urlscan.io logo urlscan.io
SecurityTrails logo

bit.ly Open in urlscan Pro
67.199.248.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E3jX7UdwUvWW16GmiaKN7...
Effective URL: https://bit.ly/2NtmGaF
Submission: On December 31 via api from AE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 38 HTTP transactions. The main IP is 67.199.248.10, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 7701.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 6th 2024. Valid for: a year.
This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.115.52 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x52.outbound-mail.sendgrid.net
notificacion.transfiriendo.com
3    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
10    3.168.96.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-96-221.jfk52.r.cloudfront.net
d1ayxb9ooonjts.cloudfront.net
6    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
ep1.adtrafficquality.google
2    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
5    2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net
ad.doubleclick.net
1    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
www.googleadservices.com
1    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 cloudfront.net
d1ayxb9ooonjts.cloudfront.net
92 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
googleads.g.doubleclick.net Failed
220 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
104 KB
4 googlesyndication.com
d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
3 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 bit.ly
bit.ly — Cisco Umbrella Rank: 7701
13 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 transfiriendo.com
notificacion.transfiriendo.com
225 B
38 11
Domain Requested by
10 d1ayxb9ooonjts.cloudfront.net bit.ly
6 securepubads.g.doubleclick.net 1 redirects bit.ly
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
3 bit.ly bit.ly
2 ad.doubleclick.net 1 redirects bit.ly
2 tpc.googlesyndication.com bit.ly
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
1 pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googleadservices.com bit.ly
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 notificacion.transfiriendo.com 1 redirects
0 googleads.g.doubleclick.net Failed bit.ly
38 16
Subject Issuer Validity Valid
bit.ly
DigiCert EV RSA CA G2		 2024-05-06 -
2025-05-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
misc-sni.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/2NtmGaF
Frame ID: 081BA96B03504669273A97269160671A
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 60989F23E1141B360865313FD2C86153
Requests: 1 HTTP requests in this frame

Frame: https://d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3BCBC1106DD6E03E07DC28DD5C7D6056
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 64FBC77D9251B993BEB5675CE24795DE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AF70191F204E8EDDAF4CD0F2A43B447
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: 3686F4AD3B0A1DDD16574A92C826934F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitly | bit.ly/2NtmGaF

Page URL History Show full URLs

  1. http://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E... HTTP 307
    https://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E... HTTP 302
    https://bit.ly/2NtmGaF Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

38
Requests

87 %
HTTPS

67 %
IPv6

11
Domains

16
Subdomains

15
IPs

1
Countries

491 kB
Transfer

1363 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E3jX7UdwUvWW16GmiaKN7DcHVh-2FYefuLU6t1rHCf6PRxAFddWq3wATaxSALdDle4XwW5ZbCHmUsSNVFH86-2FKXd-2BJ9cgizpyADqHp0y4-2B8ClWHgR0L0b1LP8MuYVucv29UhLUmCa9DR89ULDS-2B7U3PM-2BjjNp5ZaYRkM9py3ahHAveQRDR8y8cSPYwt9o3kC7tvjWq7k88o7jJTJ1HySyWaA-3D-3D HTTP 307
    https://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E3jX7UdwUvWW16GmiaKN7DcHVh-2FYefuLU6t1rHCf6PRxAFddWq3wATaxSALdDle4XwW5ZbCHmUsSNVFH86-2FKXd-2BJ9cgizpyADqHp0y4-2B8ClWHgR0L0b1LP8MuYVucv29UhLUmCa9DR89ULDS-2B7U3PM-2BjjNp5ZaYRkM9py3ahHAveQRDR8y8cSPYwt9o3kC7tvjWq7k88o7jJTJ1HySyWaA-3D-3D HTTP 302
    https://bit.ly/2NtmGaF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B31086658.397855352;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B31086658.397855352;dc_pre=CJyMm4qd0YoDFYZZRwEd2uMagg;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 32
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CYof7lXpzZ82DBr-rjvQP64utgAWR74i2fPvHudP_EvW69I32DxABIOGHxKQBYMnGqYvApNgPoAGk7o2vKMgBAeACAKgDAcgDCqoEjgJP0OxU4vzeeSbjM8LRXOpxSGhH2MHFRhCN-c8IJpmWzjjTbc9lXRmeEjjPKkcHEoU7Y1252zModyrbW3oNV_6JlIvtSDS5XmxhTPvdJR8qupqi_M-M8iCTNzwjEOTHrfiQBnyv5rJkW0N9lDNt3iszqwWpY6IZcr_SnnNyzXWC-bh9kawDJ_s3bkxiK6qmdgK2DRMCFUPIK_Ct-6CDJ8MLLD2IN6Ckuo6ATrF9Y8NfLbw4W5Jja-GM7VI7OW20JxfIiwVesFJdJL5DWp5KrWaWX9Xc6qERs-cqzWbYqIG393-wMDD6740izpWFXkRKg3bBEF5Ps9IMIGMZeBm4UsOjMu7grbJ4mqS04uLDBn7ABInv7pLvBOAEAYgFopDd2k-SBQQIBBgBkgUECAUYBIAHt5rOLKgH1ckbqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQupkk0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpY3_rUiZ3RigOaCdMBaHR0cHM6Ly9jbG91ZC5nb29nbGUuY29tL2FwaXM_dXRtX3NvdXJjZT1nZG4mdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1uYS1VUy1hbGwtZW4tZHItc21hcnQtYWxsLXRyaWFsLW5vbmUtZ2RuLTE3MDc1NTQmdXRtX2NvbnRlbnQ9cmRhJnV0bV90ZXJtPS17Z2NsaWR9fjE2NzI3NDg1NDI4MX5-MjEzOTY2NzA0OTh-NzAzMzQwNjk3MzM4JmdhZF9zb3VyY2U9NYAKA8gLAdoMEQoLENCYjt_i-oac0AESAgED4g0TCJam1Ymd0YoDFb-Vgwgd60ULUOoNEwi86NWJndGKAxW_lYMIHetFC1DYEwyIFAHQFQGYFgGAFwGyFyEKHQgAEhRwdWItMzg0MjE4NzkxNjY4MzExNBi5iagBGAG6FwI4AbIYCRICsV8YASIBANAYAegYAQ&sigh=ZKXUfF2dXNI&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgCa7L7dOZxxHFRqefnmOQMzvs3ub8j8xe7K59DdEbOVT0ji3rRB0adJOVlwdklbEqtRQ1j2mABf7cR87PtMA7FufN2S7nyz1jT1l0D1SRgB&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x22ea7956712fe8ce0000000000000000%22,%222%22:%220xc43900101d30321b0000000000000000%22,%223%22:%220xf4af4c4df6f5a3c0000000000000000%22,%224%22:%220xf8a3ba56aa20bdfd0000000000000000%22,%225%22:%220x1da7298e1cd3fe440000000000000000%22},%22debug_key%22:%2216914739117450840717%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210836211492%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225908192898721154033%22}&andc=true
Request Chain 35
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2NtmGaF
bit.ly/
Redirect Chain
  • http://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E3jX7UdwUvWW16GmiaKN7DcHVh-2FYefuLU6t1rHCf6PRxAFddWq3wATaxSALdDle4XwW5ZbCHmUsSNVFH86...
  • https://notificacion.transfiriendo.com/ls/click?upn=u001.9AiAECw-2FU3-2FEgegTlvydi6dYx6ebH-2BWCMYlXNYY5EUk-3DmPAt_E3jX7UdwUvWW16GmiaKN7DcHVh-2FYefuLU6t1rHCf6PRxAFddWq3wATaxSALdDle4XwW5ZbCHmUsSNVFH8...
  • https://bit.ly/2NtmGaF
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
5ccb72b3c72a675e5c30cfbb57d3695b1fef5b0e47272474c4a9a48c558fec9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
13441
content-type
text/html; charset=utf-8
date
Tue, 31 Dec 2024 05:01:08 GMT
server
nginx
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
45
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Dec 2024 05:01:08 GMT
Location
https://bit.ly/2NtmGaF
Server
nginx
X-Robots-Tag
noindex, nofollow
C9459B50D668CE4ED472E72E9070E570D636D116.css
d1ayxb9ooonjts.cloudfront.net/d/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C9459B50D668CE4ED472E72E9070E570D636D116.css
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
f574f461075b60d457e7b588fb8a224732186ed8076796fd5da82d044a85c42b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

x-amz-cf-pop
JFK52-P6
content-encoding
gzip
etag
W/"ebccdda67e0ae61525be9486f61b1f29"
age
39349
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
EDAepDdZ9GE51cwZ-AZE0TYyHCZY-BSK4IdePxUwaIft94wiKWHIJQ==
date
Mon, 30 Dec 2024 18:05:19 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Wed, 11 Dec 2024 19:28:53 GMT
x-amz-server-side-encryption
AES256
E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

x-amz-cf-pop
JFK52-P6
content-encoding
gzip
etag
W/"d96c63b16075e8837f6429ba3f953f8e"
age
49555
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
IaWyyIBvPZbutpkgzZN8idU-PBklBYl_qLfzvMtZrdj28MNNt1xNFw==
date
Mon, 30 Dec 2024 15:15:13 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:34 GMT
x-amz-server-side-encryption
AES256
C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		136 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

x-amz-cf-pop
JFK52-P6
content-encoding
gzip
etag
W/"c2c9b75f1e7f8f9d78f3bdad7d8d66f3"
age
67195
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KY7yc0NTpWt3pHnwK2V8P1xNFHrXWNeI9XpQhYD2vhjowOkfNWat8A==
date
Mon, 30 Dec 2024 10:21:13 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 17 Sep 2024 14:14:29 GMT
x-amz-server-side-encryption
AES256
A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		574 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

vary
Accept-Encoding
etag
"392ec4a3f2a2e875cdde717f81168686"
age
64245
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
574
x-amz-cf-id
yfO1gTqvYG_vx1Y669PhvF6gQY1OFNT48QQOpvEdeQG_DiI7xVXaOg==
date
Mon, 30 Dec 2024 11:10:23 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

vary
Accept-Encoding
etag
"a6c2aae1b41d9e328c4f8e6c34e3d12c"
age
74416
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
17206
x-amz-cf-id
Pc-9EgcuSow94YoctsPqsL8U4l4V6HJf2s-r9Bspf6vqSgnPiFQYNw==
date
Mon, 30 Dec 2024 08:20:52 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 17:03:54 GMT
server
nginx
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		605 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

vary
Accept-Encoding
etag
"a47dae536e54fe18ffa70c06a225a82a"
age
60358
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
605
x-amz-cf-id
Kgh9SeaCPQEisjpf6u9BuSHBuxEOJPhPP3KyBUGyoyBDXRejkOvwvA==
date
Mon, 30 Dec 2024 12:15:10 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

x-amz-cf-pop
JFK52-P6
content-encoding
gzip
etag
W/"ee83fb0ac337e7aa3f20382a114bc471"
age
76701
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
wEaeKW8W1g4uSenouy3TXU_hLqykiP_kN2ffXKaYAmek7Cz_YoGyxw==
date
Mon, 30 Dec 2024 07:42:47 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption
AES256
7AD8772BD1C47740F140231A2A6797014CE99924.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7AD8772BD1C47740F140231A2A6797014CE99924.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

vary
Accept-Encoding
etag
"c5a3d1eb98ef9c64ea41c8e77d5c82eb"
age
49555
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
711
x-amz-cf-id
GY5snoFZ2sdaSLOOxo97PNFPNsPPX5veH63AO874XYxfD8vBhTqhMg==
date
Mon, 30 Dec 2024 15:15:13 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
server
nginx
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

x-amz-cf-pop
JFK52-P6
content-encoding
gzip
etag
W/"dfac9023ccd5b454f9633062f2a64cb2"
age
81160
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
BPqXZsHcXyQW_k3lkXZTI7ewe6Ms17hBwlaaeeIyhgoFm8wOtsczzg==
date
Mon, 30 Dec 2024 06:28:28 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Tue, 27 Aug 2024 19:02:35 GMT
x-amz-server-side-encryption
AES256
beacon
bit.ly/preview_page/ 		16 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/2NtmGaF

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Tue, 31 Dec 2024 05:01:08 GMT
content-type
application/json
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49b09c73a830ce04d946395631992709102c8eaba70a54b88fa504eb74e5b837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

content-encoding
br
etag
225 / 20088 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 05:01:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 31 Dec 2024 05:01:08 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33933
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

content-encoding
br
etag
5395541545685299795
age
19155
x-content-type-options
nosniff
expires
Tue, 30 Dec 2025 23:41:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 30 Dec 2024 23:41:53 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
34261
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 19:30:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 30 Dec 2024 19:30:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6098 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2NtmGaF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 04:13:02 GMT
expires
Tue, 31 Dec 2024 05:03:02 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1805133675206198&correlator=3145456795868157&eid=31089341%2C83321075&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1735621269050&lmt=1735621269&adxs=179&adys=67&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F2NtmGaF&vis=1&psz=658x429&msz=300x389&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1735621268749&idt=254&prev_scp=cohort%3Dcohort_annonls&adks=3309689787&frm=20&eoidce=1&td=1&egid=54224&tan=d720afac-c094-4580-915e-75ed720c8445&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dca2ce7ce8f7f201921f6c75e74c43dff57c0af629e3720306d4304281a395a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 31 Dec 2024 05:01:10 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://bit.ly
content-length
11578
x-xss-protection
0
server
cafe
container.html
d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2NtmGaF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 05:01:09 GMT
expires
Tue, 31 Dec 2024 05:01:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4a07930d856cd2eead3ed113b0aae5866aa286f79d84fb7e9a01c41318e1891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13349
date
Tue, 31 Dec 2024 05:01:09 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-221.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

vary
Accept-Encoding
etag
"10be1fc63993fd01005c34be73678406"
age
35849
via
1.1 2cb12387b5c8bb91522882a2a1ea1540.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1421
x-amz-cf-id
0zBnmRnq1I-Kw7uJxwrc8PdNmTjfUOtTavn5ITxe4dHx94Lq6P6nAA==
date
Mon, 30 Dec 2024 19:03:40 GMT
content-type
image/png
last-modified
Wed, 10 Jul 2024 17:00:59 GMT
server
nginx
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/2NtmGaF

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 05:01:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 05:01:09 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 64FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2NtmGaF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1153
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 04:41:56 GMT
expires
Tue, 31 Dec 2024 05:31:56 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3AF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tlfbST0cYCa7vM01lGCtwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/2NtmGaF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tlfbST0cYCa7vM01lGCtwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 05:01:09 GMT
expires
Tue, 31 Dec 2024 05:01:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame 3686 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
316175
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 13:11:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 13:11:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3686 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
317049
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 12:57:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 12:57:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3686 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
277972
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 23:48:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 23:48:18 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3686 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
317309
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 12:52:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 12:52:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 3686 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
277972
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 23:48:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 23:48:18 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 3686 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 05:01:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 05:01:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 31 Dec 2024 04:21:25 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ Frame 3686 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0db8e53444be41c965ad270fbffc8cda15759c37e987f875e78a15423b9c600b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3686 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
58269
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 12:50:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Mon, 30 Dec 2024 12:50:01 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3686 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
41035
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 17:37:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Mon, 30 Dec 2024 17:37:15 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
B31086658.397855352;dc_pre=CJyMm4qd0YoDFYZZRwEd2uMagg;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame 3686
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B31086658.397855352;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B31086658.397855352;dc_pre=CJyMm4qd0YoDFYZZRwEd2uMagg;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rd...
42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B31086658.397855352;dc_pre=CJyMm4qd0YoDFYZZRwEd2uMagg;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H3
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 31 Dec 2024 05:01:10 GMT
x-xss-protection
0
content-type
image/gif
attribution-reporting-register-source
{"aggregation_keys":{"628469716":"0x92c527ef2ab30d010000000000000000","628469717":"0x3f09651254b04b980000000000000000","628469718":"0x69f5f6d84b9b3af30000000000000000","628469719":"0xcd390fde9f2d2b9b0000000000000000"},"debug_key":"14676789816853785630","debug_reporting":true,"destination":["https://google.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"2592000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["2507573"]},"max_event_level_reports":2,"priority":"0","source_event_id":"18058734400674161809"}
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B31086658.397855352;dc_pre=CJyMm4qd0YoDFYZZRwEd2uMagg;dc_trk_aid=589661602;dc_trk_cid=217605870;ord=4050076745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 31 Dec 2024 05:01:10 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
/
www.googleadservices.com/pagead/ar-adview/ Frame 3686
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CYof7lXpzZ82DBr-rjvQP64utgAWR74i2fPvHudP_EvW69I32DxABIOGHxKQBYMnGqYvApNgPoAGk7o2vKMgBAeACAKgDAcgDCqoEjgJP0OxU4vzeeSbjM8LRXOpxSGhH2MHFRhCN-c8I...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x22ea7956712fe8ce0000000000000000%22,%222%22:%220xc43900101d30321b0000000000000000%22,%223%22:%220xf4af4c...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x22ea7956712fe8ce0000000000000000%22,%222%22:%220xc43900101d30321b0000000000000000%22,%223%22:%220xf4af4c4df6f5a3c0000000000000000%22,%224%22:%220xf8a3ba56aa20bdfd0000000000000000%22,%225%22:%220x1da7298e1cd3fe440000000000000000%22},%22debug_key%22:%2216914739117450840717%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210836211492%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225908192898721154033%22}&andc=true
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 05:01:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 31 Dec 2024 05:01:10 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x22ea7956712fe8ce0000000000000000","2":"0xc43900101d30321b0000000000000000","3":"0xf4af4c4df6f5a3c0000000000000000","4":"0xf8a3ba56aa20bdfd0000000000000000","5":"0x1da7298e1cd3fe440000000000000000"},"debug_key":"16914739117450840717","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10836211492"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"5908192898721154033"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x22ea7956712fe8ce0000000000000000","2":"0xc43900101d30321b0000000000000000","3":"0xf4af4c4df6f5a3c0000000000000000","4":"0xf8a3ba56aa20bdfd0000000000000000","5":"0x1da7298e1cd3fe440000000000000000"},"debug_key":"16914739117450840717","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10836211492"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"5908192898721154033"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 31 Dec 2024 05:01:10 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
beacon
bit.ly/preview_page/ 		16 B
29 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/2NtmGaF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/2NtmGaF

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Tue, 31 Dec 2024 05:01:10 GMT
content-type
application/json
server
nginx
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame 3686 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bit.ly
Referer
https://fonts.googleapis.com/

Response headers

age
313301
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 13:59:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 13:59:29 GMT
last-modified
Tue, 29 Oct 2024 18:37:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36216
x-xss-protection
0
server
sffe
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3686
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
view
securepubads.g.doubleclick.net/btr/ Frame 3686 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3686 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstexYGXJy4EMZvBdqFLciK_OSjXS-J6XsxJp8Jk_guQ7TBcoUYzAGLpEZZx_LIOI1SaXPO4uAXLs7-b7411F-nFchcTSwfHaNDBtt1OxrZgH2IQQUKK6xesVuaDyEvwRPzkBcU5QM1C5SKfBiSNDA5ayHzBSgGGRnMaqTyDF39UnUur9r2JjSE70z1r6g6tzDmiwR_3YFAX4fu2m2XRFE2As9OUjCqE&sai=AMfl-YT5gltnPBjCaP96L_WFtejb1yMD_imkfr2GN8npA5CipjKJ0BT7saJGM-3QsGr2cXhCLNQ0A6b1VcvYk3Q7iSqkGs5h0aMFkAl-dkD-HUwH3ezPOeg-YdtV-jNaZLj61-RNPBFjCzj3ii_opx8B&sig=Cg0ArKJSzO6aAvZSi2GoEAE&cid=CAQSTgCa7L7dOZxxHFRqefnmOQMzvs3ub8j8xe7K59DdEbOVT0ji3rRB0adJOVlwdklbEqtRQ1j2mABf7cR87PtMA7FufN2S7nyz1jT1l0D1SRgB&id=ampim&o=161,67&d=336,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=210&tls=1211&g=100&h=100&tt=1211&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bit.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 31 Dec 2024 05:01:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1805133675206198&bg=!ubqluvXNAAbtGp3CzRo7ADQBe5WfOAaruhz6NN8YLfQI70_dxSjGMZ3AjB_5cLE01hYMj6379vhfw-zhNT73RUzpRmkgAgAAAF1SAAAABGgBB34ANqrB9-ToSXoI4t1Rkujn6g0aLmMKN1ouBu13jJe8HiReJrIublCNp-Q8kJApcro3bNx5K9iEHQoAnJ6cCksOAhdxojmnLQW-E-1DrYBlUg8qkwDjahxVlRcO8MC3mcOY2A5chyg4jCruIkJccrAnQPG8cSk73wJ4L92UsWxfiO4wLK00Tnx03jzF3iTcxIcG3yrFRDLlbGcxPVsrmn9AyCgbRIysSQNxCf0UQ5_eq9Q8Y6yoRTOiUbyd8ZH9XzFhSe03qz3wRa40RcpZrZ1hgG9wNP2irJkCpgIcMRbKwF0FnPyBPygEMjUxgej77pqRrwE7ectc3aV80iBBjM6UHFO2NZKSV0cksLeBV0aFHxfPmkcB_VyqKe2lwRpMvRSeooFBfpGLIJIE68MR1stMPjCmaJi1mmy-Owif0_zZvi17lTr5qBpTeQCOd35pTDOR5K80IivKT6lMIJPDtrSba0PTepXhi3X1SIg83zWrtfJX5YyZmAOtk5jZ7IDtiAK6ll2fUtS_6Sa24oayqLhXb2Uhw_XtgcFdZMCcMVK1sLR4RMvi3Y2O5_qBShTaD_0ZWWIN5jnWVc-Qnhw8AKWKdb4DnWjzzHoKpeXd7QVA6Y5bY-eqDX7zGrq67Kv7M4JhrFtuITUT6eWGVWmyhmGBL10i9TZL50eEhoo1SPTblPTLPCZTE7Payve4u_wNEhAlVEHHc0RoIw1llP2do9rBOhsSFShipfm1gFjO6G0CDeXyJ3L5pMO0C9mvOiKOH6x8Y1u7cJjREMMlHmaFpLe50jLFDEUUEjVWvBMIwNUNCUUtsI45-fDPFvnD2kuW5DputWEuHBqAF8FxCj1ldOV3fOod-cgjJ0oNm89xccHSvEX-8ms62JwqqeYIsS2YdJcZ7izM4f1nqZ39G42Mbds5qlI9A_QCGC0d3pPDRJRU7Rurszvx3EKS4HLoS7rrZV7viJOvrmpQSOwq-NMw2_jnV_cIuWG-EcBVL5gAM8Jr3xImMGe8uwZJgLpa91uPPldMlvPKu1zQYP7msLhXKenYlhqd5PZAdw7jSk-i8FHNY9lpkqEdLDf5B0P6IGKRowtMXQCOI4likCgtbF-vcfjmxPLecH7HroWkrahJAz0neBs8nxfcI7RwpKwkpJVBqcPJSG21P_qxmvgxlmgYBuotuVk6_dFRbfAEfMRLrw0kGQ
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=CYof7lXpzZ82DBr-rjvQP64utgAWR74i2fPvHudP_EvW69I32DxABIOGHxKQBYMnGqYvApNgPoAGk7o2vKMgBAeACAKgDAcgDCqoEjgJP0OxU4vzeeSbjM8LRXOpxSGhH2MHFRhCN-c8IJpmWzjjTbc9lXRmeEjjPKkcHEoU7Y1252zModyrbW3oNV_6JlIvtSDS5XmxhTPvdJR8qupqi_M-M8iCTNzwjEOTHrfiQBnyv5rJkW0N9lDNt3iszqwWpY6IZcr_SnnNyzXWC-bh9kawDJ_s3bkxiK6qmdgK2DRMCFUPIK_Ct-6CDJ8MLLD2IN6Ckuo6ATrF9Y8NfLbw4W5Jja-GM7VI7OW20JxfIiwVesFJdJL5DWp5KrWaWX9Xc6qERs-cqzWbYqIG393-wMDD6740izpWFXkRKg3bBEF5Ps9IMIGMZeBm4UsOjMu7grbJ4mqS04uLDBn7ABInv7pLvBOAEAYgFopDd2k-SBQQIBBgBkgUECAUYBIAHt5rOLKgH1ckbqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQupkk0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpY3_rUiZ3RigOaCdMBaHR0cHM6Ly9jbG91ZC5nb29nbGUuY29tL2FwaXM_dXRtX3NvdXJjZT1nZG4mdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1uYS1VUy1hbGwtZW4tZHItc21hcnQtYWxsLXRyaWFsLW5vbmUtZ2RuLTE3MDc1NTQmdXRtX2NvbnRlbnQ9cmRhJnV0bV90ZXJtPS17Z2NsaWR9fjE2NzI3NDg1NDI4MX5-MjEzOTY2NzA0OTh-NzAzMzQwNjk3MzM4JmdhZF9zb3VyY2U9NYAKA8gLAdoMEQoLENCYjt_i-oac0AESAgED4g0TCJam1Ymd0YoDFb-Vgwgd60ULUOoNEwi86NWJndGKAxW_lYMIHetFC1DYEwyIFAHQFQGYFgGAFwGyFyEKHQgAEhRwdWItMzg0MjE4NzkxNjY4MzExNBi5iagBGAG6FwI4AbIYCRICsV8YASIBANAYAegYAQ&sigh=ZKXUfF2dXNI&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTgCa7L7dOZxxHFRqefnmOQMzvs3ub8j8xe7K59DdEbOVT0ji3rRB0adJOVlwdklbEqtRQ1j2mABf7cR87PtMA7FufN2S7nyz1jT1l0D1SRgB&ibtr=1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| sendBeacon object| seenActions object| now object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

10 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: obv518-11c148977bbbeaea76-00e
.bit.ly/ Name: __gads
Value: ID=3ee8c29972fe4e0a:T=1735621269:RT=1735621269:S=ALNI_MZn6DtOSPZEoI3nect5_ZF5fmDEYw
.bit.ly/ Name: __gpi
Value: UID=00000fb3bdca7cee:T=1735621269:RT=1735621269:S=ALNI_MZNHzkaxY5KEzZMY6AF4K2ckj4cXg
.bit.ly/ Name: __eoi
Value: ID=66238d97d5b9a2ff:T=1735621269:RT=1735621269:S=AA-AfjbGXnBG-w6bvVnNVddep18K
.doubleclick.net/ Name: IDE
Value: AHWqTUlZXstW-sX6jR0PmPc0cYIsPJx6a3MxjwpUYPc4B_oXHtO1rbYzrFvpqfoYPWg
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi4vWYcE1r3A5KloqTsLa_mZLOjGOdmqo_jJVoeCjgZScjP4IA
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bit.ly
cdn.ampproject.org
d1ayxb9ooonjts.cloudfront.net
d1cf41a9b4522b5b3bcd1dcf0e02c266.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
notificacion.transfiriendo.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
ep1.adtrafficquality.google
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
142.250.80.98
142.250.81.230
167.89.115.52
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2002
3.168.96.221
67.199.248.10
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
0db8e53444be41c965ad270fbffc8cda15759c37e987f875e78a15423b9c600b
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b
49b09c73a830ce04d946395631992709102c8eaba70a54b88fa504eb74e5b837
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
5ccb72b3c72a675e5c30cfbb57d3695b1fef5b0e47272474c4a9a48c558fec9d
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4
d4a07930d856cd2eead3ed113b0aae5866aa286f79d84fb7e9a01c41318e1891
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619
dca2ce7ce8f7f201921f6c75e74c43dff57c0af629e3720306d4304281a395a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1
f574f461075b60d457e7b588fb8a224732186ed8076796fd5da82d044a85c42b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99