bit.ly Open in urlscan Pro
67.199.248.11  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request TAPSCAN Show response bit.ly/	18 KB 18 KB	361ms 162ms	Document text/html	67.199.248.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS bit.ly Software nginx / Resource Hash d2ef6f459c3529de8f36032504c1282a8170dbd1d14c7443f3123862a46cbde0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=90 content-length 18641 content-type text/html; charset=utf-8 date Wed, 28 May 2025 04:07:41 GMT server nginx via 1.1 google
GET H2	200	3BC92D5AD55132EE1A8216E94D482D88E73D53A5.css d1ayxb9ooonjts.cloudfront.net/d/	11 KB 3 KB	388ms 97ms	Stylesheet text/css	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ayxb9ooonjts.cloudfront.net/d/3BC92D5AD55132EE1A8216E94D482D88E73D53A5.css Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash aea18751d1237bfbdc12b9980842a50a5120430672cf4e2b39ae82dd4c0da039 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers x-amz-cf-pop JFK52-P6 content-encoding gzip etag W/"5a31d31a69ba966ce77f283cc98464b1" age 21853 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id pTcZG3vuH0cE0ThVTlPPgRqWlLe26cfyHEgahNPqPosSVnsoNFa1mw== date Tue, 27 May 2025 22:03:28 GMT content-type text/css; charset=utf-8 vary Accept-Encoding server nginx last-modified Thu, 15 May 2025 19:25:05 GMT x-amz-server-side-encryption AES256
GET H2	200	C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg d1ayxb9ooonjts.cloudfront.net/d/	3 KB 2 KB	390ms 100ms	Image image/svg+xml	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers x-amz-cf-pop JFK52-P6 content-encoding gzip etag W/"f8bbacdf5ce2e98b14f9fef2a8a86085" age 78999 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id tRT-HSNV13hp3dMuhT2aq1vMuzwyBhfOvYfagY1BTld_GFmcFDOX7g== date Tue, 27 May 2025 11:25:58 GMT content-type image/svg+xml vary Accept-Encoding server nginx last-modified Thu, 06 Mar 2025 12:29:31 GMT x-amz-server-side-encryption AES256
GET H2	200	8955792E2AE2972C05969B26C881AD988C9BB5BD.svg d1ayxb9ooonjts.cloudfront.net/d/	362 B 727 B	565ms 276ms	Image image/svg+xml	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/8955792E2AE2972C05969B26C881AD988C9BB5BD.svg Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash 56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers vary Accept-Encoding etag "636eb2721b75f46b2f61790d3b627d70" age 80447 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 362 x-amz-cf-id mPhEn9ysoq5bm_5TqUy5uDh3lWutTHF-rHWgOd23togEc_UKzMW1Bg== date Tue, 27 May 2025 05:46:54 GMT content-type image/svg+xml last-modified Thu, 06 Mar 2025 12:29:31 GMT server nginx x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256
GET H2	200	7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp d1ayxb9ooonjts.cloudfront.net/d/	17 KB 17 KB	179ms 178ms	Image image/webp	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers vary Accept-Encoding etag "a6c2aae1b41d9e328c4f8e6c34e3d12c" age 80044 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 17206 x-amz-cf-id okIYYYP-nWfukUK1mr2evd39Rzea93F0YKNlZ9xwwVC_wirmFnOmyg== date Tue, 27 May 2025 05:53:38 GMT content-type image/webp last-modified Wed, 11 Sep 2024 17:03:54 GMT server nginx x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256
GET H2	200	E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg d1ayxb9ooonjts.cloudfront.net/d/	401 B 768 B	178ms 174ms	Image image/svg+xml	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers vary Accept-Encoding etag "ac532c5f7b8ff686a348d1abaa8326d4" age 68940 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 401 x-amz-cf-id rJaIDM3B_p-ajjGFF5JNMRSYdpFPNYQoyPp_9v7VCZlrQVvGH7BzRw== date Tue, 27 May 2025 08:58:51 GMT content-type image/svg+xml last-modified Thu, 06 Mar 2025 12:29:32 GMT server nginx x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256
GET H2	200	12032AF2C457BB634C4039A306C2C39420BF51EB.svg d1ayxb9ooonjts.cloudfront.net/d/	2 KB 1 KB	176ms 172ms	Image image/svg+xml	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/12032AF2C457BB634C4039A306C2C39420BF51EB.svg Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers x-amz-cf-pop JFK52-P6 content-encoding gzip etag W/"8f18e0d46157b022c600e0e735813a91" age 54709 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id QH3_U8rihXBFMzI3y25y0YpWadA_mLMy2UNnqUvXNXkTfryPCoLd2Q== date Tue, 27 May 2025 12:55:52 GMT content-type image/svg+xml vary Accept-Encoding server nginx last-modified Thu, 06 Mar 2025 12:29:32 GMT x-amz-server-side-encryption AES256
GET H2	200	704DBB97AC75F2A7D9571254B944F17277707059.svg d1ayxb9ooonjts.cloudfront.net/d/	502 B 866 B	176ms 173ms	Image image/svg+xml	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/704DBB97AC75F2A7D9571254B944F17277707059.svg Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash 3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers vary Accept-Encoding etag "a0ff281181e05ab5f10f48b00bdf362e" age 75981 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 502 x-amz-cf-id 2piDwaMbbNHwveW63WeAlKX_Z4BC-7OKNCOq1alGP38xCLiRYkLvfg== date Tue, 27 May 2025 07:01:23 GMT content-type image/svg+xml last-modified Thu, 06 Mar 2025 12:29:31 GMT server nginx x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256
GET H2	200	8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg d1ayxb9ooonjts.cloudfront.net/d/	648 B 1013 B	177ms 174ms	Image image/svg+xml	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ayxb9ooonjts.cloudfront.net/d/8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers vary Accept-Encoding etag "01e6d41986e3aff2a481b34bbb250d3d" age 72632 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 648 x-amz-cf-id gLorODIQr7dU_QYfLD9y7Djll3zwTazTJywhDmrdKruaqg1F2DDsdg== date Tue, 27 May 2025 07:57:09 GMT content-type image/svg+xml last-modified Thu, 06 Mar 2025 12:29:32 GMT server nginx x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256
POST H2	200	beacon bit.ly/preview_page/	16 B 80 B	119ms 115ms	Ping application/json	67.199.248.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bit.ly/preview_page/beacon Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS bit.ly Software nginx / Resource Hash fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Referer https://bit.ly/TAPSCAN Response headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 date Wed, 28 May 2025 04:07:41 GMT content-type application/json server nginx
GET H2	200	9VieFqY6BrcqBfWyNBCDptV3goYIngmpxwUWVzLOgzjmapm_cAA9hJOo4nbPZogezU4 play-lh.googleusercontent.com/	171 KB 171 KB	495ms 94ms	Image image/png	142.251.40.182 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/9VieFqY6BrcqBfWyNBCDptV3goYIngmpxwUWVzLOgzjmapm_cAA9hJOo4nbPZogezU4 Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.182 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f22.1e100.net Software fife / Resource Hash fffd57c76ee8c6d3f04a4a834b07afed400947252ef8f272d8d837ca25b4ba76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/ Response headers access-control-expose-headers Content-Length etag "v1" age 9839 x-content-type-options nosniff expires Thu, 29 May 2025 01:23:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 28 May 2025 01:23:43 GMT content-disposition inline;filename="unnamed.png" content-type image/png vary Origin cache-control public, max-age=86400, no-transform timing-allow-origin * access-control-allow-origin * content-length 174895 x-xss-protection 0 server fife
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	110 KB 34 KB	793ms 149ms	Script text/javascript	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash 030d175e35e902db8d11cf6f37b0bbedc12aef5ffaecd4ed748ff2777c2b7c20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers content-encoding br etag 55 / 20236 / m202505200101 / config-hash: 17886797544696259832 x-content-type-options nosniff expires Wed, 28 May 2025 04:07:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 28 May 2025 04:07:42 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 34438 x-xss-protection 0 server cafe
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/	539 KB 170 KB	90ms 90ms	Script text/javascript	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash 638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers content-encoding br etag 8367355567805738573 age 59377 x-content-type-options nosniff expires Wed, 27 May 2026 11:38:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 27 May 2025 11:38:05 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 173743 x-xss-protection 0 server cafe
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202505270101/	63 KB 23 KB	98ms 97ms	Other text/plain	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505270101/gpt Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash 9b502c40cea58eb57328f78cf48c787ab82d46606203a135bbb813ee19fb6c6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 8651680878418282224 age 47179 x-content-type-options nosniff expires Tue, 03 Jun 2025 15:01:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Tue, 27 May 2025 15:01:23 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=604800, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 23432 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202505270101"
GET H3	200	topics_frame.html Show response securepubads.g.doubleclick.net/static/topics/ Frame C85D	102 KB 28 KB	346ms 100ms	Document text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software sffe / Resource Hash 56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/TAPSCAN Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1736 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 29108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 28 May 2025 03:38:47 GMT expires Wed, 28 May 2025 04:28:47 GMT last-modified Mon, 19 May 2025 19:44:47 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	49 KB 4 KB	852ms 852ms	Fetch text/plain	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=6025686323638432&correlator=629339375776524&eid=31090594%2C31091881%2C31092254%2C95353384%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&dids=div-gpt-ad-1724340542602-0&adfs=3434351373&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1748405263260&lmt=1748405263&adxs=179&adys=330&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2FTAPSCAN&vis=1&psz=658x566&msz=300x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748405261107&idt=2086&prev_scp=ac%3DPrior_to_2023%26g%3DIL%26cohort%3Dpre_9_3%26connection_type%3Dlink%26tt%3Dcore%26t%3Dg&adks=3309689787&frm=20&eoidce=1&td=1&egid=54544&tan=5c65e006-d779-4385-aff5-692a0564ead8&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash 7b5acbd275f8c60c6380bb6f685ec223615835fa2084b1161850dee909d0c8b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers content-encoding dcb google-lineitem-id 6771137968 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Wed, 28 May 2025 04:07:44 GMT content-type text/plain; charset=UTF-8 google-creative-id 138508645984 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://bit.ly content-length 4333 x-xss-protection 0 server cafe
GET H3	200	container.html Show response aa3e86e67932a8bc28cf8dd16624622a.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 1B96	7 KB 3 KB	390ms 113ms	Document text/html	142.251.40.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aa3e86e67932a8bc28cf8dd16624622a.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f1.1e100.net Software sffe / Resource Hash f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/TAPSCAN Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 3121 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 28 May 2025 04:07:43 GMT expires Wed, 28 May 2025 04:07:43 GMT last-modified Thu, 08 May 2025 23:15:48 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	462ms 125ms	XHR application/json	142.251.35.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f2.1e100.net Software cafe / Resource Hash 8d057dc4a835f2f32d83bd33303b0c4cadc1c1584afe24ac583003f64835707b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13036 date Wed, 28 May 2025 04:07:44 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	911DC5232AD960E5CD922312AAAA1768D921C30F.png d1ayxb9ooonjts.cloudfront.net/d/	1 KB 1 KB	81ms 81ms	Other image/png	3.168.96.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ayxb9ooonjts.cloudfront.net/d/911DC5232AD960E5CD922312AAAA1768D921C30F.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.96.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-96-221.jfk52.r.cloudfront.net Software nginx / Resource Hash bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers vary Accept-Encoding etag "de191ceae91ff28f37bcd7fe122e3a09" age 17697 via 1.1 09a970c514541c01d3b3e83903632062.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 1142 x-amz-cf-id NzjKV7E6hfLwxtlak2-majbEafy8sRl2OCJhid8nWxEJ_RQ2CZPoQQ== date Tue, 27 May 2025 23:12:46 GMT content-type image/png last-modified Thu, 06 Mar 2025 12:29:31 GMT server nginx x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame C574	0 0	141ms 141ms	Fetch image/gif	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE3EW4VJemakE1Fry0Y2KZTh7BYvoK4jxTkb2c10iPmxNfmGuEKVWgu2uR7O44hAo7gbmyeyh0ax-MgGXlo2n-4B9NEb2DSp7ol_zKNcIeq-jt0aIPOp89pprOg2T_JLNP72RfnXg8KtIM96IlQ7oi_iF9mbFIv5QfZ8haS9TDHtdPny9sqlwU5JLvhLrhUyMmI-VJ9aEousnDTrLgdvq-AkQAEZ_B4_aAcTERxC3dt0AeVwCyeIV7OJsl0iLBNY5h1Q2uOAZpvIeYdfSFy0eQ1QkWqD3vuqIIEyjP1JKIhA4tz4oJ0mvuWWmWDtuemIxj__VDF4b2td7V2_cyox0NqIFvkh-IPzKnAfnwPUVmjeqJ7rRBYckn9U6dklgoI0-Y9kmoki4ZztenX0VyerwGUOOcoT-wM_y26sBmxovA2cuGL_teRd91D87JxSiAkqmKYBBH0mZH&sai=AMfl-YTwOZGl_xCYhKrLR_MrGU-JUTNfNYRaqCjWYNKvCGvQDMb2MW7Ajr7Zm4qGQViUh2TA8z7EAzHrHO-eUe68oXugC7KiYaEs2Q76U8IUPKDlAdMGpr04oLdDY1CDoHt9OGx4RB0SbjVLNEsrmbk4&sig=Cg0ArKJSzCO6iAqaIAQQEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Wed, 28 May 2025 04:07:44 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Wed, 28 May 2025 04:07:44 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/ Frame C574	3 KB 2 KB	310ms 91ms	Script text/javascript	142.250.65.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f1.1e100.net Software cafe / Resource Hash fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers content-encoding br etag 6020003950853699975 age 43250 x-content-type-options nosniff expires Tue, 10 Jun 2025 16:06:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Tue, 27 May 2025 16:06:54 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 1241 x-xss-protection 0 server cafe
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C574	221 KB 68 KB	304ms 94ms	Script text/javascript	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash 9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers content-encoding br etag 81102085050987160 age 2649 x-content-type-options nosniff expires Wed, 28 May 2025 04:23:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Wed, 28 May 2025 03:23:35 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=ISO-8859-1 vary Accept-Encoding cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 69707 x-xss-protection 0 server cafe
GET H2	200	626497789753232737 tpc.googlesyndication.com/simgad/ Frame C574	7 KB 8 KB	306ms 92ms	Image image/png	142.250.65.225 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/626497789753232737 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f1.1e100.net Software sffe / Resource Hash b6477e134ed98b567226156c6035fc934fd56cf5142c66e3da3941762490a2ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers age 380705 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Sat, 23 May 2026 18:22:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Fri, 23 May 2025 18:22:39 GMT last-modified Thu, 20 Feb 2025 18:17:13 GMT content-type image/png cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 7318 x-xss-protection 0 server sffe
POST H3	200	beacon bit.ly/preview_page/	16 B 29 B	120ms 119ms	Ping application/json	67.199.248.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bit.ly/preview_page/beacon Requested by Host: bit.ly URL: https://bit.ly/TAPSCAN Protocol H3 Security QUIC, , AES_128_GCM Server 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS bit.ly Software nginx / Resource Hash fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Referer https://bit.ly/TAPSCAN Response headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 date Wed, 28 May 2025 04:07:44 GMT content-type application/json server nginx
GET DATA	200 OK	truncated / Frame C574	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 76d0c838aaafd0851ea346815f5ca3c275a137fca4deb4de276c2e877921520e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	20 KB 7 KB	320ms 102ms	Script text/javascript	142.251.40.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f1.1e100.net Software sffe / Resource Hash a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers content-encoding gzip etag "1747411493688989" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Wed, 28 May 2025 04:07:44 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 28 May 2025 04:07:44 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 7188 x-xss-protection 0 server sffe
GET H2	200	runner.html Show response ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 6EFF	13 KB 5 KB	286ms 86ms	Document text/html	142.251.40.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f1.1e100.net Software sffe / Resource Hash 14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/TAPSCAN Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1728 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5044 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 28 May 2025 03:38:57 GMT expires Wed, 28 May 2025 04:28:57 GMT last-modified Tue, 13 May 2025 23:17:50 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 9257	829 B 570 B	839ms 112ms	Document text/html	142.251.40.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f4.1e100.net Software ESF / Resource Hash 72381daf53a98210088ffee0324a179292d4af42df2cb9f65b6ddc663e92ef9c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-j-rAz7P0lGJzDktVXJbqdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bit.ly/TAPSCAN Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-j-rAz7P0lGJzDktVXJbqdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Wed, 28 May 2025 04:07:45 GMT expires Wed, 28 May 2025 04:07:45 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C574	0 0	111ms 110ms	Fetch image/gif	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 28 May 2025 04:07:44 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C574	0 0	107ms 105ms	Fetch image/gif	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 28 May 2025 04:07:44 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame C574	0 0	198ms 196ms	Fetch image/gif	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseHGrtlS_qGTUfaX5Nuac83f6pyHMIy11Wq2SnMFyOoBE8i5fKdeabDVwiPauq0i2yaIrW9D_M2E9HZaVylu7qT1EXeB-elLL68QtdgGiLTKFZXOgAO76iLht4WTvgkgyAR5wBi2N1WF6bLwvMkpT-YDG7p2OxBOFsHTuNOm6Ng8MKbcl1xJtNiOzYiDEXRYKxXEA2dl4VnnnzfUeSyzzzFxUBwqHn1cXTNxRYr398TC4m-jMJOr5u_4BCekqzPIYwmulvp32HvokBJ2wnqTeLlf01-YUufKiojNrFl5U73YrJXrLGqwDyOD3ezooVY8Mr0_tEcyJ2E1zzSZB4i7L9TqK3IL9etkLOfyTtij8maQ5EGyf7j3pugdHg0rug8bMU0sgJi8U0HnOWSdk858EUPDa1HyY6gcbIPSBxSqqbCdULSHdUw7_imPRJLML4Gt3C4YEquEBEfhs&sai=AMfl-YT_EDmPdwmKjpKBlpm9j8A1PXHPeWBukQFouVZf4lvnMO6JvTU3KeFS9hPJ-I5RohfdJ8GwgJoHqoVqjX-A2n3n3eltCpesf92_-FCLJqd38Ms0Q5b5t4Ndx_AfkKwLwgfJgho-9wajBpUXJbZ5&sig=Cg0ArKJSzFdtzgz88X7UEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Wed, 28 May 2025 04:07:44 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Wed, 28 May 2025 04:07:44 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C574	0 0	104ms 103ms	Fetch image/gif	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 28 May 2025 04:07:44 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	Wb8bPZigRvc_GFKs9artHwCAEk0Ifr6vx8-xXlqx1qs.js Show response pagead2.googlesyndication.com/bg/ Frame 6EFF	54 KB 21 KB	296ms 96ms	Script text/javascript	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Wb8bPZigRvc_GFKs9artHwCAEk0Ifr6vx8-xXlqx1qs.js Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software sffe / Resource Hash 59bf1b3d98a046f73f1852acf5aaed1f0080124d087ebeafc7cfb15e5ab1d6ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://ep2.adtrafficquality.google/ Response headers content-encoding br age 280791 report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} x-content-type-options nosniff expires Sun, 24 May 2026 22:07:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 24 May 2025 22:07:54 GMT last-modified Mon, 19 May 2025 09:28:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="botguard-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs accept-ranges bytes content-length 21184 x-xss-protection 0 server sffe
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 9257	0 17 B	247ms 142ms	Image image/	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202505200101&jk=6025686323638432&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://www.google.com/ Response headers timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 28 May 2025 04:07:45 GMT x-xss-protection 0 content-type image/ server cafe
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame C574	42 B 65 B	128ms 127ms	Fetch image/gif	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthxZsJM0RBZrFJbPis8WaNAIL-3w7R54D3x3BFEPugnlkQBUI-TYFNnCICUz4W8Mr_1-IYqiqA3bcd-ag7KBg1mgn5ZAVcBuh5QqGwIWsNtjQlCjZhycjuy_x-_OiRh3SmQXcTyUqASAmKKQVkVa5Dy72-JOqq0EQfWGwGEv_u8dHzfUI&sig=Cg0ArKJSzKZXudMRLhJqEAE&id=lidar2&mcvt=1000&p=190,161,470,497&tm=1013.0999984741211&tu=13.200000762939453&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3309689787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4433806400&rst=1748405264226&rpt=545&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 28 May 2025 04:07:45 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	204	generate_204 ep2.adtrafficquality.google/ Frame 6EFF	0 40 B	93ms 92ms	Image text/plain	142.251.40.225 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ep2.adtrafficquality.google/generate_204?_YpTZg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 28 May 2025 04:07:46 GMT cross-origin-resource-policy cross-origin
GET H3	204	sodar ep1.adtrafficquality.google/pagead/	0 17 B	188ms 185ms	Image image/	142.251.35.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505200101&jk=6025686323638432&bg=!2dql2pXNAAYA59AtIOc7ADQBe5WfOOXk8xN_bWvOw4VUs0yen7rLOisfcwzQXs-dS2c-xzUewPIz0FShBP8gOsLsAf6QAgAAAIdSAAAACmgBB34ANr8OZphgZg2qrSiU66YJ95MepLiVnBy96_DfVTW4KFIOUZUfjK5MJVcuM3H8sPcheJiMVdgMDAoApHEwgKOQTLMujZGYsFWsLsUvqRGenXCXaNmZKg4IpBtzBffaO6Lll1WQ08DWgVsULXcbyRZB-VWOElVdCgIXp1kQl7tEpD5mF-E853UcnnuOtykn4Nvoa_i5IbE4iwzcPpvdFW_FiNV64_ehkqHcrhh8gov6PQEJtubE8x5OJJTWlGxTbgWmAlKAvreLKstlh0ExygJ3DNoLQoME96JZlGhmTCAwmQJTf9capuUQ_o57YzIslMWGckCfH-zk-GDFGPsQU-RL0ECP5UpSNxxBsCO7KNN2vnOcLiF4MV8RmogTG_fXTGVImAjIOR2rzSZ0sQYfJO0ZII62CCR3ohPrfxa_5ZtnFVPO-vD3SGVaXvCabxWEXAptNBm5e0oEsVL0FiRQN8OUqPnZ_99gnR5itrCIqxtylrxDPkdn4h3XJ7Lr7Mavrblz8Ga40kfsQSClQrCtBJuUr1vzP01Fy8-cl34KoMKOlth14vVtoH53F3soqokJU912qit0i2YS60jq8SuI_tCKTma782YNDEojo0mLxV2zOCdpwR-wMbn5NLrNpmLAMUiSSnFHDGOQ3qGZ_PxRUlmBlDRLY-FrQlnpHsJ5GjTzRnyrqPbh44o5tC-hWMPiL9Y4Coc0I9XfLQaEWaYqoHeRs1kaOqjcE_HuDe4oiJsdyOUpfXorFEwcfK6MEsLK-4oWXwMkGZb1sv673wEtbQ2onJzJFMRWHcTlOwWJ81JbBOibZXZ528JFtJaEs_dSaVMCryGlHngIePXaaEL-4yKxZlRzKE6yhmHoTMS7jW13k-Mx2zlg3e6rmdL42NYO_gB5u7pBeTmGXcoekxaQd2d9tAJCubUYpDXwiybUmTG9Dw3c6WrDBoq0FCHSrkueS54xrlQFlTvwILbRIJK2nrcJb2xtxDoEGEYxji5w50FSToeG6dq8fpl2dGE9GSq9x0cPQbrjRn3D31MBf-3dkbqwstbeyde59HcdS5GY8D8CSPJ_XE__nSY_pTcZr3asMfMq3t26BQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://bit.ly/TAPSCAN Response headers timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 28 May 2025 04:07:46 GMT x-xss-protection 0 content-type image/ server cafe

16 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| previewPage object| openDuration object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| targeting object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-21 09:59:17	Name: _bit Value: p4s47F-6da8d1be62f916efd2-00N
			.bit.ly/	1970-01-21 15:01:41	Name: __gads Value: ID=0c436174398f8844:T=1748405263:RT=1748405263:S=ALNI_MYudi2WUusi8BeeVfs_A26WmGhF3g
			.bit.ly/	1970-01-21 15:01:41	Name: __gpi Value: UID=000010d159b41e17:T=1748405263:RT=1748405263:S=ALNI_Mb24jwbKBErjE2X8UScRnAFndiZLg
			.bit.ly/	1970-01-21 09:59:17	Name: __eoi Value: ID=9a5460dce49f0802:T=1748405263:RT=1748405263:S=AA-AfjavNlq_RV5KpDpa1LM9tXCl
			.doubleclick.net/	1970-01-21 15:16:05	Name: IDE Value: AHWqTUnYt6K8a-f_bp8Y-l2gUNfMEpQ7IJxSPlHVCaTyLEzkUX6K1vEOZR7ZxvOZMfQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A091133C0F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa3e86e67932a8bc28cf8dd16624622a.safeframe.googlesyndication.com
bit.ly
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
play-lh.googleusercontent.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
142.250.64.66
142.250.65.225
142.250.80.66
142.251.35.162
142.251.40.164
142.251.40.182
142.251.40.225
142.251.40.97
3.168.96.221
67.199.248.11
030d175e35e902db8d11cf6f37b0bbedc12aef5ffaecd4ed748ff2777c2b7c20
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad
56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
59bf1b3d98a046f73f1852acf5aaed1f0080124d087ebeafc7cfb15e5ab1d6ab
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
72381daf53a98210088ffee0324a179292d4af42df2cb9f65b6ddc663e92ef9c
76d0c838aaafd0851ea346815f5ca3c275a137fca4deb4de276c2e877921520e
7b5acbd275f8c60c6380bb6f685ec223615835fa2084b1161850dee909d0c8b0
8d057dc4a835f2f32d83bd33303b0c4cadc1c1584afe24ac583003f64835707b
9b502c40cea58eb57328f78cf48c787ab82d46606203a135bbb813ee19fb6c6d
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
aea18751d1237bfbdc12b9980842a50a5120430672cf4e2b39ae82dd4c0da039
b6477e134ed98b567226156c6035fc934fd56cf5142c66e3da3941762490a2ae
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e
cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1
d2ef6f459c3529de8f36032504c1282a8170dbd1d14c7443f3123862a46cbde0
e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b
e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
fffd57c76ee8c6d3f04a4a834b07afed400947252ef8f272d8d837ca25b4ba76