urlscan.io logo urlscan.io
SecurityTrails logo

bit.ly Open in urlscan Pro
67.199.248.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://bit.ly/37sBiVK
Submission: On December 17 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 36 HTTP transactions. The main IP is 67.199.248.11, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 7701.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 6th 2024. Valid for: a year.
This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 67.199.248.11 396982 (GOOGLE-CL...)
10 3.162.130.106 16509 (AMAZON-02)
1 5 209.85.144.157 15169 (GOOGLE)
1 209.85.144.155 15169 (GOOGLE)
1 209.85.201.132 15169 (GOOGLE)
1 172.253.63.155 15169 (GOOGLE)
2 209.85.232.132 15169 (GOOGLE)
1 74.125.192.99 15169 (GOOGLE)
5 172.253.115.132 15169 (GOOGLE)
3 142.251.179.132 15169 (GOOGLE)
1 142.251.16.157 15169 (GOOGLE)
1 64.233.180.156 15169 (GOOGLE)
36 13
3    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
10    3.162.130.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-130-106.iad61.r.cloudfront.net
d1ayxb9ooonjts.cloudfront.net
5    209.85.144.157 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net
securepubads.g.doubleclick.net
1    209.85.144.155 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f155.1e100.net
securepubads.g.doubleclick.net
1    209.85.201.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f132.1e100.net
453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com
1    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
ep1.adtrafficquality.google
2    209.85.232.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f132.1e100.net
ep2.adtrafficquality.google
1    74.125.192.99 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f99.1e100.net
www.google.com
5    172.253.115.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f132.1e100.net
cdn.ampproject.org
3    142.251.179.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f132.1e100.net
tpc.googlesyndication.com
1    142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
www.googleadservices.com
1    64.233.180.156 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f156.1e100.net
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 cloudfront.net
d1ayxb9ooonjts.cloudfront.net
92 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net Failed
220 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
104 KB
5 googlesyndication.com
453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
11 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 bit.ly
bit.ly — Cisco Umbrella Rank: 7701
13 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
36 8
Domain Requested by
10 d1ayxb9ooonjts.cloudfront.net bit.ly
6 securepubads.g.doubleclick.net 1 redirects bit.ly
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
3 tpc.googlesyndication.com bit.ly
3 bit.ly bit.ly
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
1 pagead2.googlesyndication.com
1 www.googleadservices.com bit.ly
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
0 googleads.g.doubleclick.net Failed bit.ly
36 12

This site contains links to these domains. Also see Links.

Domain
bitly.com
orders.ordercoldstone.com
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
bit.ly
DigiCert EV RSA CA G2		 2024-05-06 -
2025-05-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
www.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
misc-sni.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/37sBiVK
Frame ID: 92F932D7A059945B9B5F654936591FFB
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: C62646527DF968257E8910FF668AADF2
Requests: 1 HTTP requests in this frame

Frame: https://453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 783D3500F990A177732F1C57DF59BDF3
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 15151D576D5F02B4DB80E842A23C2019
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 107F38F8B04C68AFE8A23E758EFA45C0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: DDA0FF0C4411385F7CA728A7E96AB1D5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitly | bit.ly/37sBiVK

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

36
Requests

89 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

13
IPs

1
Countries

460 kB
Transfer

1302 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C2vLY8-dhZ-yJMajF0_wP6ZqO2Qysx873euyY8IOhE6ODrcH5DhABIOGHxKQBYP2gmYHoA6AB3_GI4D3IAQKpAhPU3jE7oLE-4AIAqAMByAMIqgSSAk_QJJkppJZnK5Zbyiw2m_FKE08548Xf1xd14MFNlK6Tbwvn_gLYnLz-KDes8OwWPBrAB_yZCzlqNpbCbUR7GXafagvHKiV2SszJB3GlRm3bQ5166KG_eRFN1FJgjb9i2Thk5qDN9v3DiZkaiGyYhYAPOSSzCbNOomVeTtXFHRJVC_sAfrzesV3V0ZaUTlE_pa-urhbmmuqSyauv8uLJNtW5tXhx3W6tSYZ4JHQ2ts1OOkM0pLI3djXZAvcJvcqa8RXkY5SPbGZJhPI-bVINqfK345bAFrnZh14xSswlG9fxqobRlW5kni1ycFJwNwvT4JjWPxk-JYz1KKSO35Mz3T2HO3wl4gW3efHU_lrmoUN7z3PABOezgrv_BOAEAYgFt87LmVGSBQQIBBgBkgUECAUYBKAGAoAH36nZvxioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcFENzckALSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOlipq77s2q-KA5oJpwJodHRwczovL2dvLmdldG15YXBwLnN0b3JlLzgxMTE1ZTk2LTBhMGItNGU1OS05ZjJlLWU5NGZiYTk4ODYzYT9rZXl3b3JkPSZwbGFjZW1lbnQ9Yml0Lmx5Jm1hdGNodHlwZT0mbmV0d29yaz1kJmFkcG9zaXRpb249JmFkZ3JvdXBpZD0xNzE2NTQwMjc3NTEmc2l0ZWxpbms9e3NpdGVsaW5rfSZjYW1wYWlnbj1ERV9TaGFwZV9CcmFuZF8oQnJvYWQpJnNvdXJjZT02NWYwNjEyNC1jZWI3LTQzODktOGU3Ni1kMGRjZjk0MWMzOGUmY3BpZD04MTExNWU5Ni0wYTBiLTRlNTktOWYyZS1lOTRmYmE5ODg2M2EmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQkO-Elb_Xl-aTARICAQPiDRMIyNi-7NqvigMVqOKUCR1pjSPL6g0TCOynv-zar4oDFajilAkdaY0jy9gTDNAVAZgWAYAXAbIXIQodCAASFHB1Yi0zODQyMTg3OTE2NjgzMTE0GLmJqAEYAboXAjgBshgJEgKxXxgCIgEA0BgB6BgB&sigh=eJ34G_ogZE8&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwCa7L7dof8J1LDSg0GGsbGFr53GDTyO6OFD1Xc9YPx3HyEFm2MupH7JihHMMAoriI_BFrgQDso0pv1ie8B23Yn0h8n-_sriQ4bPzYE_O6IYAQ&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f07bee8c644ec870000000000000000%22,%222%22:%220xf86b82f0237e6b830000000000000000%22,%223%22:%220x1a3e2498f5930e320000000000000000%22,%224%22:%220xb50cb99cfe1bd0620000000000000000%22,%225%22:%220x84c2d4f6481da1190000000000000000%22},%22debug_key%22:%225059928075370307051%22,%22debug_reporting%22:true,%22destination%22:%22https://getmyapp.store%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216576035039%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227754635280110615537%22}&andc=true
Request Chain 32
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 37sBiVK
bit.ly/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
27ee913ea049a60bf3ea3f98288d0c693f8eb5fbbc31fcba11da6f8f52e2d66d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
13349
content-type
text/html; charset=utf-8
date
Tue, 17 Dec 2024 21:06:58 GMT
server
nginx
via
1.1 google
C9459B50D668CE4ED472E72E9070E570D636D116.css
d1ayxb9ooonjts.cloudfront.net/d/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C9459B50D668CE4ED472E72E9070E570D636D116.css
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
f574f461075b60d457e7b588fb8a224732186ed8076796fd5da82d044a85c42b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"ebccdda67e0ae61525be9486f61b1f29"
age
6019
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mx3UdhmE2obY_XjeRw5jrTfrDqsLmDrL9ncMCRumVdlAfyyHlgAoeg==
date
Tue, 17 Dec 2024 19:26:41 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Wed, 11 Dec 2024 19:28:53 GMT
x-amz-server-side-encryption
AES256
E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"d96c63b16075e8837f6429ba3f953f8e"
age
20735
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zw7X5GMJvi5HDlGb4VU7S2XsgPyrpCbu4E9l7kym4Yh4BnNIAMPlBw==
date
Tue, 17 Dec 2024 15:21:33 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:34 GMT
x-amz-server-side-encryption
AES256
C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		136 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"c2c9b75f1e7f8f9d78f3bdad7d8d66f3"
age
38758
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KTRGwG3EdE_9SX0Maza_gloprCywNPw-p5ebp9vaMTm-ewLIYbfWgg==
date
Tue, 17 Dec 2024 10:21:03 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 17 Sep 2024 14:14:29 GMT
x-amz-server-side-encryption
AES256
A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		574 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

vary
Accept-Encoding
etag
"392ec4a3f2a2e875cdde717f81168686"
age
52903
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
574
x-amz-cf-id
D34v7WAQaXCYjMu5KsQhbe7KbQyVBjLkwLphw0BGmFsJOhYqcA1kYQ==
date
Tue, 17 Dec 2024 06:25:16 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

vary
Accept-Encoding
etag
"a6c2aae1b41d9e328c4f8e6c34e3d12c"
age
52903
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
17206
x-amz-cf-id
MV9QaHdMvcdlLpHie9gFwHJZNQIx9cr3hL3J8xpJwXyE-uRiWFQRTw==
date
Tue, 17 Dec 2024 06:25:16 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 17:03:54 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		605 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

vary
Accept-Encoding
etag
"a47dae536e54fe18ffa70c06a225a82a"
age
52721
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
605
x-amz-cf-id
IbBEQCjKM91cEM_7ErYY_gqOPhOACn4JfeC0yq_bAkWhNSIBONvdTw==
date
Tue, 17 Dec 2024 06:28:18 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"ee83fb0ac337e7aa3f20382a114bc471"
age
48269
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
V1o6NNFssO9lMZMVnlbDTRjTF4m7lepuwiTsOhCWMiWtlzfIxmoXhg==
date
Tue, 17 Dec 2024 07:42:34 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption
AES256
7AD8772BD1C47740F140231A2A6797014CE99924.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7AD8772BD1C47740F140231A2A6797014CE99924.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

vary
Accept-Encoding
etag
"c5a3d1eb98ef9c64ea41c8e77d5c82eb"
age
52905
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
711
x-amz-cf-id
Krz15ZEakr6-a4-cI306AT3k_DZs5-g45QxYstFE7SW9ZiNuVyan2Q==
date
Tue, 17 Dec 2024 06:25:14 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

x-amz-cf-pop
IAD61-P3
content-encoding
gzip
etag
W/"dfac9023ccd5b454f9633062f2a64cb2"
age
52735
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
16teEpHDFZyGZfI0YqrpG5XLCjnNBqspYO6lK_-sZsx25qhcnXIWcA==
date
Tue, 17 Dec 2024 06:28:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption
AES256
beacon
bit.ly/preview_page/ 		16 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/37sBiVK

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Tue, 17 Dec 2024 21:06:59 GMT
content-type
application/json
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
09758f6ac925f65ed193a88414d61c4b6f072a6e1bd5702fb2b727d0b49fb34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

content-encoding
br
etag
126 / 20074 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 21:06:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 21:06:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33936
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

content-encoding
br
etag
5395541545685299795
age
7477
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 19:02:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 19:02:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
5726
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 19:31:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 19:31:33 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame C626 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.155 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/37sBiVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
58
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 21:06:01 GMT
expires
Tue, 17 Dec 2024 21:56:01 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=441010628107669&correlator=114166594984386&eid=31089311%2C31089341%2C31089347%2C31089351%2C95349035%2C31089201%2C31088251%2C95347486&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_cohort1_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1734469619735&lmt=1734469619&adxs=179&adys=67&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F37sBiVK&vis=1&psz=658x405&msz=300x365&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734469618961&idt=734&prev_scp=cohort%3Dcohort1&adks=2087378001&frm=20&eoidce=1&td=1&egid=52393&tan=c8e3a701-b9eb-4cd0-aee3-bbae9d7a550f&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
3da6611a75f323c9106f337ec205163205e8f9e89f09a343578da10b61954b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 21:07:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://bit.ly
content-length
9524
x-xss-protection
0
server
cafe
container.html
453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 783D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/37sBiVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 21:07:00 GMT
expires
Tue, 17 Dec 2024 21:07:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
89a454ea83a9a5488863b0ef082e7e9f97f45628d47d3d9859ea116a08588579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13198
date
Tue, 17 Dec 2024 21:07:00 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.130.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-130-106.iad61.r.cloudfront.net
Software
nginx /
Resource Hash
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

vary
Accept-Encoding
etag
"10be1fc63993fd01005c34be73678406"
age
52734
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1421
x-amz-cf-id
CQKGQXawV__2at2vpNJghVdmxkU1S5vymINF_jXcId2qHxRRdzbGOw==
date
Tue, 17 Dec 2024 06:28:06 GMT
content-type
image/png
last-modified
Wed, 10 Jul 2024 17:00:59 GMT
server
nginx
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/37sBiVK

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 21:07:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:07:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1515 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/37sBiVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 20:46:16 GMT
expires
Tue, 17 Dec 2024 21:36:16 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 107F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f99.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GgLd5WGDVdNAMDw0upYX-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/37sBiVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GgLd5WGDVdNAMDw0upYX-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 21:07:00 GMT
expires
Tue, 17 Dec 2024 21:07:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame DDA0 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
313901
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 05:55:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 05:55:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame DDA0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
314831
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 05:39:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 05:39:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame DDA0 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
313901
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 05:55:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 05:55:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame DDA0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
314678
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 05:42:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 05:42:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame DDA0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
312974
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 06:10:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 06:10:46 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
truncated
/ Frame DDA0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20e0caa23058bb272e2d558ab28e61c250853de6c658d43a53bf92be09c2886e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
8917259626549549166
tpc.googlesyndication.com/simgad/ Frame DDA0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8917259626549549166?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql9JJpQx-w-rh-L7YAPCWvdZYHSBw
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
sffe /
Resource Hash
87d5d244bfd0d7b2e236e835efd6355f12f708e1a44a575cc423b9baae77bc2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

age
356385
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 18:07:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 18:07:15 GMT
last-modified
Tue, 06 Aug 2024 19:17:26 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
7894
x-xss-protection
0
server
sffe
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDA0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
23732
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 14:31:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Tue, 17 Dec 2024 14:31:28 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDA0 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
79085
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 23:08:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Mon, 16 Dec 2024 23:08:55 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
/
www.googleadservices.com/pagead/ar-adview/ Frame DDA0
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C2vLY8-dhZ-yJMajF0_wP6ZqO2Qysx873euyY8IOhE6ODrcH5DhABIOGHxKQBYP2gmYHoA6AB3_GI4D3IAQKpAhPU3jE7oLE-4AIAqAMByAMIqgSSAk_QJJkppJZnK5Zbyiw2m_FKE085...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f07bee8c644ec870000000000000000%22,%222%22:%220xf86b82f0237e6b830000000000000000%22,%223%22:%220x1a3e24...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f07bee8c644ec870000000000000000%22,%222%22:%220xf86b82f0237e6b830000000000000000%22,%223%22:%220x1a3e2498f5930e320000000000000000%22,%224%22:%220xb50cb99cfe1bd0620000000000000000%22,%225%22:%220x84c2d4f6481da1190000000000000000%22},%22debug_key%22:%225059928075370307051%22,%22debug_reporting%22:true,%22destination%22:%22https://getmyapp.store%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216576035039%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227754635280110615537%22}&andc=true
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H3
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 21:07:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 17 Dec 2024 21:07:00 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x9f07bee8c644ec870000000000000000","2":"0xf86b82f0237e6b830000000000000000","3":"0x1a3e2498f5930e320000000000000000","4":"0xb50cb99cfe1bd0620000000000000000","5":"0x84c2d4f6481da1190000000000000000"},"debug_key":"5059928075370307051","debug_reporting":true,"destination":"https://getmyapp.store","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16576035039"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"7754635280110615537"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f07bee8c644ec870000000000000000","2":"0xf86b82f0237e6b830000000000000000","3":"0x1a3e2498f5930e320000000000000000","4":"0xb50cb99cfe1bd0620000000000000000","5":"0x84c2d4f6481da1190000000000000000"},"debug_key":"5059928075370307051","debug_reporting":true,"destination":"https://getmyapp.store","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16576035039"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"7754635280110615537"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 17 Dec 2024 21:07:00 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
beacon
bit.ly/preview_page/ 		16 B
29 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/37sBiVK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/37sBiVK

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Tue, 17 Dec 2024 21:07:00 GMT
content-type
application/json
server
nginx
si
googleads.g.doubleclick.net/pagead/drt/ Frame DDA0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
view
securepubads.g.doubleclick.net/btr/ Frame DDA0 		0
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DDA0 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLWQ0DSUH-rPta_NxNOHf3RqSkkoLX91uLu-IYpsUvcdYImxZ7hmPgOIfQfpGJMGkk7s8yI1Ii2pInd2O7eIJQ2zsAOWKeoRBQezvnnGWXN6RZJmVyma3e2PLmnQ42Tlh79QnMvvrmWsCt8SnKkM5L8uboKT8SruMGp7zRAtFMR9Vq4Fikfg4kLAkGD4BPR9WaoQ&sai=AMfl-YRW1poR2NWtjmn4cKyX_cMDza7YGWC2KdzHQNByxqnHVsR_GZRop8o1mp_wUGrHLI-TNjy5K9RULoZqyVuGLSuYYDJc1sBILQSVZIIJxs0Vh092z4W73sS1ujrRUrjtopvphjPz6h5gCtP3Go15CA&sig=Cg0ArKJSzILauEDC2dYbEAE&cid=CAQSTwCa7L7dof8J1LDSg0GGsbGFr53GDTyO6OFD1Xc9YPx3HyEFm2MupH7JihHMMAoriI_BFrgQDso0pv1ie8B23Yn0h8n-_sriQ4bPzYE_O6IYAQ&id=ampim&o=161,67&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=339&tls=1339&g=100&h=100&tt=1339&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 21:07:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=C2vLY8-dhZ-yJMajF0_wP6ZqO2Qysx873euyY8IOhE6ODrcH5DhABIOGHxKQBYP2gmYHoA6AB3_GI4D3IAQKpAhPU3jE7oLE-4AIAqAMByAMIqgSSAk_QJJkppJZnK5Zbyiw2m_FKE08548Xf1xd14MFNlK6Tbwvn_gLYnLz-KDes8OwWPBrAB_yZCzlqNpbCbUR7GXafagvHKiV2SszJB3GlRm3bQ5166KG_eRFN1FJgjb9i2Thk5qDN9v3DiZkaiGyYhYAPOSSzCbNOomVeTtXFHRJVC_sAfrzesV3V0ZaUTlE_pa-urhbmmuqSyauv8uLJNtW5tXhx3W6tSYZ4JHQ2ts1OOkM0pLI3djXZAvcJvcqa8RXkY5SPbGZJhPI-bVINqfK345bAFrnZh14xSswlG9fxqobRlW5kni1ycFJwNwvT4JjWPxk-JYz1KKSO35Mz3T2HO3wl4gW3efHU_lrmoUN7z3PABOezgrv_BOAEAYgFt87LmVGSBQQIBBgBkgUECAUYBKAGAoAH36nZvxioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcFENzckALSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOlipq77s2q-KA5oJpwJodHRwczovL2dvLmdldG15YXBwLnN0b3JlLzgxMTE1ZTk2LTBhMGItNGU1OS05ZjJlLWU5NGZiYTk4ODYzYT9rZXl3b3JkPSZwbGFjZW1lbnQ9Yml0Lmx5Jm1hdGNodHlwZT0mbmV0d29yaz1kJmFkcG9zaXRpb249JmFkZ3JvdXBpZD0xNzE2NTQwMjc3NTEmc2l0ZWxpbms9e3NpdGVsaW5rfSZjYW1wYWlnbj1ERV9TaGFwZV9CcmFuZF8oQnJvYWQpJnNvdXJjZT02NWYwNjEyNC1jZWI3LTQzODktOGU3Ni1kMGRjZjk0MWMzOGUmY3BpZD04MTExNWU5Ni0wYTBiLTRlNTktOWYyZS1lOTRmYmE5ODg2M2EmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQkO-Elb_Xl-aTARICAQPiDRMIyNi-7NqvigMVqOKUCR1pjSPL6g0TCOynv-zar4oDFajilAkdaY0jy9gTDNAVAZgWAYAXAbIXIQodCAASFHB1Yi0zODQyMTg3OTE2NjgzMTE0GLmJqAEYAboXAjgBshgJEgKxXxgCIgEA0BgB6BgB&sigh=eJ34G_ogZE8&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTwCa7L7dof8J1LDSg0GGsbGFr53GDTyO6OFD1Xc9YPx3HyEFm2MupH7JihHMMAoriI_BFrgQDso0pv1ie8B23Yn0h8n-_sriQ4bPzYE_O6IYAQ&ibtr=1
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=441010628107669&bg=!0tGl0Z7NAAbtGp3CzRo7ADQBe5WfODH1aDI9Qc7UtYnJrESXgQ8oOWG9zlVRVu-oV0ZVHtL-bDubzB8ht7l1NXczrWDrAgAAAEtSAAAAA2gBB34ANrSevTbkv6FZK9ilUTg6BTiAcJ78IblNvBTQBUlbGIO2sr81kPkHn1g5_LcbffDFpzEi6F1pd5kCjMtKpxA0pciWnP-Z8rQAef5xkEQceJ2Coj07jaHbv03eomS0Y5lEN9hT956knywNBhVeIzp1Gme7Yk_8UD9s61o1cAyhIew9YbyO3FNe3dNCLG2DwskRPLnMqegM8wso0U4C6yvFD3DZhKvoNNSFjVSQcyRJg202V_HQU_1nmF_J19Ug_FjyOE2O_Yj0Lt7UJVnceBKnm1x-aesIjFIffZKnC40ECsskqAhzxCuCWtlzOCFIQ3vBVmKGDtFwz65U7pqETpePYQB-bf8oZRhmgoFszsieq_34UgO_FZqJiySlNxCTxM9TovVbEWL8WW3rut0JqLq6YL2QzeqxHyD4yrhE_kGsfdo-ppSdMYzF_Ut0I7FajX4Hq-Bp-SZs66LZG_WBx5ImExOZxA5q08XOV0Rno2EfhKvWLp0d7T1pJhicd5I5iaoQYOYoaimh0BwoRGuq_1yzRYIb6XD8xggZTDH9D-1f1kCFHaC1khzKjZnDPFguKIceuZXGfYdd1nGcrSYfzDMr_UIAtJg-7w8VoNHW8-DTDObIaCZdRbq4rWqgJIsQDCw8T5jYZLxMjQJYTpgqQYo80NB_DcSIsF-EBY-t8Hbip4RLukE_ru__gun7E0O43qoP-EfB9HrbDiQufMPB2RK_CUWZK8CuN9WfMlV-DHGGZuqxsnAeBSjspbL46CDNqzc8yjMNqYw33-QX63WVDuen49sNbO2wJM-ZirjxPpBx0eMAJEWbKPHqu1jUsEPM1ik2_mJywb4kP1a20kGeI7fzL1TbvMtVAVbE9KrOjqZn6SrJxVHQjiE3zQnFehU1VnZs5DKQT6aWxX2DsGwgWP9esooHHt1FJc0Jf-3ZKt0hxSwEKvQ9tMA

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| sendBeacon object| seenActions object| now object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

7 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: obhl6W-af18046b39075ef130-00a
.bit.ly/ Name: __gads
Value: ID=a67b4e819872e238:T=1734469619:RT=1734469619:S=ALNI_MZ0qqeXPX6ScAmBBv9AwR0Dz6fbFA
.bit.ly/ Name: __gpi
Value: UID=00000fb8284476d0:T=1734469619:RT=1734469619:S=ALNI_MZ_PQYP2rXkVxMN1GVdR7dnsqFNrg
.bit.ly/ Name: __eoi
Value: ID=6605864f48ac553a:T=1734469619:RT=1734469619:S=AA-AfjZvG0CgV7cT-UK2xFA6FDdY
.doubleclick.net/ Name: IDE
Value: AHWqTUl9J3Vt3-EFV8cVAEwqRrUMPNC9Hf_umIBs2DQvHPKWLCXKvPAct5VDyeyrxG0
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

453b853ef67cbb4150fe86c432c798aa.safeframe.googlesyndication.com
bit.ly
cdn.ampproject.org
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
ep1.adtrafficquality.google
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
142.251.16.157
142.251.179.132
172.253.115.132
172.253.63.155
209.85.144.155
209.85.144.157
209.85.201.132
209.85.232.132
3.162.130.106
64.233.180.156
67.199.248.11
74.125.192.99
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
09758f6ac925f65ed193a88414d61c4b6f072a6e1bd5702fb2b727d0b49fb34e
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
20e0caa23058bb272e2d558ab28e61c250853de6c658d43a53bf92be09c2886e
27ee913ea049a60bf3ea3f98288d0c693f8eb5fbbc31fcba11da6f8f52e2d66d
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b
3da6611a75f323c9106f337ec205163205e8f9e89f09a343578da10b61954b32
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
87d5d244bfd0d7b2e236e835efd6355f12f708e1a44a575cc423b9baae77bc2a
89a454ea83a9a5488863b0ef082e7e9f97f45628d47d3d9859ea116a08588579
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1
f574f461075b60d457e7b588fb8a224732186ed8076796fd5da82d044a85c42b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99