736d51aec9621ee4df09fc380f9a3ca12e2eca2fd67c
36d49adc0a8b75eb50b21cc253e13021f042850322192fa91ab09b83919b05b4
3e1d0697bfac1230dcaa39d33cfa6fe7af3e922d2cdd55937633d8f224c73f50
4b0fe0a5f37dd9d6c0a8b31cd5ad0cb944347cabc2a4a3b244b49c50ee047def
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7ab0334a7e2ac7902aad6e28ef2156bc105c2be336b9bc4755d4aece65d2db
4f567869eee2ad5408f5be20da15f03bf216a81b3d7fa34cc131cf6b68f5acc2
4fb9375e04065ad228e43362946da98dae2095a620f762c361414f310aa1f7bb
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5f3040bf645a02fe9a57fe7390843c62b629db5e014abc923992331f561dada6
7c63a1302e11c3843637bfb335ef3da437c2e84e78ff33a4527ac7bbf2c3d7e3
7cd423c056facc0f29b18b229b91ae35f861ee41bddee36cc2b83409ba2471ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843eabf84b49b49f77e031a48c651e8d25bb76cd634f7b4c6ab39dffc0e01b32
86a91c5efc8a8bc3cdb5630040f43ce896adde299660951a2d3ceb278d693ac6
8a56a567773a9260f561dbc11d04dc26dee34dc9c0fd07d79d6997def2dad1f1
a985d1c01e66718e9fcb4150f7dc7c73038af3f2447d435e90030b28d9727e70
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc9e7e6b6b7b1c34b58007f553225d2a6de758a42250c1f9d098bc4d89e28c6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc011e8c419d4ffc917eed3db17dfa4847b3a1879e76c7ec1495352a98829025
bce4d1d83d42ffde5b205b6d8ca777717c324bf76c11d8161d8514e07504a9c6
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c7f56c3fb5b17270ffd87a4c738d40cd2370b9a192b0234dc3bbb90bc89b9
e6615745d99ac9ea184b3efddb2f0a3933b82419170beedf1e65c5372e1dabe3
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fd81620c131af05d3f49bbdc0358763e20916385bef2941a8f6577430131d643
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.threatcrowd.org Open in urlscan Pro 2400:cb00:2048:1::681f:a9a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

49 Requests

98 %HTTPS

28 %IPv6

21 Domains

24 Subdomains

26 IPs

4 Countries

457 kBTransfer

1502 kBSize

9 Cookies

12 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.threatcrowd.org Open in urlscan Pro
2400:cb00:2048:1::681f:a9a Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

28 %
IPv6

21
Domains

24
Subdomains

26
IPs

4
Countries

457 kB
Transfer

1502 kB
Size

9
Cookies

49 HTTP transactions
0 data transactions