bit.ly
67.199.248.10 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3NqqFoA 13yr old
Effective URL:
https://bit.ly/3NqqFoA 13yr old
Submission: On May 27 via api (May 27th 2025, 9:27:57 am UTC) from NZ — Scanned from NZ

Summary HTTP 34 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 34 HTTP transactions. The main IP is 67.199.248.10, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 6471. 13yr old
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 26th 2025. Valid for: 1yr.

This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	18.67.108.77 18.67.108.77	16509 (AMAZON-02) (AMAZON-02)
1	216.239.38.135 216.239.38.135	15169 (GOOGLE) (GOOGLE)
7	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
1	142.250.217.129 142.250.217.129	15169 (GOOGLE) (GOOGLE)
2	142.250.67.1 142.250.67.1	15169 (GOOGLE) (GOOGLE)
6	74.125.203.155 74.125.203.155	15169 (GOOGLE) (GOOGLE)
1	142.250.157.156 142.250.157.156	15169 (GOOGLE) (GOOGLE)
2	142.250.76.97 142.250.76.97	15169 (GOOGLE) (GOOGLE)
1	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
34	11

3 67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 18.67.108.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-108-77.syd62.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.239.38.135 (United States)

ASN15169 (GOOGLE, US)

streetviewpixels-pa.googleapis.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.217.129 (United States)

ASN15169 (GOOGLE, US)
PTR: lax31s19-in-f1.1e100.net

3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 74.125.203.155 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f155.1e100.net

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.157.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f156.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.76.97 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f1.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com 3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com 10mo old tpc.googlesyndication.com — Cisco Umbrella Rank: 220 13yr old pagead2.googlesyndication.com — Cisco Umbrella Rank: 151 9yr old	80 KB
9	cloudfront.net d1ayxb9ooonjts.cloudfront.net 9yr old	28 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 9yr old	259 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 473 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 478 2yr old	26 KB
3	bit.ly bit.ly — Cisco Umbrella Rank: 6471 13yr old	20 KB
1	google.com www.google.com — Cisco Umbrella Rank: 9 56yr old	568 B
1	googleapis.com streetviewpixels-pa.googleapis.com — Cisco Umbrella Rank: 3030 5yr old	78 KB
34	7

	Domain	Requested by
9	d1ayxb9ooonjts.cloudfront.net	bit.ly
7	securepubads.g.doubleclick.net	bit.ly securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com ep2.adtrafficquality.google
3	bit.ly	bit.ly
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	streetviewpixels-pa.googleapis.com	bit.ly
34	10

This site contains links to these domains. Also see Links.

Domain
bitly.com
www.google.com
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
bit.ly DigiCert EV RSA CA G2	`2025-03-26` - `2026-03-25`	1yr	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2025-05-05` - `2026-04-23`	1yr	crt.sh
upload.video.google.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.g.doubleclick.net WR2	`2025-05-12` - `2025-08-04`	3mo	crt.sh
tpc.googlesyndication.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
adtrafficquality.google WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.google.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/3NqqFoA
Frame ID: A6AB67D76306C052A1D1BD2AD85D9B49
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 82A6E7945362FC94BD9370DED3C9BD99
Requests: 1 HTTP requests in this frame

Frame: https://3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: DD0B0C185D3DF56D355EA29AC026CDA1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdaRn9Z35QiKynAR64FkW3XbHJM0DxVKeqSum0as80I-DA4FdLQ8SPGvQZiXXCvpAN7KNpm80ItkTLborHmPgxotNSm36X9P20u5kNYJkf2yvFZa7Jxx79ynYkRyjFwit8HeikLlR9xQH-AZfTgXzgs3UV3U9kqMQokG16sSLwnKnKeEFEIdw___oBvqRzaPaxBGNiecZos2N54N0DNlVekH_rE9fIbWSCWpMasbe3oBYod3MMB_xjwqaMwyMH8Y-gKTZQ5-YzP7tKJvptH9EjMo0QEUFO4bgVnswTu86E2ULO3eGMP4iCmqT33sOV81i-xeXS7-git0oqNAE-iMRmWX05OCR30bZ2zgCrOmauj4jS6dCLBO78RVy5kHWe2gwJVLzPztglzcZr63NueQnjWi6tx3BM3C9GFeArRwoGRmHnbJ93Sfhp-w3Tqmq0KJV6RZJ_0K1b&sai=AMfl-YRlvrsk_C82vf14peNHB5M7ZX9A72zPz7_WKsLtUStvnrdAHRnUfDi5uFNqHPjd7QpZgf5Z4gZfBn0ayU6HNjQ3m_GxYNfeUwDpBHnIyDIlrYhTaziZefU10GgsQ7e6zZNv9XBP93UYZZWKheNS&sig=Cg0ArKJSzNvv-823M5ofEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: AFFF7EC056EE08C5006801BD6D2EADE8
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: C62C3F193D0012876781A3A2C08010EB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF12340CC5BC76C2C601E3FFF28184B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | bit.ly/3NqqFoA

Page URL History Show full URLs

http://bit.ly/3NqqFoA HTTP 307
https://bit.ly/3NqqFoA Page URL

Detected technologies

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

11
IPs

2
Countries

491 kB
Transfer

1284 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://bitly.com/?utm_source=Bitly&utm_medium=referral&utm_campaign=preview_page

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/North+Harbour+Ford+&+Mazda+Silverdale+Service+Centre/@-36.6167911,174.6754121,17z/data=!3m1!4b1!4m6!3m5!1s0x6d0d239ce591a78b:0xb0df5069f6d2f9d5!8m2!3d-36.6167911!4d174.677987!16s%2Fg%2F1td6sdvj?entry=ttu
Title: google.com/maps/place/North+Harbour+Ford+&+Mazda+Silverdale+Service+Centre/@-36.6167911,174.6754121,17z/data=!3m1!4b1!4m6!3m5!1s0x6d0d239ce591a78b:0xb0df5069f6d2f9d5!8m2!3d-36.6167911!4d174.677987!16s%2Fg%2F1td6sdvj

Search URL Search Domain Scan URL

URL: https://x.com/bitly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitly/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitly/mycompany/

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjss9ngcYX0SmXiqFMh-avk7CT20K6FxlmUyPbVKOsDSLNJOEJqSZqVIUHpGqpw6Shiv-CfQxcXJeD2yma1UV8F9bCzuQ16LyS0iQXbjFqFruUrKYyHt2x3h0BFjeXv3kDGG-dxfUhPbv6zG6l1GKOjZymPxpdZusr3TZuWE8SQ5rKiNSMoJTavzRcOa9Ev_X-XT3tmhdB6sGVHQP_aVnDCbCSWdxdFOFnTxo8rn6_6fOS931R_bco0xnMnAt1qB0j0QOfEjnrd3qSKfR6e-6snVfH6y-JhkEzkUsxUHyHy_OGSYL4-BEkjpJdYua5S6AsvHb7EYlk5caZFLuw12jETxjy3lwdKzFHUKkI2rSSjBlrwBVk4BHRrpE2TYu-cLs63NztZyKgY0Q7gd9oGmBTvzsAQN2P1fm9VuzqRYXGxhilOQvmZ1C8kb2&sai=AMfl-YSafGUH1BwMUSP4k6_ZfPhAE0GFOsbTFXYBKRUmNxgn37aMXFpt_fmpddCrPT3MaxdbgRt5P-vPqXEBxSlTGALUm-X3F0NZLyryQyWRpQkwve-IWGm7QEakdfX39MMZ-Pttk-I5qP2Wq-ScV_fR&sig=Cg0ArKJSzCxE9kLqCftd&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://bitly.com/%3Futm_source%3Dpreview_page%26utm_tag%3Dhouse_ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3NqqFoA HTTP 307
https://bit.ly/3NqqFoA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 3NqqFoA Show response
bit.ly/
Redirect Chain

http://bit.ly/3NqqFoA
https://bit.ly/3NqqFoA

20 KB
20 KB

524ms
322ms

Document
text/html

67.199.248.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: 218253dc4373ab3d38718e8eae911229fcb76d5ea41a53c7026960558abda5fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 20054
content-type: text/html; charset=utf-8
date: Tue, 27 May 2025 15:11:53 GMT
server: nginx
via: 1.1 google

Redirect headers

Location: https://bit.ly/3NqqFoA
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 3BC92D5AD55132EE1A8216E94D482D88E73D53A5.css
d1ayxb9ooonjts.cloudfront.net/d/ 11 KB
3 KB 320ms
103ms Stylesheet
text/css 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/3BC92D5AD55132EE1A8216E94D482D88E73D53A5.css
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: aea18751d1237bfbdc12b9980842a50a5120430672cf4e2b39ae82dd4c0da039

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"5a31d31a69ba966ce77f283cc98464b1"
age: 54820
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: UlZXyMZ4HnsgmgadL3jECC3DyLUE5eASxIQlzJCq_NTMZE0GZDMM-Q==
date: Mon, 26 May 2025 23:58:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Thu, 15 May 2025 19:25:05 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
d1ayxb9ooonjts.cloudfront.net/d/ 3 KB
2 KB 295ms
104ms Image
image/svg+xml 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"f8bbacdf5ce2e98b14f9fef2a8a86085"
age: 85267
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: rVPwVVWI1Gc_gqjNi7_kWphcZ5a-UOstwLVBbLwze37qB3C84TqIPw==
date: Mon, 26 May 2025 15:30:47 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
d1ayxb9ooonjts.cloudfront.net/d/ 362 B
726 B 315ms
140ms Image
image/svg+xml 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

vary: Accept-Encoding
etag: "636eb2721b75f46b2f61790d3b627d70"
age: 2327
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 362
x-amz-cf-id: 80lsinhcZvA37_XAFkzBM78_-5zyoNgxX1U5Xdvw02kFDgykfQ5LSQ==
date: Tue, 27 May 2025 14:33:16 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 17 KB
17 KB 172ms
151ms Image
image/webp 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

vary: Accept-Encoding
etag: "a6c2aae1b41d9e328c4f8e6c34e3d12c"
age: 1979
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 17206
x-amz-cf-id: QJKoIIYXPewgTMlQt5yzk0AN_i-8Ab8ynSf9VqsnJP48WabPq0gniA==
date: Tue, 27 May 2025 14:39:01 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 17:03:54 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
d1ayxb9ooonjts.cloudfront.net/d/ 401 B
748 B 146ms
137ms Image
image/svg+xml 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

etag: "ac532c5f7b8ff686a348d1abaa8326d4"
age: 85239
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 401
x-amz-cf-id: rYbtjX7rLNKrmXbOdotrHo0RRxrImKVoMUmXDn_6q4gmTfCKWP4I1A==
date: Mon, 26 May 2025 15:31:15 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 12032AF2C457BB634C4039A306C2C39420BF51EB.svg
d1ayxb9ooonjts.cloudfront.net/d/ 2 KB
1 KB 164ms
155ms Image
image/svg+xml 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/12032AF2C457BB634C4039A306C2C39420BF51EB.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

x-amz-cf-pop: SYD62-P2
content-encoding: gzip
etag: W/"8f18e0d46157b022c600e0e735813a91"
age: 2327
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: i91FrizmE-JnTiU1D3DlM5Ss8IzI0ZTKsYW91Rj7D_HY1cAnPJn_ow==
date: Tue, 27 May 2025 14:33:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 704DBB97AC75F2A7D9571254B944F17277707059.svg
d1ayxb9ooonjts.cloudfront.net/d/ 502 B
864 B 164ms
155ms Image
image/svg+xml 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/704DBB97AC75F2A7D9571254B944F17277707059.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

vary: Accept-Encoding
etag: "a0ff281181e05ab5f10f48b00bdf362e"
age: 5977
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 502
x-amz-cf-id: 39gUpaBAdDO3mjD3ianpshB5claxwmZhFpNXopvG-fqgflH_H5znJg==
date: Tue, 27 May 2025 13:32:17 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
d1ayxb9ooonjts.cloudfront.net/d/ 648 B
995 B 186ms
178ms Image
image/svg+xml 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

etag: "01e6d41986e3aff2a481b34bbb250d3d"
age: 82501
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 648
x-amz-cf-id: _voe6Y15iiwiFP8Zvh5tUkrIX-zLrDGEsxD9WXw4lNt-7Mqwl_DuJg==
date: Mon, 26 May 2025 16:16:53 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

POST
H2 200 beacon
bit.ly/preview_page/ 16 B
80 B 332ms
322ms Ping
application/json 67.199.248.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/3NqqFoA

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Tue, 27 May 2025 15:11:54 GMT
content-type: application/json
server: nginx

GET
H2 200 thumbnail
streetviewpixels-pa.googleapis.com/v1/ 78 KB
78 KB 1178ms
877ms Image
image/jpeg 216.239.38.135
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://streetviewpixels-pa.googleapis.com/v1/thumbnail?panoid=0ykVxdo6akIU7LIeX_SWtA&cb_client=search.gws-prod.gps&w=900&h=900&yaw=200&pitch=-20&thumbfov=100

Requested by

Host: bit.ly
URL: https://bit.ly/3NqqFoA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.135 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

03bb9022ed95890a4e8980798e604282c4355157cb509b07f8bbf669518e1d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/

Response headers

x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79652
date: Tue, 27 May 2025 15:11:55 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 361ms
183ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bit.ly
URL: https://bit.ly/3NqqFoA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

b29822261fc87e48af43daff2888df8cd50d8e9279c6df4e839388c84300c08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

content-encoding: br
etag: 904 / 20235 / m202505200101 / config-hash: 4677953494289217151
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:11:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 15:11:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34420
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 539 KB
170 KB 80ms
79ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

content-encoding: br
etag: 8367355567805738573
age: 26753
x-content-type-options: nosniff
expires: Wed, 27 May 2026 07:46:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 07:46:02 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ 63 KB
23 KB 168ms
164ms Other
text/plain 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt

Requested by

Host: bit.ly
URL: https://bit.ly/3NqqFoA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 10260624382802495031
age: 23051
x-content-type-options: nosniff
expires: Tue, 03 Jun 2025 08:47:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 08:47:44 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23619
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505220101"

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame 82A6 102 KB
28 KB 242ms
74ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3NqqFoA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 14:46:09 GMT
expires: Tue, 27 May 2025 15:36:09 GMT
last-modified: Mon, 19 May 2025 19:44:47 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
4 KB 505ms
504ms Fetch
text/plain 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5494862898438618&correlator=2021801193202462&eid=31090592%2C31090594%2C31091882%2C31092253%2C31092622%2C31092628%2C95353384%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&dids=div-gpt-ad-1724340542602-0&adfs=3434351373&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1748358715604&lmt=1748358715&adxs=179&adys=320&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=720&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F3NqqFoA&vis=1&psz=658x546&msz=300x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748358713915&idt=1593&prev_scp=ac%3DPrior_to_2023%26g%3DAU%26cohort%3Dpre_9_3%26connection_type%3Dlink%26tt%3Dpremium%26dd%3Dgoogle%26t%3Dg&adks=3309689787&frm=20&eoidce=1&td=1&egid=16194&tan=e7982034-15f9-49db-8ddb-69a26b980849&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

5ff2d262e139bc7cb20d2054d9e99739bf4b71b4a43c6aaa26084bb8d6545d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

content-encoding: dcb
google-lineitem-id: 6771137968
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 15:11:56 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138507835122
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bit.ly
content-length: 4229
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame DD0B 7 KB
3 KB 455ms
216ms Document
text/html 142.250.217.129
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.217.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax31s19-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3NqqFoA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 15:11:56 GMT
expires: Tue, 27 May 2025 15:11:56 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFFF 0
0 225ms
225ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdaRn9Z35QiKynAR64FkW3XbHJM0DxVKeqSum0as80I-DA4FdLQ8SPGvQZiXXCvpAN7KNpm80ItkTLborHmPgxotNSm36X9P20u5kNYJkf2yvFZa7Jxx79ynYkRyjFwit8HeikLlR9xQH-AZfTgXzgs3UV3U9kqMQokG16sSLwnKnKeEFEIdw___oBvqRzaPaxBGNiecZos2N54N0DNlVekH_rE9fIbWSCWpMasbe3oBYod3MMB_xjwqaMwyMH8Y-gKTZQ5-YzP7tKJvptH9EjMo0QEUFO4bgVnswTu86E2ULO3eGMP4iCmqT33sOV81i-xeXS7-git0oqNAE-iMRmWX05OCR30bZ2zgCrOmauj4jS6dCLBO78RVy5kHWe2gwJVLzPztglzcZr63NueQnjWi6tx3BM3C9GFeArRwoGRmHnbJ93Sfhp-w3Tqmq0KJV6RZJ_0K1b&sai=AMfl-YRlvrsk_C82vf14peNHB5M7ZX9A72zPz7_WKsLtUStvnrdAHRnUfDi5uFNqHPjd7QpZgf5Z4gZfBn0ayU6HNjQ3m_GxYNfeUwDpBHnIyDIlrYhTaziZefU10GgsQ7e6zZNv9XBP93UYZZWKheNS&sig=Cg0ArKJSzNvv-823M5ofEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: bit.ly
URL: https://bit.ly/3NqqFoA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:11:56 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 15:11:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame AFFF 3 KB
1 KB 393ms
107ms Script
text/javascript 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

content-encoding: br
etag: 6020003950853699975
age: 81150
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 16:39:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AFFF 221 KB
68 KB 436ms
204ms Script
text/javascript 74.125.203.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.203.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f155.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

content-encoding: br
etag: 81102085050987160
age: 2563
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:29:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 14:29:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=GB2312
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 8420899091482481035
tpc.googlesyndication.com/simgad/ Frame AFFF 7 KB
7 KB 389ms
104ms Image
image/png 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8420899091482481035

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

03365ae40ccdff3f79c116e5d1add6ce84137a5c09256f7499ee06eecfb7060d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

age: 31020
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 06:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 27 May 2025 06:34:56 GMT
last-modified: Thu, 20 Feb 2025 18:20:40 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 6701
x-xss-protection: 0
server: sffe

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 269ms
268ms Ping
application/json 67.199.248.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/3NqqFoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/3NqqFoA

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Tue, 27 May 2025 15:11:56 GMT
content-type: application/json
server: nginx

GET
DATA 200
OK truncated
/ Frame AFFF 210 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e3e7f969809c0abe5579f32c79e9ca4e06561c64f62c14734f567789c472441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFFF 0
0 239ms
238ms Fetch
image/gif 74.125.203.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.203.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 15:11:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFFF 0
0 201ms
200ms Fetch
image/gif 74.125.203.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.203.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 15:11:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFFF 0
0 209ms
209ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_fj9gkdqTqWAblNy6jwH-ex2ErBAKlkDxvghfcME1OzgYs2f-TkciSJ38YC8LVsmdq5KpcAGfzkTZmtqHX2zeAYsgGVZG9Ln0wuk7vs7rZvjS1CEqqnBX5wdblIsIAVjpXVsVqYFYyn_XKDA7NAJNZNGnp52W5Krn2y3a3M8YlLbYgrAXGGwLgL6_5Fm8nq6XdFm7-7TXT376ICEhYCFW7ARMnD9JKUP4fGel4msPp74Vddxrt_KFa1ObI2vZfuEAjGLcVdVh6eV9m-pups-ti6jruvxGXZQFAz3jSTNPWM4TFxJqECrK0TfFu9KWzT6UwIVPIX9LUggIAxpcjo1zhD2dGKQkJs1tjFsRz0X3Tapkusx36HbBL0ZTGb3v4v0uwa1jhFDNjgr7_DQQ_ylwucTy_gSwBtp8V7nn-0jas9ADTUr98MsdenzmGlOC2PboAq33wh8Lf1w&sai=AMfl-YQqxaf-sj5_Fsa1NUNd6nSc8lHcuHVDSy-2-p2JislPcjhA-krQoTp6OB_Om8ev2Hyx1j0yHWcXTOUb6DUJCSZUBbDg3kvE_2-FPz-soBZ7ubeNWsasBA69753pe5KTrYFm0NCBpgaCxbfs7ZJh&sig=Cg0ArKJSzN5LJ9IfOg_5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:11:57 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 15:11:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 420ms
213ms XHR
application/json 142.250.157.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.157.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f156.1e100.net

Software

cafe /

Resource Hash

e2db24dca5f63601a9633627777ceefefe7e581936d66f69f86e8b65d83a240b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13273
date: Tue, 27 May 2025 15:11:57 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFFF 0
0 202ms
201ms Fetch
image/gif 74.125.203.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.203.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 15:11:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 911DC5232AD960E5CD922312AAAA1768D921C30F.png
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
1 KB 73ms
73ms Other
image/png 18.67.108.77
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/911DC5232AD960E5CD922312AAAA1768D921C30F.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.108.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-108-77.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

etag: "de191ceae91ff28f37bcd7fe122e3a09"
age: 54817
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1142
x-amz-cf-id: _3xico0jWb3FY3iM7U4T1qoueocwFMYYTOG_pdZqykkEOxmfX6lPrg==
date: Mon, 26 May 2025 23:58:20 GMT
content-type: image/png
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 485ms
203ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:11:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:11:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame C62C 13 KB
5 KB 371ms
98ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3NqqFoA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 14:52:41 GMT
expires: Tue, 27 May 2025 15:42:41 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF12 829 B
568 B 348ms
180ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

ESF /

Resource Hash

7243ba7139b5f205a3dd3879e65061054ee09a4712c70329f6377840aa19caa8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--LaFsdI59h4yLjfbqS_BDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3NqqFoA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--LaFsdI59h4yLjfbqS_BDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 15:11:58 GMT
expires: Tue, 27 May 2025 15:11:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFFF 42 B
65 B 206ms
206ms Fetch
image/gif 74.125.203.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP5x93BmT7lZqa1uF4ypqDNeMSkLHZrM7p4ZmQITZo7HHTUQiPsfcAsKEPooTR3wg6tDibCiYNQFMzHEfiJtHjzk59Fn7GGXZNB6KZS8gsIg3NQwFsrJmRma81wAMpVg6D8RIp8LMddRN11jr3WKCp-uTRvaS1Fp67S27On7erCznZrXU&sig=Cg0ArKJSzLkzPPn-NsXEEAE&id=lidar2&mcvt=1000&p=180,161,460,497&tm=1012.1999998092651&tu=12.199999809265137&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3309689787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4429151700&rst=1748358716215&rpt=836&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.203.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://bit.ly/3NqqFoA

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 15:11:58 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF12 0
17 B 482ms
280ms Image
image/ 74.125.203.155
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202505200101&jk=5494862898438618&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.203.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 15:11:58 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET 99lcxn2YvEFuFPB90BzYKtdfgSsvSUIzwZpxI2siobo.js
pagead2.googlesyndication.com/bg/ Frame C62C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/99lcxn2YvEFuFPB90BzYKtdfgSsvSUIzwZpxI2siobo.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 09:58:30	Name: _bit Value: p4rfbR-1bbd0561262e90a669-00M
.bit.ly/	1970-01-21 15:00:54	Name: __gads Value: ID=6343f7ebd87251a4:T=1748358715:RT=1748358715:S=ALNI_MbIRhS9Ww5MJWROLYbscEafAbYnHQ
.bit.ly/	1970-01-21 15:00:54	Name: __gpi Value: UID=000010f4f408ab69:T=1748358715:RT=1748358715:S=ALNI_MY78lDgTeDbtIN8U8gFUu6gPgBDaQ
.bit.ly/	1970-01-21 09:58:30	Name: __eoi Value: ID=a6fe0e95e05e9d20:T=1748358715:RT=1748358715:S=AA-AfjbUvdYRlnm5ZwOhvaTpMMit
.doubleclick.net/	1970-01-21 15:15:18	Name: IDE Value: AHWqTUmB9UIWJDXQAuY9OUKNiEeodCcFrZHeYPLfGXqJzkRrjAJUhgYMJP8SrKYBklA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a49a63cde9722bf5df2c7cf01a52abf.safeframe.googlesyndication.com
bit.ly
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
streetviewpixels-pa.googleapis.com
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.250.157.156
142.250.204.4
142.250.217.129
142.250.66.226
142.250.67.1
142.250.76.97
18.67.108.77
216.239.38.135
67.199.248.10
74.125.203.155
03365ae40ccdff3f79c116e5d1add6ce84137a5c09256f7499ee06eecfb7060d
03bb9022ed95890a4e8980798e604282c4355157cb509b07f8bbf669518e1d60
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
218253dc4373ab3d38718e8eae911229fcb76d5ea41a53c7026960558abda5fe
3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad
4e3e7f969809c0abe5579f32c79e9ca4e06561c64f62c14734f567789c472441
56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
5ff2d262e139bc7cb20d2054d9e99739bf4b71b4a43c6aaa26084bb8d6545d04
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
7243ba7139b5f205a3dd3879e65061054ee09a4712c70329f6377840aa19caa8
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
aea18751d1237bfbdc12b9980842a50a5120430672cf4e2b39ae82dd4c0da039
b29822261fc87e48af43daff2888df8cd50d8e9279c6df4e839388c84300c08f
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e
cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1
e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b
e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438
e2db24dca5f63601a9633627777ceefefe7e581936d66f69f86e8b65d83a240b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

bit.ly 67.199.248.10 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

11 IPs

2 Countries

491 kBTransfer

1284 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bit.ly
67.199.248.10 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

11
IPs

2
Countries

491 kB
Transfer

1284 kB
Size

5
Cookies

34 HTTP transactions
1 data transactions