bit.ly
67.199.248.11 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/4kk8FuJ 13yr old
Effective URL:
https://bit.ly/4kk8FuJ 13yr old
Submission: On May 27 via api (May 27th 2025, 3:21:21 am UTC) from NZ — Scanned from NZ

Summary HTTP 37 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 37 HTTP transactions. The main IP is 67.199.248.11, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 6471. 13yr old
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 26th 2025. Valid for: 1yr.

This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	18.67.108.144 18.67.108.144	16509 (AMAZON-02) (AMAZON-02)
1	108.158.20.36 108.158.20.36	16509 (AMAZON-02) (AMAZON-02)
15	142.251.221.66 142.251.221.66	15169 (GOOGLE) (GOOGLE)
1	172.217.167.65 172.217.167.65	15169 (GOOGLE) (GOOGLE)
2	142.250.176.1 142.250.176.1	15169 (GOOGLE) (GOOGLE)
1	142.250.157.156 142.250.157.156	15169 (GOOGLE) (GOOGLE)
3	172.217.167.97 172.217.167.97	15169 (GOOGLE) (GOOGLE)
1	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
37	10

3 67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 18.67.108.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-108-144.syd62.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 108.158.20.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-36.syd62.r.cloudfront.net

cdn6.ep.dynamics.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

15 142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.167.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f1.1e100.net

21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.176.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s51-in-f1.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.157.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f156.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com 21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com 1yr old tpc.googlesyndication.com — Cisco Umbrella Rank: 220 13yr old pagead2.googlesyndication.com — Cisco Umbrella Rank: 151 9yr old	101 KB
9	cloudfront.net d1ayxb9ooonjts.cloudfront.net 9yr old	28 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 9yr old	259 KB
4	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 473 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 478 2yr old	26 KB
3	bit.ly bit.ly — Cisco Umbrella Rank: 6471 13yr old	19 KB
1	google.com www.google.com — Cisco Umbrella Rank: 9 56yr old	567 B
1	dynamics.net cdn6.ep.dynamics.net 8yr old	770 KB
37	7

	Domain	Requested by
9	d1ayxb9ooonjts.cloudfront.net	bit.ly
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com ep2.adtrafficquality.google
7	securepubads.g.doubleclick.net	bit.ly securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	bit.ly	bit.ly
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn6.ep.dynamics.net	bit.ly
37	10

This site contains links to these domains. Also see Links.

Domain
bitly.com
rwsandringham.co.nz
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
bit.ly DigiCert EV RSA CA G2	`2025-03-26` - `2026-03-25`	1yr	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2025-05-05` - `2026-04-23`	1yr	crt.sh
*.ep.dynamics.net Amazon RSA 2048 M03	`2024-11-09` - `2025-12-08`	1yr	crt.sh
*.g.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
tpc.googlesyndication.com WE2	`2025-05-12` - `2025-08-04`	3mo	crt.sh
adtrafficquality.google WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.google.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/4kk8FuJ
Frame ID: C146D69B33CC5D55BF3EBB5F4745F573
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: FC615589F053F7FF5810DAFC01D6E734
Requests: 1 HTTP requests in this frame

Frame: https://21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: D71BB1B353C7DE7993A58C9774E7D7B1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRTgO4lnMFaZs7y5uNariX70KGQkrgqp9HQZQJWxiSqZsVLMcLMdx2MdR88DyPmH3VFJ3reEOct7lF3j28qnBzhhfVx4LO65ab_pb2DzvsXZpPi7kRmuL7pVCLSg6OQQjzZRSp3KM8KZJK5U_wUqVph_8w1Noxo0lDLmkNQrGEd8Rk8bm5PvrDPiJYb-QJz2pjqb4vDGh5KQebg5JWCtkWEA86cYelmGQVn8V9osN4UKJN41AHuhqTFILRWo8rTbh8OLjZNklkFDBhsaEmcdFuvsMmQtZUl7m0Gp8UHdyBDx71rvq32Ev-hn2mXrf0AhYmuI7fpm_rFygPUmoO7i0oqv-MKW1aJ9h-WVqKrTSH_l-64QUR9cWN2WMMvWMf-4Rx0X8AZlR9SscWGEyeXiGW70fgvTpPgKYsvnc-tyMi_IOBP9OqdfdCz40sTS1O_d-_2wSplsGg&sai=AMfl-YQxXIpWBYxc-8m26y0Qcyws9ChtVmCV5T43T3elq6PPrMGxZmqTybEj62oskdr7gVp3iHvsmJpAVWjpNXn33jh-eVlu9VXYY6UQxL7t2WC91c_P4oK7cCOkoGefy4M4hF_TBlzprVmh8D90cgHFVw&sig=Cg0ArKJSzFHD8WahaDNrEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 2C1D77C366B82BE386E2AC2C2F4B7805
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: A07CEAE52396D3C56D118990C3E12A4F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9446883CE07AF1327A2F1D31EFFAE86E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | bit.ly/4kk8FuJ

Page URL History Show full URLs

http://bit.ly/4kk8FuJ HTTP 307
https://bit.ly/4kk8FuJ Page URL

Detected technologies

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

37
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

1204 kB
Transfer

2029 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://bitly.com/?utm_source=Bitly&utm_medium=referral&utm_campaign=preview_page

Search URL Search Domain Scan URL

URL: https://rwsandringham.co.nz/properties/residential-for-sale/auckland-city/sandringham-1025/townhouse/3247803
Title: rwsandringham.co.nz/properties/residential-for-sale/auckland-city/sandringham-1025/townhouse/3247803

Search URL Search Domain Scan URL

URL: https://x.com/bitly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitly/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitly/mycompany/

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsuYGrusUct9w1zTzcyBsxRtTsrRkJFhjXdKqnXXkJvjMUKHx8Dx01nvKgNe-pEYi7g1ybxjzjG4nLsZlaVyxPUvngJpJDn6zkJl6KQMIUf5Ykvc7vBRCxdWxQjH80HDtvRaW2nSqbFqnvEJAp6stkBPz0sfl-DyrZMLg1TTJ2zGwQp1YPHwG8FnfZvicQdSQNeJFI4GYhTht6ec73yNWuxxRfUzdYnCtuOV8C6AqcC3jUJO7W0dJqELPejvd7UqTRFYjCQgMIQ7RxXMFhTt7VG0bpwsiI3KyGfl0vWaMh82DSrIC6BzdMV3nQbzCQtXlllcq7DWlMgjao1h2rXbC6WPTVXq1psvnlbV1upce1jtR4Ndu_LYBTawRfvg1H4SaLcM8UyfvTbfWCEtJeRykhepRWW8QpJi7uJ3SdNpQQyhcT2zMLaUPnoS&sai=AMfl-YQ5FO7MZScbzKafhGjOoG9xmwkfs-3DfTLRA9s3XQuCsCFO4ZB6z0UL02slHVW5LTiyTgyK5upvw-ZhSFPn_O8XtnRrIZB8477R8zo1Pbs780pwTz4tZKOmCo2XjIiIvDzkJjwuWun7DYAoPILF-Q&sig=Cg0ArKJSzP-b1Y3hO965&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://bitly.com/%3Futm_source%3Dpreview_page%26utm_tag%3Dhouse_ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/4kk8FuJ HTTP 307
https://bit.ly/4kk8FuJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4kk8FuJ Show response
bit.ly/
Redirect Chain

http://bit.ly/4kk8FuJ
https://bit.ly/4kk8FuJ

19 KB
19 KB

515ms
327ms

Document
text/html

67.199.248.11
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: 29a13428f89d986a9f8dc20a15066dd20522cf011fc1d075cee9b78a61359013

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 19210
content-type: text/html; charset=utf-8
date: Tue, 27 May 2025 14:25:05 GMT
server: nginx
via: 1.1 google

Redirect headers

Location: https://bit.ly/4kk8FuJ
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 3BC92D5AD55132EE1A8216E94D482D88E73D53A5.css
d1ayxb9ooonjts.cloudfront.net/d/ 11 KB
3 KB 291ms
105ms Stylesheet
text/css 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/3BC92D5AD55132EE1A8216E94D482D88E73D53A5.css
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: aea18751d1237bfbdc12b9980842a50a5120430672cf4e2b39ae82dd4c0da039

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"5a31d31a69ba966ce77f283cc98464b1"
age: 52011
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: yrVb1dHnSJQqWASTy_BCsdBWoGFO8dPo8tgj03vcMvNCbXQi1RqIgg==
date: Mon, 26 May 2025 23:58:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Thu, 15 May 2025 19:25:05 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
d1ayxb9ooonjts.cloudfront.net/d/ 3 KB
2 KB 290ms
106ms Image
image/svg+xml 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"f8bbacdf5ce2e98b14f9fef2a8a86085"
age: 82458
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: yS0bJ755HfmIJeNGZ7MElI-sLbxcY6S9BdPKyMZdJv-8tXoDWyfkpQ==
date: Mon, 26 May 2025 15:30:47 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
d1ayxb9ooonjts.cloudfront.net/d/ 362 B
709 B 324ms
140ms Image
image/svg+xml 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

etag: "636eb2721b75f46b2f61790d3b627d70"
age: 85919
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 362
x-amz-cf-id: z3gYGEuSkweV1ObhwqCmYNFgs7Bkog3Jv_7cxWHfMyBX6gm2UBbAPA==
date: Mon, 26 May 2025 14:33:06 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 17 KB
17 KB 156ms
155ms Image
image/webp 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

vary: Accept-Encoding
etag: "a6c2aae1b41d9e328c4f8e6c34e3d12c"
age: 85570
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 17206
x-amz-cf-id: MCJtKkRJ7dBUphS8PdnFQf8TOlbMYssBrEYUxjCnWmvJV8OdCsHvEQ==
date: Mon, 26 May 2025 14:38:54 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 17:03:54 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
d1ayxb9ooonjts.cloudfront.net/d/ 401 B
748 B 148ms
145ms Image
image/svg+xml 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

etag: "ac532c5f7b8ff686a348d1abaa8326d4"
age: 82430
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 401
x-amz-cf-id: 5jgtRMp7ZbJMT50VEcz4b6P1zf6csGn0FRtnNYUNpRNlaDX8KCJp_g==
date: Mon, 26 May 2025 15:31:15 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 12032AF2C457BB634C4039A306C2C39420BF51EB.svg
d1ayxb9ooonjts.cloudfront.net/d/ 2 KB
1 KB 148ms
146ms Image
image/svg+xml 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/12032AF2C457BB634C4039A306C2C39420BF51EB.svg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"8f18e0d46157b022c600e0e735813a91"
age: 85919
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0c_gg0pb2cCt7j-BgOUQb_r1sMq5F-dqvKKXUVtIZiaSwLJYusUpWQ==
date: Mon, 26 May 2025 14:33:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 704DBB97AC75F2A7D9571254B944F17277707059.svg
d1ayxb9ooonjts.cloudfront.net/d/ 502 B
865 B 151ms
149ms Image
image/svg+xml 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/704DBB97AC75F2A7D9571254B944F17277707059.svg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

vary: Accept-Encoding
etag: "a0ff281181e05ab5f10f48b00bdf362e"
age: 3168
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 502
x-amz-cf-id: CPv3XqJ2iwKSLNp8viHr771YMRcuCmS72AnUbxIU3TC9St9RHhh-kw==
date: Tue, 27 May 2025 13:32:17 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
d1ayxb9ooonjts.cloudfront.net/d/ 648 B
995 B 150ms
148ms Image
image/svg+xml 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

etag: "01e6d41986e3aff2a481b34bbb250d3d"
age: 79692
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 648
x-amz-cf-id: cFiOjGWV2OIdmBUtXipVy78iVYo4Sk3RLTnGW6PQcX_hDEtyRb9DMg==
date: Mon, 26 May 2025 16:16:53 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

POST
H2 200 beacon
bit.ly/preview_page/ 16 B
80 B 303ms
300ms Ping
application/json 67.199.248.11
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/4kk8FuJ

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Tue, 27 May 2025 14:25:05 GMT
content-type: application/json
server: nginx

GET
H2 200 cc42-H3247803-135964475__1739832363-128165-HarvestockHEROSHOT.jpg
cdn6.ep.dynamics.net/s3/rw-propertyimages/ 769 KB
770 KB 1048ms
791ms Image
image/jpeg 108.158.20.36
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://cdn6.ep.dynamics.net/s3/rw-propertyimages/cc42-H3247803-135964475__1739832363-128165-HarvestockHEROSHOT.jpg?bgcolor=595959&height=1257&mode=crop&quality=90&scale=both&width=2400&_ext=.jpg
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-36.syd62.r.cloudfront.net
Software: /
Resource Hash: 9c17d6b442b201bb81802b8bdcc4c7c100ce801352317a2b56fb17e2381bb836

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-amz-apigw-id: LOyyZEBYSwMEFHQ=
x-amzn-trace-id: Root=1-6835cb42-224d9cda0bad161b21570a82;Parent=2410b1ab93ca1d87;Sampled=0;Lineage=1:c4494d0e:0
x-amzn-requestid: d61f12db-d191-4888-b345-673bcad0e3fc
via: 1.1 db987b94354bedc3a16788229c0e652c.cloudfront.net (CloudFront), 1.1 1febefb7e39b5395820bafc78730e954.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 787198
x-amz-cf-id: AiyGrym9BuA29dcDafsiLKSdMdXoaVKjYAzJRUiNypJXK6YpmHTLaQ==
date: Tue, 27 May 2025 14:25:06 GMT
content-type: image/jpeg
x-amz-cf-pop: SYD3-P1, SYD62-P3
vary: Origin

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 356ms
188ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bit.ly
URL: https://bit.ly/4kk8FuJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

c53d5303dbc2a188d96d1d677519361f04efb4a045740d19cb0280a0505d55c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

content-encoding: br
etag: 906 / 20235 / m202505200101 / config-hash: 4677953494289217151
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:25:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 14:25:06 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34415
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 539 KB
170 KB 71ms
71ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

content-encoding: br
etag: 8367355567805738573
age: 12947
x-content-type-options: nosniff
expires: Wed, 27 May 2026 10:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 10:49:19 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ 63 KB
23 KB 166ms
165ms Other
text/plain 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt

Requested by

Host: bit.ly
URL: https://bit.ly/4kk8FuJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 10260624382802495031
age: 58836
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 22:04:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 22:04:30 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23619
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505220101"

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame FC61 102 KB
28 KB 235ms
70ms Document
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

sffe /

Resource Hash

56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/4kk8FuJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:49:28 GMT
expires: Tue, 27 May 2025 14:39:28 GMT
last-modified: Mon, 19 May 2025 19:44:47 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
4 KB 451ms
450ms Fetch
text/plain 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=6186453490945515&correlator=4153055850044251&eid=31090592%2C31092627%2C95353384%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&dids=div-gpt-ad-1724340542602-0&adfs=3434351373&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1748355906560&lmt=1748355906&adxs=179&adys=330&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=720&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F4kk8FuJ&vis=1&psz=658x566&msz=300x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748355905451&idt=1063&prev_scp=ac%3DPrior_to_2023%26g%3DNZ%26cohort%3Dpre_9_3%26connection_type%3Dlink%26tt%3Dcore%26t%3Dg&adks=3309689787&frm=20&eoidce=1&td=1&egid=4978&tan=8b2ff12c-4c74-4656-a633-2a6ae4324eac&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

eb8fbc96aabb3b7cd06344a2c7938a3fbe2da5402bf9a73b7979b15344b8c328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

content-encoding: dcb
google-lineitem-id: 6771137968
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 14:25:06 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138508645984
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bit.ly
content-length: 4237
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame D71B 7 KB
3 KB 457ms
169ms Document
text/html 172.217.167.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/4kk8FuJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 14:25:06 GMT
expires: Tue, 27 May 2025 14:25:06 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C1D 0
0 211ms
209ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRTgO4lnMFaZs7y5uNariX70KGQkrgqp9HQZQJWxiSqZsVLMcLMdx2MdR88DyPmH3VFJ3reEOct7lF3j28qnBzhhfVx4LO65ab_pb2DzvsXZpPi7kRmuL7pVCLSg6OQQjzZRSp3KM8KZJK5U_wUqVph_8w1Noxo0lDLmkNQrGEd8Rk8bm5PvrDPiJYb-QJz2pjqb4vDGh5KQebg5JWCtkWEA86cYelmGQVn8V9osN4UKJN41AHuhqTFILRWo8rTbh8OLjZNklkFDBhsaEmcdFuvsMmQtZUl7m0Gp8UHdyBDx71rvq32Ev-hn2mXrf0AhYmuI7fpm_rFygPUmoO7i0oqv-MKW1aJ9h-WVqKrTSH_l-64QUR9cWN2WMMvWMf-4Rx0X8AZlR9SscWGEyeXiGW70fgvTpPgKYsvnc-tyMi_IOBP9OqdfdCz40sTS1O_d-_2wSplsGg&sai=AMfl-YQxXIpWBYxc-8m26y0Qcyws9ChtVmCV5T43T3elq6PPrMGxZmqTybEj62oskdr7gVp3iHvsmJpAVWjpNXn33jh-eVlu9VXYY6UQxL7t2WC91c_P4oK7cCOkoGefy4M4hF_TBlzprVmh8D90cgHFVw&sig=Cg0ArKJSzFHD8WahaDNrEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: bit.ly
URL: https://bit.ly/4kk8FuJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:25:07 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 14:25:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 2C1D 3 KB
2 KB 840ms
378ms Script
text/javascript 142.250.176.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s51-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

content-encoding: br
etag: 6020003950853699975
age: 39112
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 03:33:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 03:33:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2C1D 221 KB
68 KB 77ms
71ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

content-encoding: br
etag: 81102085050987160
age: 561
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:15:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 14:15:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 626497789753232737
tpc.googlesyndication.com/simgad/ Frame 2C1D 7 KB
8 KB 843ms
383ms Image
image/png 142.250.176.1
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/626497789753232737

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s51-in-f1.1e100.net

Software

sffe /

Resource Hash

b6477e134ed98b567226156c6035fc934fd56cf5142c66e3da3941762490a2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

age: 84667
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 14:54:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 14:54:00 GMT
last-modified: Thu, 20 Feb 2025 18:17:13 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 7318
x-xss-protection: 0
server: sffe

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 268ms
267ms Ping
application/json 67.199.248.11
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/4kk8FuJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/4kk8FuJ

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Tue, 27 May 2025 14:25:07 GMT
content-type: application/json
server: nginx

GET
DATA 200
OK truncated
/ Frame 2C1D 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92be40ee33a042a46209f8622e9d071d2d7cc679689d3bb33902faa09c3dc657

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C1D 0
0 208ms
206ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 14:25:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C1D 0
0 207ms
206ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 14:25:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C1D 0
0 206ms
206ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 14:25:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C1D 0
0 211ms
210ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttRMdVFhq-elo9v6IrM_d6lqXtNmlrBgpO8ily304bNinOOhA8GOk-sv9-XNWTKhxLMgxre5pBcq6r-J7f7BuNcznInu_J_HtT7aggtv79855zqdTCRtd4ItflrgsOLeqBVoYCfW8trZv3QxCXjazAu4ivEiGOUjIRejnR374Ry0tqweWxcNsbPjjumHM5-v0fMDzylMrfN1pVA4HgLcAMgWa5ddfB0J5Is5bnxElOZM9Yy2vk8-XUWFUuYz3jrXkMqv6of7GLZes2Kem4FpPWlEMBeFfq2y1yTkG05_FWSN6pOcLNqtFHjZXXiVtrT1_1cZCiFUkJo_CfuAu3rDT2-aQ82jlgdz6eM6NFXbXZQ5xKUGhDexyuonPBxGOw1nQrxtPva_43iGsbPTz9W95lk-wKl3JT19PJK-jrhOENIewovTNNZxztjlwIJLvViYf2Nre5egwjpW8&sai=AMfl-YSHdDuJ0v4l7yqGRVhQlgMfgRflwu6ifb-by76Vwpgqri1cxwI7B8poqNPqkWNHPFOC2YJGT6BrWO-p2LbYjEQ1f1uyAtcGmtIiEs7cwsaFz87opPVYhRowDimLab2YjIUjpYdI9mTu0t8A4EuYdw&sig=Cg0ArKJSzGUnERtfQcy0EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:25:08 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 14:25:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 416ms
208ms XHR
application/json 142.250.157.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.157.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f156.1e100.net

Software

cafe /

Resource Hash

f6b67563e3ed3f4af5af13ab889b49c9536c800d160989a43672b57da3601a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13127
date: Tue, 27 May 2025 14:25:08 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 911DC5232AD960E5CD922312AAAA1768D921C30F.png
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
1 KB 71ms
71ms Other
image/png 18.67.108.144
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/911DC5232AD960E5CD922312AAAA1768D921C30F.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-144.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

etag: "de191ceae91ff28f37bcd7fe122e3a09"
age: 52007
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1142
x-amz-cf-id: vIvNxaWBsRqErdJ3Tr8MNobQtX7HuZX4qik2TC3Om1p7XbCEyUkq1w==
date: Mon, 26 May 2025 23:58:20 GMT
content-type: image/png
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 204ms
203ms Fetch
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bit.ly/4kk8FuJ

Response headers

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 480ms
203ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:25:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 14:25:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame A07C 13 KB
5 KB 370ms
103ms Document
text/html 172.217.167.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/4kk8FuJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 14:02:41 GMT
expires: Tue, 27 May 2025 14:52:41 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9446 829 B
567 B 339ms
173ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

ESF /

Resource Hash

fc3e94acf13bd865c40df0ce72a5eb950896fe2c841df65e4492a2ff56e2d250

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FbMTE8M-J1yCfDq4md1ghA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/4kk8FuJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FbMTE8M-J1yCfDq4md1ghA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 14:25:09 GMT
expires: Tue, 27 May 2025 14:25:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C1D 42 B
65 B 208ms
208ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE3kbMG-tQnYWDs7vZZGP_LD9sM0OoIsyHghC-NY-fO5kfV8WZIwb17Yhq4tW2f0-rPQoKVhBMGL1ta7yjZVyIPWpEms58WgWp0lLi59j7MDaPwIwnZLcx4MLAWeXZZVizWDfec5zZ-mU1kmVY6M6ShiA5pGy39u7i32tvL3A30FWCKOQ&sig=Cg0ArKJSzLb54zwlOo6YEAE&id=lidar2&mcvt=1000&p=190,161,470,497&tm=1730.1999998092651&tu=730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3309689787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4428870700&rst=1748355907056&rpt=891&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/4kk8FuJ

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 14:25:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9446 0
17 B 208ms
206ms Image
image/ 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202505200101&jk=6186453490945515&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 14:25:09 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 99lcxn2YvEFuFPB90BzYKtdfgSsvSUIzwZpxI2siobo.js Show response
pagead2.googlesyndication.com/bg/ Frame A07C 54 KB
20 KB 74ms
73ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/99lcxn2YvEFuFPB90BzYKtdfgSsvSUIzwZpxI2siobo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

sffe /

Resource Hash

f7d95cc67d98bc416e14f07dd01cd82ad75f812b2f494233c19a71236b22a1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 76960
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 17:02:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 17:02:29 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20818
x-xss-protection: 0
server: sffe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame A07C 0
40 B 72ms
71ms Image
text/plain 172.217.167.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?togFQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 27 May 2025 14:25:09 GMT
cross-origin-resource-policy: cross-origin

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505200101&jk=6186453490945515&bg=!Q0ClQA_NAAYA59AtIOc7ADQBe5WfODdXcDurAHchvFHMc23Ckte5ibGjeNMCeJ8m-efgjmzUm6GT5wiJDQuHmBTLfJVtAgAAAFVSAAAABmgBB34ANsP7VFFNtPjBAZjg1j61gwDN0GUKmNdfjNdxwLyTbmJRSqMmJ9fgoK3tE161E61fzQD7-m1n7AoAut1JM4pcN3RhjFefr5eAI4_jgZsN_bN3Q_rgYrqCRZMC2htRYSI_fB_UP7gEvbHkILDC93YeqG2A6mhmKdayTdj6CcjAQullA3uEH0r6VPo7Sv2gEJYPdQS8xwoIF-HeUA6XmIEa7cQPT_BlRtYRgAdQT0fFkwxUmzGAhtJKKoo8HXwejBj61WDZh5Z7KfXGgEMz9W71-JCf0RBNF3a_DuJOCiKVqorh0jLyJnrM7JHy2bPIMYJKWvRCqJkCTII7fmlOmlqCFonKZWHryJb4pCb6NgNrt5y_xioFot1Ao8DKWAKx7qnGV85j7UY3THSWNcM_lWjaANFgvtuZJFSlAaorEaj4-rq4TcmzSnfZlC3qFWfc1HWDsXYkfL1hOvW1tG7vkPWLfsTALE680jm3tORCO0jRiMzFvuFu9zrewJWGsLkyj8FQS2DDK13eMYz1z1FSgubgjVROSvil5VwqXDNZz-xqJuaAspYfvEdCxtLgvBgWl88LAhwFremNtBxy89YJzxu7kG7GG3rbtVl24LVO6yNrplVf-uKpanYWZc_WVX-lJ89P_y52DqpIsUOW4J293EMvaWNEsc0LvJcZuSFFEZIwoCKeRKYsQnOjiC9rzJi5UpkOLS2xRSjNqrRWraVrkeXxUEbabrxbfpUJ5BSTX0DmwfOdTM4Qb0vnGQaiFzBdpbHl3DZRVz4YzYqcVVD0eupDFQcaT5K6sijlvJoGPg7z_xowtz_R3QpqO35WzKH9B_ubWG2-M3vjtXQL7CK455GU7URbe3J2EBdf8r9WRxaYDxF-tm2jWWq_350x8txuiqsUbl2PQkuNeBYm-i9lyj4d6s3OHxTJIuxIlYKIJ0emdxPqr_QI3teo6BKusYvq3A0OXr5sgDMcTjJT4ln-A6KfDimP-QPme9X2k6AEZHYJ-J_1aRrqMM6H6-1RZ7fC-OGW9z0O8fqvCTOaVkblfTVWmysHxGLVC20vSLqkxbRkkl3eK4XMYt09v7zSBqL5cmqzTlDZRsd76pxOgl9vVFqusyDWCQ

Verdicts & Comments Add Verdict or Comment

16 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 09:58:27	Name: _bit Value: p4rep5-0bbf0110e68bebdc61-00T
.bit.ly/	1970-01-21 15:00:51	Name: __gads Value: ID=9b03cff9bf8cd6e9:T=1748355906:RT=1748355906:S=ALNI_Ma_Sx2CEJM-U9G_yxQPum2adncpyg
.bit.ly/	1970-01-21 15:00:51	Name: __gpi Value: UID=000010f4ea14bfb7:T=1748355906:RT=1748355906:S=ALNI_MZ1OYYShKE1Be_lyy_K-fUNB2clYg
.bit.ly/	1970-01-21 09:58:27	Name: __eoi Value: ID=79f0dfb898f9eb16:T=1748355906:RT=1748355906:S=AA-Afja9JW4YbMIM3ALbz9P_M3jA
.doubleclick.net/	1970-01-21 15:15:15	Name: IDE Value: AHWqTUnWqVpCjvjEb4OBLj2r3tvumYeRtBujT1nNZ0wT7MPWMIbTn03HBTfZSE3Cddo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C00042B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21c92cc06ca62f753e2e7b1f0b809f94.safeframe.googlesyndication.com
bit.ly
cdn6.ep.dynamics.net
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
108.158.20.36
142.250.157.156
142.250.176.1
142.250.204.4
142.251.221.66
172.217.167.65
172.217.167.97
18.67.108.144
67.199.248.11
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
29a13428f89d986a9f8dc20a15066dd20522cf011fc1d075cee9b78a61359013
3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad
56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
92be40ee33a042a46209f8622e9d071d2d7cc679689d3bb33902faa09c3dc657
9c17d6b442b201bb81802b8bdcc4c7c100ce801352317a2b56fb17e2381bb836
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
aea18751d1237bfbdc12b9980842a50a5120430672cf4e2b39ae82dd4c0da039
b6477e134ed98b567226156c6035fc934fd56cf5142c66e3da3941762490a2ae
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e
c53d5303dbc2a188d96d1d677519361f04efb4a045740d19cb0280a0505d55c9
cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1
e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b
e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715
eb8fbc96aabb3b7cd06344a2c7938a3fbe2da5402bf9a73b7979b15344b8c328
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f6b67563e3ed3f4af5af13ab889b49c9536c800d160989a43672b57da3601a4c
f7d95cc67d98bc416e14f07dd01cd82ad75f812b2f494233c19a71236b22a1ba
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fc3e94acf13bd865c40df0ce72a5eb950896fe2c841df65e4492a2ff56e2d250
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

bit.ly 67.199.248.11 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

10 IPs

2 Countries

1204 kBTransfer

2029 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bit.ly
67.199.248.11 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

1204 kB
Transfer

2029 kB
Size

5
Cookies

37 HTTP transactions
1 data transactions