bit.ly Open in urlscan Pro
67.199.248.11  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 3Bgd5RB Show response bit.ly/	12 KB 13 KB	140ms 74ms	Document text/html	67.199.248.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS bit.ly Software nginx / Resource Hash 072ab25516e7bd31b8b5c7f656454e9a491802659f2ad98ed5d9597eba3fd489 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=90 content-length 12755 content-type text/html; charset=utf-8 date Tue, 10 Dec 2024 08:32:11 GMT server nginx via 1.1 google
GET H2	200	933BBDEF11BD8CA4E14595EC76E71C17F60131BE.css d1ayxb9ooonjts.cloudfront.net/d/	12 KB 3 KB	120ms 36ms	Stylesheet text/css	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ayxb9ooonjts.cloudfront.net/d/933BBDEF11BD8CA4E14595EC76E71C17F60131BE.css Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 6924d04214e23381ff11abbff17ee30b90f9087a8ae30b2d9664409a1becc94f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers x-amz-cf-pop IAD61-P3 content-encoding gzip etag W/"544a9359c2ca2a1195c9be9b7f1f5fd0" age 62316 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id rsUZveM67lQJMY_ir5j2stkYezMv_hx-UQ2dx4LG1aGrnersxF8Dmg== date Mon, 09 Dec 2024 15:13:35 GMT content-type text/css; charset=utf-8 vary Accept-Encoding server nginx last-modified Wed, 30 Oct 2024 18:52:30 GMT x-amz-server-side-encryption AES256
GET H2	200	E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg d1ayxb9ooonjts.cloudfront.net/d/	5 KB 3 KB	121ms 37ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/E716B6F26A66BBAEF022AD3D60349CB2152D3FBE.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers x-amz-cf-pop IAD61-P3 content-encoding gzip etag W/"d96c63b16075e8837f6429ba3f953f8e" age 69592 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id zuF00GSjyTLupiPgM3O3dcuncAhxbPzodZx_w9EmTV9o2P66jJ-gDw== date Mon, 09 Dec 2024 13:12:18 GMT content-type image/svg+xml vary Accept-Encoding server nginx last-modified Tue, 27 Aug 2024 19:02:34 GMT x-amz-server-side-encryption AES256
GET H2	200	C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg d1ayxb9ooonjts.cloudfront.net/d/	136 KB 62 KB	129ms 45ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/C5F6F6EF5C67BE2C8F62F369186C92A0BBCE05E1.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers x-amz-cf-pop IAD61-P3 content-encoding gzip etag W/"c2c9b75f1e7f8f9d78f3bdad7d8d66f3" age 7621 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id DUMnuVRHqPjFGtkHgo8djaQM_78X8ONqo-4r8KuPx8mI8juS-GVygQ== date Tue, 10 Dec 2024 07:37:17 GMT content-type image/svg+xml vary Accept-Encoding server nginx last-modified Tue, 17 Sep 2024 14:14:29 GMT x-amz-server-side-encryption AES256
GET H2	200	A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg d1ayxb9ooonjts.cloudfront.net/d/	574 B 937 B	40ms 39ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/A80E1EC0ADE0D3D2D85DEDC41BC3390A09183734.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers vary Accept-Encoding etag "392ec4a3f2a2e875cdde717f81168686" age 83862 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 574 x-amz-cf-id JVut3XYG2OogFv-vzjV5bL_mo0Bg37zEhCQWhZW-w9NjfWtzOf9s_g== date Mon, 09 Dec 2024 09:14:29 GMT content-type image/svg+xml last-modified Tue, 27 Aug 2024 19:02:35 GMT server nginx x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp d1ayxb9ooonjts.cloudfront.net/d/	17 KB 17 KB	46ms 41ms	Image image/webp	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers vary Accept-Encoding etag "a6c2aae1b41d9e328c4f8e6c34e3d12c" age 59391 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 17206 x-amz-cf-id qJ-aswvvKJZdUxy9i3yqVRWY6Be3kM040EZxrK7eeONST544Jhitrw== date Mon, 09 Dec 2024 16:02:20 GMT content-type image/webp last-modified Wed, 11 Sep 2024 17:03:54 GMT server nginx x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg d1ayxb9ooonjts.cloudfront.net/d/	605 B 968 B	47ms 42ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/716B7C5AED6F8EE92E2EFBFEEFDCA112010264F4.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers vary Accept-Encoding etag "a47dae536e54fe18ffa70c06a225a82a" age 83853 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 605 x-amz-cf-id B3NTe-mUGtla9qYJAkvgVBP7RQ8vVTiBIl_1NOBorRkcCpsFRI2rKQ== date Mon, 09 Dec 2024 09:14:38 GMT content-type image/svg+xml last-modified Tue, 27 Aug 2024 19:02:35 GMT server nginx x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg d1ayxb9ooonjts.cloudfront.net/d/	3 KB 2 KB	47ms 43ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/86FCD201EC0B15255F54D03EA0F6D6CC0DE44D70.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers x-amz-cf-pop IAD61-P3 content-encoding gzip etag W/"ee83fb0ac337e7aa3f20382a114bc471" age 2992 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id BTXRi1LvvVbGYPMKc52lJTcx0f1qvH6xL19tx9Evnf64I6PX0g4n9Q== date Tue, 10 Dec 2024 07:42:19 GMT content-type image/svg+xml vary Accept-Encoding server nginx last-modified Tue, 27 Aug 2024 19:02:35 GMT x-amz-server-side-encryption AES256
GET H2	200	7AD8772BD1C47740F140231A2A6797014CE99924.svg d1ayxb9ooonjts.cloudfront.net/d/	711 B 1 KB	49ms 45ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/7AD8772BD1C47740F140231A2A6797014CE99924.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers vary Accept-Encoding etag "c5a3d1eb98ef9c64ea41c8e77d5c82eb" age 52210 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 711 x-amz-cf-id phmY6WxSuot_Uu74qEeee0R1Tcp3IU__PEio0f0iZlQXb1bjelPLBg== date Mon, 09 Dec 2024 18:02:04 GMT content-type image/svg+xml last-modified Tue, 27 Aug 2024 19:02:35 GMT server nginx x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg d1ayxb9ooonjts.cloudfront.net/d/	1 KB 926 B	47ms 44ms	Image image/svg+xml	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/CDB42D1F6E7A347BF4B6F8FDBDBFB2B9CF1B9FCA.svg Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers x-amz-cf-pop IAD61-P3 content-encoding gzip etag W/"dfac9023ccd5b454f9633062f2a64cb2" age 12280 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id -yuTMBlBAgh_rUWP8W2f4yOky6rAyuZmd0Gav0CT9PcALqXp83Fpxw== date Tue, 10 Dec 2024 05:07:31 GMT content-type image/svg+xml vary Accept-Encoding server nginx last-modified Tue, 27 Aug 2024 19:02:35 GMT x-amz-server-side-encryption AES256
POST H2	200	beacon bit.ly/preview_page/	16 B 80 B	52ms 47ms	Ping application/json	67.199.248.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bit.ly/preview_page/beacon Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS bit.ly Software nginx / Resource Hash fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Referer https://bit.ly/3Bgd5RB Response headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 date Tue, 10 Dec 2024 08:32:11 GMT content-type application/json server nginx
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	107 KB 33 KB	125ms 54ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 8e04248cf985bb503a0f0032fa52872109fcc9cfa28f8644f30fce8d4ed3a521 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers content-encoding br etag 279 / 20067 / 31089265 / config-hash: 1629174320097636998 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 10 Dec 2024 08:32:11 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 34048 x-xss-protection 0 server cafe
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/	496 KB 154 KB	38ms 37ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers content-encoding br etag 2279107579115022503 age 14774 x-content-type-options nosniff expires Wed, 10 Dec 2025 04:25:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 10 Dec 2024 04:25:57 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 157504 x-xss-protection 0 server cafe
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/	63 KB 22 KB	38ms 37ms	Other text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 4443559573512225521 age 30160 x-content-type-options nosniff expires Wed, 11 Dec 2024 00:09:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 10 Dec 2024 00:09:31 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=86400, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 22952 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202412050101"
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame 4AB4	0 0	111ms 38ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/3Bgd5RB Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 2141 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 29117 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 10 Dec 2024 07:56:30 GMT expires Tue, 10 Dec 2024 08:46:30 GMT last-modified Mon, 09 Dec 2024 20:44:42 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	51 KB 4 KB	629ms 628ms	Fetch text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1183473206153923&correlator=3447799560952830&eid=31086814%2C31089352%2C31089265%2C31088252&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_indonesia_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733819531685&lmt=1733819531&adxs=179&adys=67&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F3Bgd5RB&vis=1&psz=658x405&msz=300x365&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733819531216&idt=422&prev_scp=cohort%3Dcohort_indo&adks=1195252124&frm=20&eoidce=1&td=1&egid=55458&tan=9afb9070-acc3-44d9-bb75-63b9876e4f05&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 9a95c4e603019f9cf3c12f6af645816aabddc2855cc0f7a4d7a95c39afdd970d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers content-encoding dcb google-lineitem-id 6771137968 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 10 Dec 2024 08:32:12 GMT content-type text/plain; charset=UTF-8 google-creative-id 138493383954 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://bit.ly content-length 4229 x-xss-protection 0 server cafe
GET H2	200	container.html 76a99f78601995443d3ae6ba9595a85b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E141	0 0	138ms 39ms	Document text/html	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://76a99f78601995443d3ae6ba9595a85b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/3Bgd5RB Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 10 Dec 2024 08:32:11 GMT expires Tue, 10 Dec 2024 08:32:11 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	95ms 54ms	XHR application/json	64.233.180.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412050101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.180.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS on-in-f156.1e100.net Software cafe / Resource Hash 61592df7f8dfb5282f7f3357ea93c050069ef09107a294a1466122bc0cab225d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13292 date Tue, 10 Dec 2024 08:32:11 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png d1ayxb9ooonjts.cloudfront.net/d/	1 KB 2 KB	36ms 36ms	Other image/png	3.162.130.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.130.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-130-106.iad61.r.cloudfront.net Software nginx / Resource Hash 3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers vary Accept-Encoding etag "10be1fc63993fd01005c34be73678406" age 7452 via 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 1421 x-amz-cf-id 3598hp3G_jvy1UW5Ibtb8UmIOlFFV4Ly6TwNqedf2C0vlRfON3BwFQ== date Tue, 10 Dec 2024 08:18:30 GMT content-type image/png last-modified Wed, 10 Jul 2024 17:00:59 GMT server nginx x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	18 KB 7 KB	113ms 38ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers content-encoding gzip etag "1727224258380615" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Tue, 10 Dec 2024 08:32:12 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 10 Dec 2024 08:32:12 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 6445 x-xss-protection 0 server sffe
GET H2	200	runner.html ep2.adtrafficquality.google/sodar/sodar2/232/ Frame F756	0 0	107ms 36ms	Document text/html	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/3Bgd5RB Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1480 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 10 Dec 2024 08:07:32 GMT expires Tue, 10 Dec 2024 08:57:32 GMT last-modified Mon, 23 Sep 2024 18:12:21 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame ABA2	0 0	125ms 51ms	Document text/html	142.251.163.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.147 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f147.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IIvVvI8RBH-zw-fq83nQXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/3Bgd5RB Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-IIvVvI8RBH-zw-fq83nQXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Tue, 10 Dec 2024 08:32:12 GMT expires Tue, 10 Dec 2024 08:32:12 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame B690	0 0	65ms 64ms	Fetch image/gif	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbjeelqYJR5ESX-fbDKlz8q_CrrP23FuoCmGl2Iwm07YPodQDKFMrW7zoI_j5dPdkFdXaQzg2lgGNvwquyba87bQ5qrJVZCYIECBnAL5dt0cZvYSkK3YhDLmwrLw3AzrGgrVNzXpQVnjHNT81maOJmOq0vR_LYdZ75WkUHnQKPOkAES2gw-eboVuvkJCloNFfx0lWxyBk0-k3fFwsKzq2lfTaWR5GkwDRYZDqpsi8Oo3bu9XusjaI0kIaWzq0aOvC4d6PQw6yiibBjnJLkj6-KH8yJlXcp-OBCVlst8RDRJ_PQiBvbbaJ85N0QXzxF7HSl1dIvRQn-fRFCotSdFSGxwvNmcANv_s5Xpin7Lm8MDLj4mcAX7oB2v0guHhKq1aad3HnSVm0Xbo3zAEvvAzC6Wdxb8jgX_7-00qoO616nLQHJyFkdbxCWsjNqFQMJ982pO9e7VdM&sai=AMfl-YQS2cPkcb7V3kGEnNVBwN9zbjF5JUT7MKbQlgtgxxUgXheAADPGFF3exRktvDQ1HhcUNC3B55Rtw5fK9cP9OARX635RnzTA7CRjgnOcHh0G5BaX883F8w5WHNaM4qIS_mgA4rO6aqSs8g2ATckX&sig=Cg0ArKJSzKCaZZGxskLwEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Tue, 10 Dec 2024 08:32:12 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Tue, 10 Dec 2024 08:32:12 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20241205/r20110914/client/ Frame B690	3 KB 1 KB	196ms 119ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20241205/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers content-encoding br etag 6567774568227038691 age 33338 x-content-type-options nosniff expires Mon, 23 Dec 2024 23:16:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 09 Dec 2024 23:16:34 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 1234 x-xss-protection 0 server cafe
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B690	218 KB 67 KB	110ms 37ms	Script text/javascript	142.251.167.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f156.1e100.net Software cafe / Resource Hash af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers content-encoding br etag 15965780714114583650 age 1923 x-content-type-options nosniff expires Tue, 10 Dec 2024 09:00:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Tue, 10 Dec 2024 08:00:09 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 69026 x-xss-protection 0 server cafe
GET H2	200	3208474221859090577 tpc.googlesyndication.com/simgad/ Frame B690	102 KB 103 KB	111ms 37ms	Image image/png	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3208474221859090577 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js?cb=31089265 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 612aa0eb852b57fa207fac2cd20d6770e371cfcb6bf32b02f134e29489fc1579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers age 395842 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 18:34:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Thu, 05 Dec 2024 18:34:50 GMT last-modified Fri, 18 Oct 2024 14:38:45 GMT content-type image/png cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 104392 x-xss-protection 0 server sffe
POST H3	200	beacon bit.ly/preview_page/	16 B 29 B	46ms 45ms	Ping application/json	67.199.248.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bit.ly/preview_page/beacon Requested by Host: bit.ly URL: https://bit.ly/3Bgd5RB Protocol H3 Security QUIC, , AES_128_GCM Server 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS bit.ly Software nginx / Resource Hash fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Referer https://bit.ly/3Bgd5RB Response headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 date Tue, 10 Dec 2024 08:32:12 GMT content-type application/json server nginx
GET DATA	200 OK	truncated / Frame B690	220 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3d7109f9f8204906e164809e9bb336e35c3efb49bc82f7425b864e857a91310a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B690	0 0	48ms 46ms	Fetch image/gif	142.251.167.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 10 Dec 2024 08:32:12 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame B690	0 0	64ms 64ms	Fetch image/gif	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYFR9qtUa6NBrhPAGIfGqfeFN9avH4ESaLiK8lsYhSQB9rvQCU6hNMM1bABVLEYEmuaAn1BHAWMUCpW2keqnvxaCNc6AK_va_TPnAwIH80gevvOAwcFa2TUT6KbeRDXbGtPIVBk5_bHThmVzSFrA7QGocDRcDJenNFn0F10NeEX2N5GRjrdQlWF6EnST10BZYv-M-kKtIJL_fVrdXe4_advdKc_l9zmWjmiayswRhQ5u5P9gBTakOx-any-pV72X4rFH5pQeTqj7H6WpKqj6_6Q1dFfmQ2yXroMSSdcGbHF6UP2LtDc7c5f0HtJmuqNtKWtbpjynKRHO15r-ocR_wfEqeS9qqCQL_9vIPed6Igc9hWD3-jV2xlgbHvOmHlupzu9O3VqTj3ybD59V8Ybcd2_F4abghbwEClMMa2iqmCQS4Aem7Ar7R0ZGmyLrJBLKli4lLW9b4XwA&sai=AMfl-YQZYvJG5AyOfY-UT67LrG-HhCmMCzE2xq_D7XBisex8gDET-WvnUc76L71LsMu6EYyEuGYw_Pvjg5COqy27Jh_Q6FxDYRPU4vsYsYkaQi19jZIotLQV8bXd1QADyuZQ7ndkzKACr7O8TiyaVFMW&sig=Cg0ArKJSzJ0tnZ42MsTzEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Tue, 10 Dec 2024 08:32:12 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Tue, 10 Dec 2024 08:32:12 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B690	0 0	45ms 45ms	Fetch image/gif	142.251.167.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 10 Dec 2024 08:32:12 GMT x-xss-protection 0 content-type image/gif server cafe
GET		sodar ep1.adtrafficquality.google/pagead/	0 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B690	42 B 65 B	49ms 48ms	Fetch image/gif	142.251.167.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu58ImYtxYr5QOwHPX8Zym8veWc1uSNSpcSRugyPeYkw2VTLksEfmksVWnLw1Hsa9a9CU4cSK0PoXD4ALI8UdWcqUMe8h2fa2zXkB5TSYvZRGYg11BNXET8yyiJko15itjtYcehFLJq0xK5cs7qVrvN7_H3ZwG2CuB6EPZ1l39B1CX-TEjuMhG--sKNN8iglivCsg&sig=Cg0ArKJSzKG7jQO42cPwEAE&id=lidar2&mcvt=1000&p=67,179,667,479&tm=1012.7999992370605&tu=12.700000762939453&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1195252124&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2975233200&rst=1733819532362&rpt=224&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://bit.ly/3Bgd5RB Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 10 Dec 2024 08:32:13 GMT x-xss-protection 0 content-type image/gif server cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412050101&jk=1183473206153923&bg=!jo2ljcLNAAbFeMsx5Xg7ADQBe5WfOIcJQXMEoZR11WM3bZtItqUHfgCeqLtPhlI_55YUa2uc48xC0Bb_U8roRS62IqYyAgAAAEtSAAAAA2gBB34ANlbKZ7PTv-kqZhnXW2c9lZiD0rz5MQOJjMYPdN5KVrb3mSuEfg4zAQGrVuODWaXRuK4FpdlhSQoAtTegVPVizd1CCzJX3Yr0nSMdGIV9vZEkW28hc02gfaw7aEiuAZzVR4NwFQWUhGWL-EqgS0ll09J43Q8TXZd6RO_LdaAhi7MubNpYx0NCrMGoepewLSotkTTrKH113ETVEnDytEIUCQqL8nxt4xpU3s18lT575TIAmdFSCR4Agil-dxL9S2qdoguPRYBgrXHRRePGSxou6vk3T8GE6OGBHb0Kx8eU9cs351Ky7_sqJHUiQYOu9UCZAoXVMHJLNwCN9ohxNKO52DMqnEpNMloE-MHDEG4TyRG7Mgq02Yerebg7uzN66p4Qfi1WrifdB_MFRnUCDMwrMOnkLJO7NbF_M7VqmBak9uKyYAQGIXHvS53ECzyPq4jMec_vn4ToOHAtJF2JsRsfHAAU2-3zUbyFTgicC199163z5vQ2ibiQwen92DBLTH2_ZOUPpCVGX4r3V3sllo--8Uxl7-8nu545CQFcMqwLFRuql73ABInCebHAxBscjAlPyXph9twAh1y7G5KrSxvxIdDu9m5btCs-HoYE65Dyq1XwXFTExfajp4zyO-lIzDBCn7K2GmvIszn9ujndZObeWAAXjkSFCuYvKf9tRxoViM-1mdLenw90KtEdW_O383lRSuADd52LdjKV8dYyj-aaX7Y2O0eMtEBpo7WpiOFxcHdxJ-i67j8glCtos6gGXtfGbDSJqxJ0xbJblMrxZradgexbbZVYUWgCk4zqjxDNw-ugeEbrGRB88XVWpgAQoYptxBI49-6D3_MQu4Ve4WO-g_xkh57jBA3_MFgRixLYAdTevdBOa8ObkKaTQbLfxTvO396VcZCR5-tV0uxd5OwcpOFO3rbq6j0xHP1Zcfe889VViEruGk0frIEH2of_HNyxTxkouHRPztDF_EdA9DUmexArF46WBjp_7oZCJ7q3WLC_DgMHnqMzY3qPu4w9O0gRs58b5PFmPGmT7vsrTTzJbGGlBVHre5b0DP0HBMJUzQ-Ap0BXveW-6qdlq2Qw5UKFY9oub8Ay7ytuTvORlYXa5467smLw6wEEatN3MErIVj8LFxbRusb5WLh7ljFSlLtg9wCCDenwFUI3iIqPh4fmCt5d7a3092g

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| sendBeacon object| seenActions object| now object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-21 05:56:11	Name: _bit Value: oba8wb-4f8fb01642107a279c-00W
			.bit.ly/	1970-01-21 10:58:35	Name: __gads Value: ID=7d7cde9b46a28d1c:T=1733819531:RT=1733819531:S=ALNI_MYhv5h8Lea2mHLAxS2f_59SEU24jw
			.bit.ly/	1970-01-21 10:58:35	Name: __gpi Value: UID=00000fae1f90f676:T=1733819531:RT=1733819531:S=ALNI_MYRRTF_LqZJHznY-BUlVcJK2VjNcg
			.bit.ly/	1970-01-21 05:56:11	Name: __eoi Value: ID=27d7f0df8a12c9bc:T=1733819531:RT=1733819531:S=AA-AfjaGkxBONAkn6BetBlEJvHkZ
			.doubleclick.net/	1970-01-21 11:12:59	Name: IDE Value: AHWqTUkQXyqqbY6iGG5ALI4OoBklaCkohhd4B07L2TYLN9CFEryzug29YI4F5My68OI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76a99f78601995443d3ae6ba9595a85b.safeframe.googlesyndication.com
bit.ly
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
142.251.16.156
142.251.16.157
142.251.163.132
142.251.163.147
142.251.167.132
142.251.167.156
3.162.130.106
64.233.180.156
67.199.248.11
072ab25516e7bd31b8b5c7f656454e9a491802659f2ad98ed5d9597eba3fd489
32a18081271852b129135b7dd430bdfe0a5ca79ef4cfc1b7e8ee7907fc7cfde0
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b
3d7109f9f8204906e164809e9bb336e35c3efb49bc82f7425b864e857a91310a
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
612aa0eb852b57fa207fac2cd20d6770e371cfcb6bf32b02f134e29489fc1579
61592df7f8dfb5282f7f3357ea93c050069ef09107a294a1466122bc0cab225d
65d0c6d5c50da17b51c63e11e9883460d5f5038f24a5a290d586c9d8ef7e83f6
6924d04214e23381ff11abbff17ee30b90f9087a8ae30b2d9664409a1becc94f
8bb7c5fa6fe6a16d6bfe145393d50e30ca5875fc1a6a8c266f0f2b7710a2162c
8e04248cf985bb503a0f0032fa52872109fcc9cfa28f8644f30fce8d4ed3a521
92c97f8b380e1e89e305512f4c6946fa3c9382a9c7b902355d96a7fdc4da8930
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
9a95c4e603019f9cf3c12f6af645816aabddc2855cc0f7a4d7a95c39afdd970d
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
c9550c4b1420882fefd4a1e62bdefba2989e7b285f851b7d7b5af4b647cf88b4
d7230e0fc444c64d1e9d04c07dde0d702c63ac71525fa32aaabb3e930b283619
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4701f45a9674e2f88d5b07406d65eed17ec16ef6b9061bed0bfca6ca989bde1
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99