urlscan.io logo urlscan.io
SecurityTrails logo

bit.ly Open in urlscan Pro
67.199.248.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://bit.ly/2Gj9o0C
Submission: On December 12 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 8 domains to perform 37 HTTP transactions. The main IP is 67.199.248.11, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 7701.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 6th 2024. Valid for: a year.
This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 67.199.248.11 396982 (GOOGLE-CL...)
10 3.162.130.106 16509 (AMAZON-02)
1 5 172.253.122.156 15169 (GOOGLE)
1 172.253.122.155 15169 (GOOGLE)
3 142.251.16.132 15169 (GOOGLE)
2 172.253.63.154 15169 (GOOGLE)
1 74.125.192.105 15169 (GOOGLE)
5 172.253.63.132 15169 (GOOGLE)
3 74.125.192.132 15169 (GOOGLE)
2 173.194.68.154 15169 (GOOGLE)
37 11
3    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
10    3.162.130.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-130-106.iad61.r.cloudfront.net
d1ayxb9ooonjts.cloudfront.net
5    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
securepubads.g.doubleclick.net
1    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
securepubads.g.doubleclick.net
3    142.251.16.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com
ep2.adtrafficquality.google
2    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
ep1.adtrafficquality.google
www.googleadservices.com
1    74.125.192.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f105.1e100.net
www.google.com
5    172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net
cdn.ampproject.org
3    74.125.192.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f132.1e100.net
tpc.googlesyndication.com
2    173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 cloudfront.net
d1ayxb9ooonjts.cloudfront.net
92 KB
6 googlesyndication.com
62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
27 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net Failed
218 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
104 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 bit.ly
bit.ly — Cisco Umbrella Rank: 7701
13 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
37 8
Domain Requested by
10 d1ayxb9ooonjts.cloudfront.net bit.ly
6 securepubads.g.doubleclick.net 1 redirects bit.ly
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
3 tpc.googlesyndication.com bit.ly
3 bit.ly bit.ly
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
1 www.googleadservices.com bit.ly
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
0 googleads.g.doubleclick.net Failed bit.ly
37 12

This site contains links to these domains. Also see Links.

Domain
bitly.com
go.essentialed.com
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
bit.ly
DigiCert EV RSA CA G2		 2024-05-06 -
2025-05-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
misc-sni.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/2Gj9o0C
Frame ID: 30A4DD3E948EE74AE173CE2F985CCA0B
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 747357DBE9CEAD4D7F8905BB5FE219EB
Requests: 1 HTTP requests in this frame

Frame: https://62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 51ACC2B7FC4C51A96E6B79C5BE414E71
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 34BD4E0E95C45F9904C56ADE0D99354F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F720122078D6D6F309C9B6264BCA3744
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: F8D3E0C4993F5ED8180D8FF195CBFA74
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitly | bit.ly/2Gj9o0C

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

37
Requests

89 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

11
IPs

1
Countries

475 kB
Transfer

1319 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CwSaOAgFbZ5fRIKOLvPIP8J_hsA_mg_X0Xrjsh57GDsCNtwEQASDhh8SkAWDJtomHzKPAF6AB9cPh-wPIAQPgAgCoAwHIAwiqBJ4CT9AgkmFW53JvmBONAD5HbT6LDj7pDPpAuGirjdctA85ewMLgU7EoJHhteHQigBM8nuEkdI11yJQA8bYfNRyAyztnKrWKFVJH4JmPDMVXbLIgG8xbrZpZD2xUITEiUqK25gzeKA1FmZduv3XJ3uoijFoPJJGW9s2RuIMHxB9KCpkALd-kVPvL5qmTz6rjkP6GmuqqKw85N0s0GasmyzAuNJKgexY7R56TisoNMzecjpG_LjygXJ5x6-J4jn_YcBeoGc1Vv2SHpAxCHaKkiwnGed5A0YyR0V3u8_h1sb1bOUo8HrpomktMb_zGqDAzvKWdQA1DsnNSJX2X5kTAsmgHE860FIxsb31KpsmvPS81-efQZYTiimAUwopm5TOC88AE293O2fwC4AQBiAXdn6LOJZIFBAgEGAGSBQQIBRgEoAYDgAfzu54EqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBRDctrwB0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYpcSi4cWiigOaCTJodHRwczovL3d3dy5lZHVjYXRpb24uY29tL3dvcmtzaGVldHMvP2dhZF9zb3VyY2U9NYAKA8gLAdoMEAoKELCYj7CM8Zb4YhICAQPiDRMIkO6i4cWiigMVowVPCB3wTxj26g0TCMKzo-HFoooDFaMFTwgd8E8Y9tgTC9AVAZgWAYAXAbIXIQodCAASFHB1Yi0zODQyMTg3OTE2NjgzMTE0GLmJqAEYAboXAjgBshgFGAMiAQDQGAE&sigh=81-2huvjqMw&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgCa7L7dhVWwBWfxZ39mIqTytRJyGQSW-zYgclRz7twi5UDG8xDnsrh0O4I7jdXTdJJfuyuRg3O7fVfU2KPiwotyS-m1vlA2g3c4f3V5cBgB&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4134f71d51de4f4d0000000000000000%22,%222%22:%220xf15cffedf06a270a0000000000000000%22,%223%22:%220x8a8670fffa0c5240000000000000000%22,%224%22:%220xc9a38f0fbd37265e0000000000000000%22,%225%22:%220x467d11b7bd7521160000000000000000%22},%22debug_key%22:%2210932223737756437843%22,%22debug_reporting%22:true,%22destination%22:%22https://education.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221064854005%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218217996635287788753%22}&andc=true
Request Chain 32
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2Gj9o0C
bit.ly/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
d380c79c2d165a22a02601f487d0310282b29f90076f30f9da722bf61301877e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
13439
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 15:28:01 GMT
server
nginx
via
1.1 google
CF2B210E65BE23AE74056B1469A6C564DB3BE39D.css
d1ayxb9ooonjts.cloudfront.net/d/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/CF2B210E65BE23AE74056B1469A6C564DB3BE39D.css
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
54d49f3c5b31d492a5189c2afe89e5931012f793850e91388707406133cb3f66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"f1659a5930dececa2e2f6561d61dcea3"
age
84389
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
E5AYhlh7cpOMWdyVyLTe_ii90CXyrjHZcVwQt6yWxUJ-o0v07GkzJg==
date
Wed, 11 Dec 2024 16:01:32 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Mon, 09 Dec 2024 20:56:45 GMT
x-amz-server-side-encryption
AES256
E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"d96c63b16075e8837f6429ba3f953f8e"
age
32161
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ruaYBQpaZE9cS4GYzGWIcP_AtHtsA2jE4tgkNAMTUQw2piEgSELjmw==
date
Thu, 12 Dec 2024 06:32:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:34 GMT
x-amz-server-side-encryption
AES256
C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		136 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"c2c9b75f1e7f8f9d78f3bdad7d8d66f3"
age
32570
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
AstqsiXP2d25UxhkYsjmUqXxfY1fzSjlzxPnRMrUzVyPXpNn8uESAw==
date
Thu, 12 Dec 2024 06:25:14 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 17 Sep 2024 14:14:29 GMT
x-amz-server-side-encryption
AES256
A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		574 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

vary
Accept-Encoding
etag
"392ec4a3f2a2e875cdde717f81168686"
age
32570
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
574
x-amz-cf-id
2a9LpHFn5b4EYKUXv6qmgnpnMvrq-3-OBm3cHkxoB_ucxZTGVpi2IA==
date
Thu, 12 Dec 2024 06:25:14 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

vary
Accept-Encoding
etag
"a6c2aae1b41d9e328c4f8e6c34e3d12c"
age
32570
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
17206
x-amz-cf-id
xgl5RgaKYedXIR2hO1D7qP2vjZ39jmmeyAOBUwnTdKvOda01QvplOQ==
date
Thu, 12 Dec 2024 06:25:12 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 17:03:54 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		605 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

vary
Accept-Encoding
etag
"a47dae536e54fe18ffa70c06a225a82a"
age
32385
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
605
x-amz-cf-id
9m_AQFMcTiB56K41k-QPWxYwWyfSJGu_vwkJBqDmm-wxRrNmYruMTg==
date
Thu, 12 Dec 2024 06:28:16 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"ee83fb0ac337e7aa3f20382a114bc471"
age
27939
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
iJ32t1I9XxzbiYpYvnDYfXDlggYY5GgyHJQ39P3jZjc0Wk3dzXr5nw==
date
Thu, 12 Dec 2024 07:42:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption
AES256
7AD8772BD1C47740F140231A2A6797014CE99924.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7AD8772BD1C47740F140231A2A6797014CE99924.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

vary
Accept-Encoding
etag
"c5a3d1eb98ef9c64ea41c8e77d5c82eb"
age
32570
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
711
x-amz-cf-id
nFDXzEta_w8IwopYwgd9TzTD6NHuIDfevTdfYvQx53fhT3HXZTKUyg==
date
Thu, 12 Dec 2024 06:25:11 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"dfac9023ccd5b454f9633062f2a64cb2"
age
32400
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HfDHnS6IwScX9vj0jHKB3I2pKIHwLVwra5-3uXgZlU-HFjHCzrQ_ew==
date
Thu, 12 Dec 2024 06:28:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption
AES256
beacon
bit.ly/preview_page/ 		16 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/2Gj9o0C

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Thu, 12 Dec 2024 15:28:01 GMT
content-type
application/json
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
c7697227e79feae38341ff30ac933d7823d2cd057ff14a2ea3a4a51c3ead91f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

content-encoding
br
etag
223 / 20069 / m202412050101 / config-hash: 10932404072011808778
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 15:28:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 15:28:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33954
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/ 		496 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

content-encoding
br
etag
2279107579115022503
age
55749
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 23:58:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 23:58:53 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157504
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
1717
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 14:59:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 14:59:25 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7473 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2Gj9o0C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 15:06:59 GMT
expires
Thu, 12 Dec 2024 15:56:59 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1517003005344636&correlator=2823188363329921&eid=31089322%2C31089351%2C31085777%2C95349328&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_cohort1_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1734017282442&lmt=1734017282&adxs=179&adys=67&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F2Gj9o0C&vis=1&psz=658x509&msz=300x469&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734017281384&idt=1015&prev_scp=cohort%3Dcohort1&adks=2087378001&frm=20&eoidce=1&td=1&egid=16746&tan=0b984cd9-ce20-4a6a-b57d-455aca03a36b&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
65b47a80cc02fec6e9df388f569e17f7b9a9b4fad89adbc5736f39c4c7bff10b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 15:28:03 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://bit.ly
content-length
9013
x-xss-protection
0
server
cafe
container.html
62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 51AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2Gj9o0C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 15:28:02 GMT
expires
Thu, 12 Dec 2024 15:28:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
f8e98ab7e35061fd42db788f97eca8f4e5d384dae2b32e5ec682253bbddee329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13145
date
Thu, 12 Dec 2024 15:28:03 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

vary
Accept-Encoding
etag
"10be1fc63993fd01005c34be73678406"
age
32400
via
1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1421
x-amz-cf-id
PBpjg5ioXMo0-4Tp-OlqlwOI-Qs9PJcm7YWB9L5LXS2XaAsXZuSDkA==
date
Thu, 12 Dec 2024 06:28:13 GMT
content-type
image/png
last-modified
Wed, 10 Jul 2024 17:00:59 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2Gj9o0C

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 15:28:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 15:28:03 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 34BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2Gj9o0C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:32 GMT
expires
Thu, 12 Dec 2024 15:44:32 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F720 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b79BGI2fxLHv8sCsLExbjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2Gj9o0C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-b79BGI2fxLHv8sCsLExbjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 15:28:03 GMT
expires
Thu, 12 Dec 2024 15:28:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame F8D3 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
482048
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 01:33:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 01:33:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame F8D3 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
117082
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 06:56:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 06:56:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame F8D3 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
431106
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 15:42:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 15:42:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame F8D3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
457071
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 08:30:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 08:30:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame F8D3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
416623
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 19:44:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 19:44:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
truncated
/ Frame F8D3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f581a41374b2100a2de298851b5218108dfe425e62c7006066774111b6908216

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
16963035895192748329
tpc.googlesyndication.com/simgad/ Frame F8D3 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16963035895192748329
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
sffe /
Resource Hash
68436db8277adce21c52cea4701643893fdadcb8984b3e345af693403663d568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 15:28:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Thu, 12 Dec 2024 15:28:04 GMT
content-type
image/gif
last-modified
Wed, 21 Jul 2021 17:11:52 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
23819
x-xss-protection
0
server
sffe
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F8D3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
9850
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 12:43:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Thu, 12 Dec 2024 12:43:54 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F8D3 		295 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
850
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 15:13:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Thu, 12 Dec 2024 15:13:54 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
/
www.googleadservices.com/pagead/ar-adview/ Frame F8D3
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CwSaOAgFbZ5fRIKOLvPIP8J_hsA_mg_X0Xrjsh57GDsCNtwEQASDhh8SkAWDJtomHzKPAF6AB9cPh-wPIAQPgAgCoAwHIAwiqBJ4CT9AgkmFW53JvmBONAD5HbT6LDj7pDPpAuGirjdct...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4134f71d51de4f4d0000000000000000%22,%222%22:%220xf15cffedf06a270a0000000000000000%22,%223%22:%220x8a8670...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4134f71d51de4f4d0000000000000000%22,%222%22:%220xf15cffedf06a270a0000000000000000%22,%223%22:%220x8a8670fffa0c5240000000000000000%22,%224%22:%220xc9a38f0fbd37265e0000000000000000%22,%225%22:%220x467d11b7bd7521160000000000000000%22},%22debug_key%22:%2210932223737756437843%22,%22debug_reporting%22:true,%22destination%22:%22https://education.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221064854005%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218217996635287788753%22}&andc=true
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 15:28:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 15:28:04 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4134f71d51de4f4d0000000000000000","2":"0xf15cffedf06a270a0000000000000000","3":"0x8a8670fffa0c5240000000000000000","4":"0xc9a38f0fbd37265e0000000000000000","5":"0x467d11b7bd7521160000000000000000"},"debug_key":"10932223737756437843","debug_reporting":true,"destination":"https://education.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1064854005"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"18217996635287788753"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4134f71d51de4f4d0000000000000000","2":"0xf15cffedf06a270a0000000000000000","3":"0x8a8670fffa0c5240000000000000000","4":"0xc9a38f0fbd37265e0000000000000000","5":"0x467d11b7bd7521160000000000000000"},"debug_key":"10932223737756437843","debug_reporting":true,"destination":"https://education.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1064854005"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"18217996635287788753"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 15:28:03 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
beacon
bit.ly/preview_page/ 		16 B
29 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/2Gj9o0C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/2Gj9o0C

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Thu, 12 Dec 2024 15:28:03 GMT
content-type
application/json
server
nginx
si
googleads.g.doubleclick.net/pagead/drt/ Frame F8D3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
view
securepubads.g.doubleclick.net/btr/ Frame F8D3 		0
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f154.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://bit.ly/2Gj9o0C

Response headers
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F8D3 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmViTz0P16BF-pyist_O4rodYLEpbvEjJuvr4vz_R_uFkI3pvlyTNrmNX7IhhUwor9qH2of_cd2BgK1QZSz67U39wTmx3xiu6XA5fTEMV4AS2TSs0SIvA7EwSxzdTKIeRQPRWNbGhAC9-onkfZAtZFS8AZLLckR43EFi4rYL33tuvHJlKJ4b7KGusfi4UCkEKQ12R5&sai=AMfl-YQhm7RF2FxvEAvZSo0hYIHrpGbCba7GFvOQ0BE2k7OyedJALcB07xMQ0rhZCt3dtZEtcSAoHNi0wWh-9JcSrhqC5FI1YzugeC6PfQKj6aq-93Bd4ZziOF_JS1VFkkBeN5j-Kkb7mEgFpH7YfObb&sig=Cg0ArKJSzCm3FcjHuD_1EAE&cid=CAQSTgCa7L7dhVWwBWfxZ39mIqTytRJyGQSW-zYgclRz7twi5UDG8xDnsrh0O4I7jdXTdJJfuyuRg3O7fVfU2KPiwotyS-m1vlA2g3c4f3V5cBgB&id=ampim&o=179,67&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=619&tls=1619&g=100&h=100&tt=1619&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 12 Dec 2024 15:28:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=CwSaOAgFbZ5fRIKOLvPIP8J_hsA_mg_X0Xrjsh57GDsCNtwEQASDhh8SkAWDJtomHzKPAF6AB9cPh-wPIAQPgAgCoAwHIAwiqBJ4CT9AgkmFW53JvmBONAD5HbT6LDj7pDPpAuGirjdctA85ewMLgU7EoJHhteHQigBM8nuEkdI11yJQA8bYfNRyAyztnKrWKFVJH4JmPDMVXbLIgG8xbrZpZD2xUITEiUqK25gzeKA1FmZduv3XJ3uoijFoPJJGW9s2RuIMHxB9KCpkALd-kVPvL5qmTz6rjkP6GmuqqKw85N0s0GasmyzAuNJKgexY7R56TisoNMzecjpG_LjygXJ5x6-J4jn_YcBeoGc1Vv2SHpAxCHaKkiwnGed5A0YyR0V3u8_h1sb1bOUo8HrpomktMb_zGqDAzvKWdQA1DsnNSJX2X5kTAsmgHE860FIxsb31KpsmvPS81-efQZYTiimAUwopm5TOC88AE293O2fwC4AQBiAXdn6LOJZIFBAgEGAGSBQQIBRgEoAYDgAfzu54EqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBRDctrwB0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYpcSi4cWiigOaCTJodHRwczovL3d3dy5lZHVjYXRpb24uY29tL3dvcmtzaGVldHMvP2dhZF9zb3VyY2U9NYAKA8gLAdoMEAoKELCYj7CM8Zb4YhICAQPiDRMIkO6i4cWiigMVowVPCB3wTxj26g0TCMKzo-HFoooDFaMFTwgd8E8Y9tgTC9AVAZgWAYAXAbIXIQodCAASFHB1Yi0zODQyMTg3OTE2NjgzMTE0GLmJqAEYAboXAjgBshgFGAMiAQDQGAE&sigh=81-2huvjqMw&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTgCa7L7dhVWwBWfxZ39mIqTytRJyGQSW-zYgclRz7twi5UDG8xDnsrh0O4I7jdXTdJJfuyuRg3O7fVfU2KPiwotyS-m1vlA2g3c4f3V5cBgB&ibtr=1
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412050101&jk=1517003005344636&bg=!-fql-rXNAAbtGp3CzRo7ADQBe5WfOJkBXbveL9kdlwTUVXK5xATiS_dRGAYZ-CCTgHeRtSYzsXumfhLOUdTk5vSx0thKAgAAAFhSAAAACGgBB34ANmfo63yDnUEBOlWqhbftz6M8uKPzHvik523g5ERtpcpZz4q8FaBiQOX5wuR2zFrEbP4tOS9hYJkCjdgedM0mv5a02QgHlB4kBVtS3OU1i-0EzQtoUCnxfOWyb-yXLqpS-GBi8_pc6tsxzLgtS5j-WwqAdaIUk0tVFcWJjljykgo0Shvk8rPhu1K6Al0mxCt7cxGg5CDKouSbJJ2A-dvsb9CSw5dFRg3rxrUkTUrwFWpp-G_Y7ePLC8I2UHmLEvXQ4vEIKK5_bRLEBeJuGtjrm3qd5cfSX7araBKnwSJY7C4Yu2NFCLRerSUs4lmE-iiuasEy9fGXdg3GyC9ELwRsLwd4wc2D6JeOZj-25V2qv2bKcx7tDKRdKfxPSHhLg5j42eRu-AIm-KG6p2EawEA_5tkYJb9sM6VxSNkwBcQqF4-VzcX-Sb-dksO5DkZw63_vRb7W3Z44gyDtICw2bwya-Dp5R6YkrJPtNDlew4IdRzkfTXvOoDd0dzmDrYvxhefaGJslupjXJhUsOvhEiG5vNxccMLoKYvjgo6TiNocnYqSQ0kHu8kGfhSeHi-hT9KyT82tBcfQwFrwoFklk92a712J364yUKczkhwE2I6gj9xjCsoJRmLDwAKVKavEbPst49glOw3i-aCcoPnnwFouINjeNwlQs6V5zGXmoRU8LTztFUqUDQGsP8tKIcozL4kChpHxyOF3j8T9yBat20m1sjyN2QDo_vE2NC4VIo7rmCOip6I3RvJVPGBALoAEinnPRSaGigOyIs0iSCrgA5sBYOKWbp14l25mhw3JrC98L4WoxfnssmhALV2mGXZeoyzxYxD0IAUtx7fquDl1AAp2oTe_8w39MqbTtQpr438KYLBYwME6RcseTv1gv5M8GWNI0mfqc9ukmbvMdWHF9UjML5vZtrtMYD-7u1_Kf47c_eKE_68WBSCCz

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| sendBeacon object| seenActions object| now object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

7 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: obcfs1-a251e8cf4bc3e45470-00W
.bit.ly/ Name: __gads
Value: ID=0b826b13d2466adb:T=1734017282:RT=1734017282:S=ALNI_MafTwzj0EmkJLGafd3pcpg2_xmw1A
.bit.ly/ Name: __gpi
Value: UID=00000fb052470373:T=1734017282:RT=1734017282:S=ALNI_MYdO0fsNcNC5t1bV_vCTu6Ntt-tVw
.bit.ly/ Name: __eoi
Value: ID=09cbffbfe6f505e5:T=1734017282:RT=1734017282:S=AA-AfjadSo4YCbr5BK0U9viPswjr
.doubleclick.net/ Name: IDE
Value: AHWqTUmVJgFaeAIhav1t297W9rbnWf3FmVtw7R_t7iAp7-rAxPIFoodY41o2dxBIA7M
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62773be21d69b9e86e7803313d6ec21b.safeframe.googlesyndication.com
bit.ly
cdn.ampproject.org
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
ep1.adtrafficquality.google
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
142.251.16.132
172.253.122.155
172.253.122.156
172.253.63.132
172.253.63.154
173.194.68.154
3.162.130.106
67.199.248.11
74.125.192.105
74.125.192.132
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
54d49f3c5b31d492a5189c2afe89e5931012f793850e91388707406133cb3f66
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
65b47a80cc02fec6e9df388f569e17f7b9a9b4fad89adbc5736f39c4c7bff10b
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6
68436db8277adce21c52cea4701643893fdadcb8984b3e345af693403663d568
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
c7697227e79feae38341ff30ac933d7823d2cd057ff14a2ea3a4a51c3ead91f7
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4
d380c79c2d165a22a02601f487d0310282b29f90076f30f9da722bf61301877e
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1
f581a41374b2100a2de298851b5218108dfe425e62c7006066774111b6908216
f8e98ab7e35061fd42db788f97eca8f4e5d384dae2b32e5ec682253bbddee329
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99