bit.ly Open in urlscan Pro
67.199.248.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/1IJVcln
Effective URL:
https://bit.ly/1IJVcln
Submission: On January 03 via manual (January 3rd 2025, 1:23:07 pm UTC) from ZA — Scanned from AU

Summary HTTP 37 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 67.199.248.11, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 7701.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 6th 2024. Valid for: a year.

This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	18.67.108.218 18.67.108.218	16509 (AMAZON-02) (AMAZON-02)
1 6	142.250.71.66 142.250.71.66	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4006:80a::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:804::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.24.36 172.217.24.36	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:812::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
1	142.250.76.99 142.250.76.99	15169 (GOOGLE) (GOOGLE)
37	12

3 67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.67.108.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-108-218.syd62.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.71.66 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4006:80a::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:804::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.36 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:812::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.76.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net d1ayxb9ooonjts.cloudfront.net	92 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net Failed	220 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	104 KB
4	googlesyndication.com c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	4 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	bit.ly bit.ly — Cisco Umbrella Rank: 7701	14 KB
1	gstatic.com fonts.gstatic.com	35 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	20 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
37	10

	Domain	Requested by
10	d1ayxb9ooonjts.cloudfront.net	bit.ly
6	securepubads.g.doubleclick.net	1 redirects bit.ly securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
3	bit.ly	bit.ly
2	tpc.googlesyndication.com	bit.ly
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
1	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googleadservices.com	bit.ly
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
0	googleads.g.doubleclick.net Failed	bit.ly
37	14

This site contains links to these domains. Also see Links.

Domain
bitly.com
mpowafin.co.za
support.bitly.com
x.com
www.instagram.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
bit.ly DigiCert EV RSA CA G2	`2024-05-06` - `2025-05-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
adtrafficquality.google WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WE2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
misc-sni.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/1IJVcln
Frame ID: 41FC22ACB9D389D288CC561DB0248F89
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 10E8A65CCE0203F68A6138A9DB9DEB42
Requests: 1 HTTP requests in this frame

Frame: https://c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A6EDA1209D1659DFC42F746DADBF0FC
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: A242ECD5458E873C9AB990EA7D0D0864
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F8F2E70A2A764C70F96A0C936CFF5C7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: A112AE2B11DE7F87947D1C535869037D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | bit.ly/1IJVcln

Page URL History Show full URLs

http://bit.ly/1IJVcln HTTP 307
https://bit.ly/1IJVcln Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

37
Requests

89 %
HTTPS

36 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

492 kB
Transfer

1365 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://bitly.com/?utm_source=Bitly&utm_medium=referral&utm_campaign=preview_page

Search URL Search Domain Scan URL

URL: https://mpowafin.co.za/session/users/sign_in
Title: mpowafin.co.za/session/users/sign_in

Search URL Search Domain Scan URL

URL: https://support.bitly.com/hc/en-us/articles/32500359495565-Free-Short-Link-Generator-Anonymous-Link-FAQ
Title: Bitly Help Center

Search URL Search Domain Scan URL

URL: https://x.com/bitly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitly/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitly/mycompany/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/1IJVcln HTTP 307
https://bit.ly/1IJVcln Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://securepubads.g.doubleclick.net/pagead/adview?ai=CNy-9uOR3Z7-0A5SVssUP77XPwATv0KO2fOicovHEEsLctrLoDhABIOGHxKQBYKWAgICcAaABhJDunwPIAQGpAll9coSK1aQ-4AIAqAMByAMKqgSHAk_Qz2nBBpzZ-kDwvbizb-ITlzdzIUEI9mCVyDhRJFVIy6m6L8jAUr6u4VAIoD9hzKYQXppHdtMEfywcy77WuLHxIXod-QZE-mB3FWpNf_vErStG0memH0vrDA34n5UsieZZswIy1e0IpRB9uXW5_vhsAyWoqdfcWJnItkH0ZE50dsZ7lG2j4jqR9VX_zu91moMnaEsI5lXSt3EFzKTpkdoqFfUABkIm7n0SLn3cuEH0g_-E1CU8advj7A60vSMNACHhZ300pWMpCD_531TwFC-j9Spz60Z_9hXANMZKioB_wu4m7FI_gqza_UjgLgQ7zwWAKbOJQEPWjVDBUsTR4oWhiEQYKZuLwATCkcW3xgTgBAGIBdbU9flOkgUECAQYAZIFBAgFGASAB-TvkWCoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBRDtgbME0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYt6_k7dLZigOaCYcCaHR0cHM6Ly93d3cubGF0aXR1ZGVmaW5hbmNpYWwuY29tLmF1L3BlcnNvbmFsLWxvYW5zP2dlbWlkMT1wbWF4Omdvb2dsZTpwbWF4LWZpeGVkcmF0ZTpwZXJzb25hbC1sb2Fuczpjb252ZXJzaW9uOnBtYXgtZml4ZWRyYXRlLW5ldyZ1dG1fbWVkaXVtPXBtYXgmdXRtX3NvdXJjZT1nb29nbGUmdXRtX2NhbXBhaWduPXBtYXgtZml4ZWRyYXRlJnV0bV9jb250ZW50PXBlcnNvbmFsLWxvYW5zOmNvbnZlcnNpb246cG1heC1maXhlZHJhdGUtbmV3JmdjbHNyYz1hdy5kcyaACgPICwHaDBEKCxDAsuzKoaSs68YBEgIBA-INEwjs5uTt0tmKAxWUiqwCHe_aE0jqDRMIrLXl7dLZigMVlIqsAh3v2hNI2BML0BUBmBYBgBcBshchCh0IABIUcHViLTM4NDIxODc5MTY2ODMxMTQYuYmoARgBshgJEgLBXBgBIgEA&sigh=NzhDFHbLDQk&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgCa7L7dhjrM-iSmBiJRQaB4BVWY746Tathuv_SD1AVAwtzVWN_UhtESvcQgR1WJBKBQwzK8dSWWlhNYS1c3moE_lNPHJZ6e0fIukJPPdhgB&ebtr=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x448459dcd09e127e0000000000000000%22,%222%22:%220xca4c60a0b3e454a0000000000000000%22,%223%22:%220x4f381f94d7b3fcac0000000000000000%22,%224%22:%220xf7aa3a1c4cef60800000000000000000%22,%225%22:%220x76834f400c90703b0000000000000000%22},%22debug_key%22:%226618349220489557316%22,%22debug_reporting%22:true,%22destination%22:%22https://latitudefinancial.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22872122372%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223966692366149975537%22}&andc=true

Request Chain 33

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1IJVcln Show response
bit.ly/
Redirect Chain

http://bit.ly/1IJVcln
https://bit.ly/1IJVcln

14 KB
14 KB

319ms
256ms

Document
text/html

67.199.248.11
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: 705a92777b989f7da46868394e347b635ad5f0a3a55ec3930a44004c96dd6b9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 13891
content-type: text/html; charset=utf-8
date: Fri, 03 Jan 2025 13:23:03 GMT
server: nginx
via: 1.1 google

Redirect headers

Location: https://bit.ly/1IJVcln
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 C9459B50D668CE4ED472E72E9070E570D636D116.css
d1ayxb9ooonjts.cloudfront.net/d/ 12 KB
3 KB 130ms
40ms Stylesheet
text/css 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C9459B50D668CE4ED472E72E9070E570D636D116.css
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: f574f461075b60d457e7b588fb8a224732186ed8076796fd5da82d044a85c42b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"ebccdda67e0ae61525be9486f61b1f29"
age: 3931
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 8IUAJxjjSwZehncKS_UQtp_byjW3s6td4TY0qkKYlOWzBK8tY_NSvg==
date: Fri, 03 Jan 2025 12:17:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Wed, 11 Dec 2024 19:28:53 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
d1ayxb9ooonjts.cloudfront.net/d/ 5 KB
3 KB 132ms
43ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"d96c63b16075e8837f6429ba3f953f8e"
age: 82797
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: VqiqUcejJFwPM8d9O71tyuCCUlXwpYa09DmmESd78LqB8Y5rxX4EgA==
date: Thu, 02 Jan 2025 14:23:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Tue, 27 Aug 2024 19:02:34 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
d1ayxb9ooonjts.cloudfront.net/d/ 136 KB
62 KB 131ms
42ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"c2c9b75f1e7f8f9d78f3bdad7d8d66f3"
age: 19434
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: EuobK0Q33azeHbHZQ3LvwTeMEDusbHqc_Alz9RrvCCh3OWzR3NmOXQ==
date: Fri, 03 Jan 2025 07:59:09 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Tue, 17 Sep 2024 14:14:29 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
d1ayxb9ooonjts.cloudfront.net/d/ 574 B
920 B 47ms
43ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

etag: "392ec4a3f2a2e875cdde717f81168686"
age: 26529
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 574
x-amz-cf-id: TEHMD4c5ArlqFi2-KXCWoy9hCLvarvq6sr0mlzc4-4UWw6fq5BCInQ==
date: Fri, 03 Jan 2025 06:00:54 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Aug 2024 19:02:35 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 17 KB
17 KB 46ms
41ms Image
image/webp 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

vary: Accept-Encoding
etag: "a6c2aae1b41d9e328c4f8e6c34e3d12c"
age: 20527
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 17206
x-amz-cf-id: BE1TS41BSo2PoituOHcLFLVPUavS6LM80dV5Q0tB3747XqUpp-K8OA==
date: Fri, 03 Jan 2025 07:40:57 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 17:03:54 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
d1ayxb9ooonjts.cloudfront.net/d/ 605 B
970 B 46ms
42ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

vary: Accept-Encoding
etag: "a47dae536e54fe18ffa70c06a225a82a"
age: 26463
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 605
x-amz-cf-id: xjun8kVQfwaUq4ZZew_qysf8gGz0iHcwVDragVj76EOHGE_5IySVtw==
date: Fri, 03 Jan 2025 06:02:00 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Aug 2024 19:02:35 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
d1ayxb9ooonjts.cloudfront.net/d/ 3 KB
2 KB 46ms
42ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"ee83fb0ac337e7aa3f20382a114bc471"
age: 76535
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2qGuKptQqzR7RPm70cHKeZvpBW3NbKgHrgGphPVx8JebTIopuIglZw==
date: Thu, 02 Jan 2025 16:08:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 7AD8772BD1C47740F140231A2A6797014CE99924.svg
d1ayxb9ooonjts.cloudfront.net/d/ 711 B
1 KB 53ms
50ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7AD8772BD1C47740F140231A2A6797014CE99924.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

vary: Accept-Encoding
etag: "c5a3d1eb98ef9c64ea41c8e77d5c82eb"
age: 3493
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 711
x-amz-cf-id: OlsOz_tnhgZQ17E-MLK1d3K62paAbTJjPiduOJep_kPoW3bP9J5qHw==
date: Fri, 03 Jan 2025 13:15:52 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Aug 2024 19:02:35 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
928 B 47ms
44ms Image
image/svg+xml 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"dfac9023ccd5b454f9633062f2a64cb2"
age: 82746
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: pGIPHggBG_kwMuyQG-H7qMoHm4gLC8vN28AuykSLAbYZnQ8t3DEuiQ==
date: Thu, 02 Jan 2025 14:23:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption: AES256

POST
H2 200 beacon
bit.ly/preview_page/ 16 B
80 B 242ms
237ms Ping
application/json 67.199.248.11
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/1IJVcln

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Fri, 03 Jan 2025 13:23:03 GMT
content-type: application/json
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 299ms
159ms Script
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bit.ly
URL: https://bit.ly/1IJVcln

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

15e73b371649e59341cbfa07b218564acfa3867f8099506933e6263009be721d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

content-encoding: br
etag: 689 / 20091 / m202412090101 / config-hash: 9209132169055932927
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 13:23:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 03 Jan 2025 13:23:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33971
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 43ms
42ms Script
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

content-encoding: br
etag: 5395541545685299795
age: 4493
x-content-type-options: nosniff
expires: Sat, 03 Jan 2026 12:08:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 03 Jan 2025 12:08:10 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 135ms
134ms Other
text/plain 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: bit.ly
URL: https://bit.ly/1IJVcln

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 164
x-content-type-options: nosniff
expires: Sat, 04 Jan 2025 13:20:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 03 Jan 2025 13:20:19 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 10E8 0
0 175ms
41ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/1IJVcln
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 12:53:02 GMT
expires: Fri, 03 Jan 2025 13:43:02 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
11 KB 1155ms
1155ms Fetch
text/plain 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=163883704871350&correlator=3452101602111139&eid=31089310%2C31089342%2C31088080&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1735910583943&lmt=1735910583&adxs=179&adys=67&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F1IJVcln&vis=1&psz=658x549&msz=300x509&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1735910583271&idt=634&prev_scp=cohort%3Dcohort_annonls&adks=3309689787&frm=20&eoidce=1&td=1&egid=27674&tan=ae320d43-77b9-4986-a64f-f1ac72540380&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

6c3a524df997ca0d477c4d990db227cf36e1903101b270e556e37e6116e5c6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 03 Jan 2025 13:23:05 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bit.ly
content-length: 11697
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A6E 0
0 322ms
136ms Document
text/html 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/1IJVcln
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 13:23:04 GMT
expires: Fri, 03 Jan 2025 13:23:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 326ms
188ms XHR
application/json 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3760e7fa54fa18ca27bcca2427f3d06e29a4a5d604c7f6243b56919d02fcc470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13468
date: Fri, 03 Jan 2025 13:23:04 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
2 KB 41ms
40ms Other
image/png 18.67.108.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-218.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

etag: "10be1fc63993fd01005c34be73678406"
age: 12020
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1421
x-amz-cf-id: LAx8x-f_o6wXkeK7hAnrVfBnBe6-D7tI_sbnXjxgE5MZTSgKr_kuRQ==
date: Fri, 03 Jan 2025 10:02:44 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 17:00:59 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 456ms
273ms Script
text/javascript 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/1IJVcln

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 13:23:05 GMT
alt-svc: h3=":443"; ma=2592000
date: Fri, 03 Jan 2025 13:23:05 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame A242 0
0 215ms
41ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/1IJVcln
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1997
alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 12:49:48 GMT
expires: Fri, 03 Jan 2025 13:39:48 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6F8F 0
0 277ms
142ms Document
text/html 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7w16EW0HCeq_U9utO0b21Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/1IJVcln
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7w16EW0HCeq_U9utO0b21Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 13:23:05 GMT
expires: Fri, 03 Jan 2025 13:23:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012410292120000/ Frame A112 196 KB
56 KB 273ms
46ms Script
text/javascript 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

content-encoding: br
etag: "f2f37e2e78f77a16"
age: 514286
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 14:31:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 14:31:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56191
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A112 15 KB
5 KB 363ms
136ms Script
text/javascript 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

content-encoding: br
etag: "981e33f595c3ea40"
age: 514286
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 14:31:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 14:31:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5211
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A112 95 KB
28 KB 341ms
115ms Script
text/javascript 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

content-encoding: br
etag: "5e018091947c60fe"
age: 44401
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 03 Jan 2026 01:03:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 01:03:04 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29021
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A112 5 KB
2 KB 361ms
135ms Script
text/javascript 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

content-encoding: br
etag: "deab494dea0d53b6"
age: 514286
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 14:31:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 14:31:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1906
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame A112 40 KB
13 KB 365ms
139ms Script
text/javascript 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

content-encoding: br
etag: "f2575cb9f4cf0f6e"
age: 194941
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 07:14:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 07:14:04 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12953
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame A112 20 KB
2 KB 320ms
142ms Stylesheet
text/css 2404:6800:4006:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 13:23:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 13:23:05 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 03 Jan 2025 13:06:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ Frame A112 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39fe7957a5a69ee60438835c9ae82571d6647fd921bcabd86027cf52e35b0a66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A112 3 KB
3 KB 226ms
44ms Image
image/png 2404:6800:4006:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: bit.ly
URL: https://bit.ly/1IJVcln

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 15880770647744369592
age: 7621
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sat, 04 Jan 2025 11:16:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2982
x-xss-protection: 0
date: Fri, 03 Jan 2025 11:16:04 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 adchoices_blue_wb.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A112 209 B
578 B 225ms
43ms Image
image/png 2404:6800:4006:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png

Requested by

Host: bit.ly
URL: https://bit.ly/1IJVcln

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 2799713854418114702
age: 52169
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 22:53:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 209
x-xss-protection: 0
date: Thu, 02 Jan 2025 22:53:36 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A112
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CNy-9uOR3Z7-0A5SVssUP77XPwATv0KO2fOicovHEEsLctrLoDhABIOGHxKQBYKWAgICcAaABhJDunwPIAQGpAll9coSK1aQ-4AIAqAMByAMKqgSHAk_Qz2nBBpzZ-kDwvbizb-ITlzdz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x448459dcd09e127e0000000000000000%22,%222%22:%220xca4c60a0b3e454a0000000000000000%22,%223%22:%220x4f381f9...

0
20 B

324ms
185ms

Image
text/css

142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x448459dcd09e127e0000000000000000%22,%222%22:%220xca4c60a0b3e454a0000000000000000%22,%223%22:%220x4f381f94d7b3fcac0000000000000000%22,%224%22:%220xf7aa3a1c4cef60800000000000000000%22,%225%22:%220x76834f400c90703b0000000000000000%22},%22debug_key%22:%226618349220489557316%22,%22debug_reporting%22:true,%22destination%22:%22https://latitudefinancial.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22872122372%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223966692366149975537%22}&andc=true

Requested by

Host: bit.ly
URL: https://bit.ly/1IJVcln

Protocol

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 13:23:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 03 Jan 2025 13:23:05 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x448459dcd09e127e0000000000000000","2":"0xca4c60a0b3e454a0000000000000000","3":"0x4f381f94d7b3fcac0000000000000000","4":"0xf7aa3a1c4cef60800000000000000000","5":"0x76834f400c90703b0000000000000000"},"debug_key":"6618349220489557316","debug_reporting":true,"destination":"https://latitudefinancial.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["872122372"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"3966692366149975537"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x448459dcd09e127e0000000000000000","2":"0xca4c60a0b3e454a0000000000000000","3":"0x4f381f94d7b3fcac0000000000000000","4":"0xf7aa3a1c4cef60800000000000000000","5":"0x76834f400c90703b0000000000000000"},"debug_key":"6618349220489557316","debug_reporting":true,"destination":"https://latitudefinancial.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["872122372"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"3966692366149975537"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 03 Jan 2025 13:23:05 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 239ms
237ms Ping
application/json 67.199.248.11
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/1IJVcln
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/1IJVcln

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Fri, 03 Jan 2025 13:23:05 GMT
content-type: application/json
server: nginx

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame A112 35 KB
35 KB 179ms
43ms Font
font/woff2 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bit.ly
Referer: https://fonts.googleapis.com/

Response headers

age: 502500
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 17:48:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 17:48:05 GMT
last-modified: Tue, 29 Oct 2024 18:37:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36216
x-xss-protection: 0
server: sffe

GET

si
googleads.g.doubleclick.net/pagead/drt/ Frame A112
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

GET view
securepubads.g.doubleclick.net/btr/ Frame A112 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A112 42 B
65 B 191ms
190ms Image
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3qe734qpvq8aSV6uMLeh7jsMFikvBmSbsvXNnuTku_xx8Ro3fq8xaw-tIdrEsWLM3zdomkP9Ak0jYUDJWa5ekV9R0EqitkLlKQ0E96DesYnLPMQk0R-kXZmMk5JIwJMxPcepfwRlt_MYT92swd6fW3l_KTA-_PHlIHJ3tEFRoai21Quyp_vcqih6zpJyVutaxeQ&sai=AMfl-YRD_GN1BFG8l6TZfusfSI2U52Z79qiE5W00vK2uENCiNFSJ9aFJMJkt1n3ePniKC8P5zZLevU3ddh9ezBq7ldQ6yE0H61KjZqv6MMh7BB7zOf3SDqm3_1N7NsMe6RpeL_VcIKt4PHCxO_Fy8K_6&sig=Cg0ArKJSzDGm0CPirSAfEAE&cid=CAQSTgCa7L7dhjrM-iSmBiJRQaB4BVWY746Tathuv_SD1AVAwtzVWN_UhtESvcQgR1WJBKBQwzK8dSWWlhNYS1c3moE_lNPHJZ6e0fIukJPPdhgB&id=ampim&o=161,67&d=336,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=418&tls=1419&g=100&h=100&tt=1419&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 03 Jan 2025 13:23:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/btr/view?ai=CNy-9uOR3Z7-0A5SVssUP77XPwATv0KO2fOicovHEEsLctrLoDhABIOGHxKQBYKWAgICcAaABhJDunwPIAQGpAll9coSK1aQ-4AIAqAMByAMKqgSHAk_Qz2nBBpzZ-kDwvbizb-ITlzdzIUEI9mCVyDhRJFVIy6m6L8jAUr6u4VAIoD9hzKYQXppHdtMEfywcy77WuLHxIXod-QZE-mB3FWpNf_vErStG0memH0vrDA34n5UsieZZswIy1e0IpRB9uXW5_vhsAyWoqdfcWJnItkH0ZE50dsZ7lG2j4jqR9VX_zu91moMnaEsI5lXSt3EFzKTpkdoqFfUABkIm7n0SLn3cuEH0g_-E1CU8advj7A60vSMNACHhZ300pWMpCD_531TwFC-j9Spz60Z_9hXANMZKioB_wu4m7FI_gqza_UjgLgQ7zwWAKbOJQEPWjVDBUsTR4oWhiEQYKZuLwATCkcW3xgTgBAGIBdbU9flOkgUECAQYAZIFBAgFGASAB-TvkWCoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBRDtgbME0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYt6_k7dLZigOaCYcCaHR0cHM6Ly93d3cubGF0aXR1ZGVmaW5hbmNpYWwuY29tLmF1L3BlcnNvbmFsLWxvYW5zP2dlbWlkMT1wbWF4Omdvb2dsZTpwbWF4LWZpeGVkcmF0ZTpwZXJzb25hbC1sb2Fuczpjb252ZXJzaW9uOnBtYXgtZml4ZWRyYXRlLW5ldyZ1dG1fbWVkaXVtPXBtYXgmdXRtX3NvdXJjZT1nb29nbGUmdXRtX2NhbXBhaWduPXBtYXgtZml4ZWRyYXRlJnV0bV9jb250ZW50PXBlcnNvbmFsLWxvYW5zOmNvbnZlcnNpb246cG1heC1maXhlZHJhdGUtbmV3JmdjbHNyYz1hdy5kcyaACgPICwHaDBEKCxDAsuzKoaSs68YBEgIBA-INEwjs5uTt0tmKAxWUiqwCHe_aE0jqDRMIrLXl7dLZigMVlIqsAh3v2hNI2BML0BUBmBYBgBcBshchCh0IABIUcHViLTM4NDIxODc5MTY2ODMxMTQYuYmoARgBshgJEgLBXBgBIgEA&sigh=NzhDFHbLDQk&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTgCa7L7dhjrM-iSmBiJRQaB4BVWY746Tathuv_SD1AVAwtzVWN_UhtESvcQgR1WJBKBQwzK8dSWWlhNYS1c3moE_lNPHJZ6e0fIukJPPdhgB&ibtr=1

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=163883704871350&bg=!m5ilmNfNAAbtGp3CzRo7ADQBe5WfOKS_oLERgKDy2Z6dZ01YSTMBPHExXP227y-8mfBSpnMS_t86cj2Kdke-WF47S7Q7AgAAAD1SAAAAA2gBB34ANkEfQCiNgc0Oy3dHIngeuhNQUoIfbKmlewQ-nwUmNQZ0tCo5CRIm8fJYThgwUSE7fQf9jc9GOpkCnp_dwF8lzlWcSRjpf_3dDTTmWdg9N-zs5-o57kbtHuBCJ-ptrqCKRNh6SQHhUSV7k9iq8bB5zwsfCnwR8Q-HuK2BLDhc-jBkmwPZyZMlFX-cUV-mLpxdIZenmYncmpI03eme8hW5LencTlFfsICeptf799s7Eqk72JABLuvmBbtN6oc8UlFEllRadiN48E8sw4ilPBBMhqeZMaRBD3XOOxpdKYdkepslnezA1C5AOcQg-uWjZ55luX95oJoJ-XWY4poRhWy_Ca2BQ6zmXcVdnmSfOd48tSYRn5y5avHr4kwGk3VBfU7JfYh50hIUk_NqFnOW0nrK7caT1laW9S3B0LcCdlDIzowY6NBC3-EKATcdytSKn4nva7VzMUJ6LIRENknqduiTbHMkrukDzArPrZTlOFlTnKOKExz9Oigosf-BNAwuCXcyjSgnA8HiOeGPY1kb7jNzsUpFBN8OLPQ2nyopbyDq4QUG_fc5N_37RY_yJAPcpca-dY7lduRUjFIqMYbsHUutCQI8oOVChSHmY6mpExXsok3Ots09vXGNImKj3DcGqOHXgnoUMydk_1VRrGXXicsLIUGQLQe16an14mZY8iClSoRwJXRMgGPbto-zSMOURkABetTJgBtWqpclUmiydn-6HXcwOiMQ_V4649h0uhWkuO5gnyZNnce1dzONbgA-RJ_65OXIaBK0n8M6mlzV1pmDT6p4j1BsceDhSga6vYCkdcsGmeuV7UPgHFQT3OKw6L5xRqQKuyMMPzu1wZ35naU8gE_k98HxuDgTBJbk6oEYnClIScBSODVS_xuoR7imZIofgRrsdjp1S7RpBaDLwl-l53F2uQiOokJoipnAcOn-SQoQaFplu2ni0PY8dYSZPyhUVZ47r3DxyMo

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 06:31:02	Name: _bit Value: p03dn3-0c4f0a734f57a2317a-00C
.bit.ly/	1970-01-21 11:33:26	Name: __gads Value: ID=63582861979195c5:T=1735910584:RT=1735910584:S=ALNI_MaAhKNJzakIshLuYj5JO_MS51H9xw
.bit.ly/	1970-01-21 11:33:26	Name: __gpi Value: UID=00000fd2b893ad9e:T=1735910584:RT=1735910584:S=ALNI_MaJmuXjgtz65XY_YGbKgYtJ86t4cg
.bit.ly/	1970-01-21 06:31:02	Name: __eoi Value: ID=70200e93d93311ea:T=1735910584:RT=1735910584:S=AA-AfjagqsUO3ITXy_EWnXOAQMeS
.doubleclick.net/	1970-01-21 11:47:50	Name: IDE Value: AHWqTUk_kQuO7zn59aFpnk0eidtttBJ7Tn38FEm4LtlD4bHafzj_ihvCMy0xt10Vl2w
.googleadservices.com/	1970-01-21 04:21:26	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:11:54	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
c798b801925fdaddfd595b289f559717.safeframe.googlesyndication.com
cdn.ampproject.org
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
ep1.adtrafficquality.google
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
142.250.204.2
142.250.71.66
142.250.76.99
172.217.167.66
172.217.24.36
18.67.108.218
2404:6800:4006:804::2001
2404:6800:4006:80a::2001
2404:6800:4006:812::2001
2404:6800:4006:814::200a
67.199.248.11
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b
15e73b371649e59341cbfa07b218564acfa3867f8099506933e6263009be721d
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0
3760e7fa54fa18ca27bcca2427f3d06e29a4a5d604c7f6243b56919d02fcc470
39fe7957a5a69ee60438835c9ae82571d6647fd921bcabd86027cf52e35b0a66
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6
6c3a524df997ca0d477c4d990db227cf36e1903101b270e556e37e6116e5c6ff
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
705a92777b989f7da46868394e347b635ad5f0a3a55ec3930a44004c96dd6b9b
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1
f574f461075b60d457e7b588fb8a224732186ed8076796fd5da82d044a85c42b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

bit.ly Open in urlscan Pro 67.199.248.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

89 %HTTPS

36 %IPv6

10 Domains

14 Subdomains

12 IPs

2 Countries

492 kBTransfer

1365 kBSize

7 Cookies

7 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bit.ly Open in urlscan Pro
67.199.248.11 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

89 %
HTTPS

36 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

492 kB
Transfer

1365 kB
Size

7
Cookies

37 HTTP transactions
1 data transactions