urlscan.io logo urlscan.io
SecurityTrails logo

bit.ly Open in urlscan Pro
67.199.248.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://bit.ly/MLK-Craft
Submission: On January 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 33 domains to perform 72 HTTP transactions. The main IP is 67.199.248.10, located in United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 5748.
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 26th 2025. Valid for: a year.
This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 67.199.248.10 396982 (GOOGLE-CL...)
12 99.84.169.197 16509 (AMAZON-02)
1 172.253.115.97 15169 (GOOGLE)
1 3.168.122.29 16509 (AMAZON-02)
5 172.253.115.155 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 172.253.122.132 15169 (GOOGLE)
1 172.253.115.156 15169 (GOOGLE)
6 172.66.41.9 13335 (CLOUDFLAR...)
4 142.250.31.155 15169 (GOOGLE)
2 192.178.155.132 15169 (GOOGLE)
1 142.251.163.104 15169 (GOOGLE)
1 172.66.42.247 13335 (CLOUDFLAR...)
72 14
4    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
12    99.84.169.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-169-197.jfk50.r.cloudfront.net
d1ayxb9ooonjts.cloudfront.net
1    172.253.115.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f97.1e100.net
www.googletagmanager.com
1    3.168.122.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-29.jfk52.r.cloudfront.net
bitly.fides-cdn.ethyca.com
5    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
securepubads.g.doubleclick.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com
1    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
ep1.adtrafficquality.google
6    172.66.41.9 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
4    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
pagead2.googlesyndication.com
2    192.178.155.132 (United States)

ASN15169 (GOOGLE, US)
PTR: yuiadrs-in-f132.1e100.net
ep2.adtrafficquality.google
1    142.251.163.104 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net
www.google.com
1    172.66.42.247 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
router.infolinks.com
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d1ayxb9ooonjts.cloudfront.net
d188m5xxcpvuue.cloudfront.net Failed
34 KB
7 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 8266
router.infolinks.com — Cisco Umbrella Rank: 2736
rt3012.infolinks.com Failed
74 KB
5 googlesyndication.com
af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
73 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 273
254 KB
4 bit.ly
bit.ly — Cisco Umbrella Rank: 5748
20 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 350
ep2.adtrafficquality.google — Cisco Umbrella Rank: 359
26 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
571 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2077
3 KB
1 ethyca.com
bitly.fides-cdn.ethyca.com — Cisco Umbrella Rank: 39970
86 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
99 KB
0 inmobi.com Failed
sync.inmobi.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 quantserve.com Failed
cms.quantserve.com Failed
0 mgid.com Failed
cm-x.mgid.com Failed
0 media.net Failed
cs.media.net Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 casalemedia.com Failed
ssum-sec.casalemedia.com Failed
0 lijit.com Failed
ap.lijit.com Failed
0 fwmrm.net Failed
user-sync.fwmrm.net Failed
0 adkernel.com Failed
sync.adkernel.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 openx.net Failed
u.openx.net Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 iqm.com Failed
pxl.iqm.com Failed
0 criteo.com Failed
ssp-sync.criteo.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 adnxs.com Failed
ib.adnxs.com Failed
0 pubmatic.com Failed
image8.pubmatic.com Failed
72 33
Domain Requested by
12 d1ayxb9ooonjts.cloudfront.net bit.ly
5 securepubads.g.doubleclick.net bit.ly
securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
ep2.adtrafficquality.google
4 resources.infolinks.com securepubads.g.doubleclick.net
bit.ly
resources.infolinks.com
router.infolinks.com
4 bit.ly bit.ly
3 router.infolinks.com resources.infolinks.com
router.infolinks.com
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 bitly.fides-cdn.ethyca.com bit.ly
1 www.googletagmanager.com bit.ly
0 sync.inmobi.com Failed router.infolinks.com
0 ssc-cms.33across.com Failed router.infolinks.com
0 ssp.disqus.com Failed router.infolinks.com
0 p.rfihub.com Failed router.infolinks.com
0 cms.quantserve.com Failed router.infolinks.com
0 cm-x.mgid.com Failed router.infolinks.com
0 cs.media.net Failed router.infolinks.com
0 onetag-sys.com Failed router.infolinks.com
0 ssum-sec.casalemedia.com Failed router.infolinks.com
0 ap.lijit.com Failed router.infolinks.com
0 user-sync.fwmrm.net Failed router.infolinks.com
0 sync.adkernel.com Failed router.infolinks.com
0 ad.360yield.com Failed router.infolinks.com
0 sync.go.sonobi.com Failed router.infolinks.com
0 eb2.3lift.com Failed router.infolinks.com
0 sync.1rx.io Failed router.infolinks.com
0 u.openx.net Failed router.infolinks.com
0 ssbsync.smartadserver.com Failed router.infolinks.com
0 pxl.iqm.com Failed router.infolinks.com
0 ssp-sync.criteo.com Failed router.infolinks.com
0 match.sharethrough.com Failed router.infolinks.com
0 ib.adnxs.com Failed router.infolinks.com
0 image8.pubmatic.com Failed router.infolinks.com
0 rt3012.infolinks.com Failed resources.infolinks.com
0 d188m5xxcpvuue.cloudfront.net Failed bit.ly
72 38

This site contains links to these domains. Also see Links.

Domain
bitly.com
www.teacherspayteachers.com
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
bit.ly
DigiCert EV RSA CA G2		 2025-03-26 -
2026-03-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2025-05-05 -
2026-04-23		 a year crt.sh
*.google-analytics.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
bitly.fides-cdn.ethyca.com
Amazon RSA 2048 M01		 2025-10-23 -
2026-11-21		 a year crt.sh
*.g.doubleclick.net
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2025-12-06 -
2026-03-06		 3 months crt.sh
adtrafficquality.google
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
infolinks.com
WE1		 2025-11-26 -
2026-02-24		 3 months crt.sh
*.google.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/MLK-Craft
Frame ID: EBFB47072E4ACDD41AC304A6AF598174
Requests: 30 HTTP requests in this frame

Frame: https://af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 3C63DFA82D9793E3D997A2C505E41DC3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshD0u84eOUC9zLfagRtax1G7QXAKsgMG0DQpdB52lpffWhpkKalDoIubL7qBXWNWDt2Y40a0zMpsKNDwxQTaGfray0_8Wc9HYJ7IpTAFKbJznMRb3IvbaaGjQyNP7gFhy47XO2ehdCUWg5Tdpmx08JT3mEim3KSd7rAh-lqXG56I517_cNp0Kq81k2Z_HoFI4nthCPQpd-CXu_ysq-epLfkt8vi0kpLpETfDIKk4_qPUjTjtaM_Vf_v9LXmsWg69T01WqBsyWmjSx7el6XlsZ7dunrXNyataXsTmZblKTxbTVAJoUikS_-X1KEVaroDOiw-6UQf0qYLcafrpNHO8MpdmmXUzpx-b4zbEveBCZV1bQIuggxbfFNEagaTsYME-P9klXhUzqUC8P2KDFT0ATSmomIJzr9rVBhYe7ULwA82qMI43ZOG6J_5xtL9EIf_3VCjmprosBOJSXV3iTP19NQBcufdPDmgCAJoyY7OFjsJJuc9Q&sai=AMfl-YQxI9gCXQkfFLrlNv1BOlomo-ANtAjocJ3iwHpvqFfCn9u5fCY__3uHCtqetELs-FoHGQRaqJMFiE28mAGYJDUPh8_ceYvy8JHFnR5yer7T0njZ3rKAMsX7XUWKOmv-ia_5_g3iONYOYj8F2d_lKRCqVEk3e4P14y4UK8F1EOXGp7C4-YK-J_E_W77Y5BLVztpc3WcIXXEdO_5TCZbMNA_Qm6YLHtkXE-7YFmLCYVviUxGomRT7DL8oags7HVPFdEyyByqjfq_G-TxvrGlLnTB9cj7AAJU&sig=Cg0ArKJSzHbjNK7gd_bDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BC12F765F8D675A85411F386E6C8588B
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 03292C29C071945C7CBEA2A3FD768B2F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AEB6D8867680588BC47291DFACCA7B1F
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=1873275&wsid=0&pdom=bit.ly&purl=https%3A%2F%2Fbit.ly%2FMLK-Craft
Frame ID: 36B4C575B0CE8AA2BF6D8BA111E889B1
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitly | bit.ly/3tItXwu

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

72
Requests

56 %
HTTPS

0 %
IPv6

33
Domains

38
Subdomains

14
IPs

2
Countries

670 kB
Transfer

2343 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MLK-Craft
bit.ly/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
e89cff3a0c4e797584656609a8de193f287b3bc6b94439e68f6f467b3a013417

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
19963
content-type
text/html; charset=utf-8
date
Mon, 12 Jan 2026 22:21:00 GMT
server
nginx
via
1.1 google
x-robots-tag
noindex
F91CE64489DC8F93951CBC1B287E2C712CA507BB.css
d1ayxb9ooonjts.cloudfront.net/d/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/F91CE64489DC8F93951CBC1B287E2C712CA507BB.css
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e7092eb1e0435cb3e7e16af9c4b94f66e441adcc54e70e765deb5515ca8f6504

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

x-amz-cf-pop
JFK50-P15
content-encoding
gzip
etag
W/"aad44d254e1f4b1d19184c0ad6b04a53"
age
29337
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
IG-v7dWTwYDsO9QaQuDBR8MAAwpuA3h0A34bGWWSAt5-ueSNAB4l9g==
date
Mon, 12 Jan 2026 14:12:06 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
server
nginx
last-modified
Mon, 08 Dec 2025 18:24:53 GMT
x-amz-server-side-encryption
AES256
3DC3BA2A8BE1E83FB5EC686B19E6B2E826832925.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/3DC3BA2A8BE1E83FB5EC686B19E6B2E826832925.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
8bf84cfc3821ee2997d6cc4e225d8109fb9d96471514ee2f74567ebb529a35f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

x-amz-cf-pop
JFK50-P15
content-encoding
gzip
etag
W/"7ed4a86da8ac8513ff38cd1aee3a622e"
age
48000
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fDDnLqifrKHNaMifjsnhFS6bk_KmXIKPMYoCKVvGzLiktdbM5JLkog==
date
Mon, 12 Jan 2026 09:01:01 GMT
content-type
image/svg+xml
vary
accept-encoding
server
nginx
last-modified
Thu, 18 Sep 2025 16:21:55 GMT
x-amz-server-side-encryption
AES256
EE34869B3F0840F31B6D5DE09D8F0B6DFC40C387.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/EE34869B3F0840F31B6D5DE09D8F0B6DFC40C387.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
be4500e7b42eca45cd4ee26f374a3171f337151dc2dbb9f35e005d3673c096e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

x-amz-cf-pop
JFK50-P15
content-encoding
gzip
etag
W/"638d1ef587f6dd54f95f115360b3896c"
age
56924
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Px3WAtuCtGAgZNCkZeCxOb1-IFHiTQixKKmJLt6PvRYoCfZCiA8SWA==
date
Mon, 12 Jan 2026 06:32:17 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Thu, 18 Sep 2025 16:21:55 GMT
x-amz-server-side-encryption
AES256
823019EDC46590AC6760074AE3618E428979FFB7.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		817 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/823019EDC46590AC6760074AE3618E428979FFB7.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
f8d2d057439590596cf29413aefe22d9638a98b3715ad85c9e70768787826770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"fee3ab30c57bc01fa8effc1d2c44f4b0"
age
43443
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
817
x-amz-cf-id
0MQ4hmqSwib5OfC6M-ivBhx5j30Y__erWpOdI7sgHeTMFUo-xWll-A==
date
Mon, 12 Jan 2026 10:16:58 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Sep 2025 16:21:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
D24420DD84E9B94BF7001D19FEB86276465EDBB1.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/D24420DD84E9B94BF7001D19FEB86276465EDBB1.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
f46171b424e6627e6d48f507707e10b8ac9fe3a2dc648eb7d4bcb7efa39d50fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"7b5ab48cac0ac7573e36c7525b4c2ae5"
age
45873
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
778
x-amz-cf-id
_MAsW4Zcgs6LW5MpDcez2-yZx-N5FoaOfhG_Wk2n1c8EMoH3qSc-UQ==
date
Mon, 12 Jan 2026 09:36:28 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Sep 2025 16:21:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
2EF0EA802EA179D91FCCF38427538EB00B41BBCD.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		515 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/2EF0EA802EA179D91FCCF38427538EB00B41BBCD.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
49ea5b89c77f6c7691df12f1fa42b962c1857c4f27de1a9bcdf17040a0066873

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"cdd74447ac16d72d8813af70862e21e5"
age
52608
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
515
x-amz-cf-id
yux2AYforBgvXjAFCwwYgLqH-VQfOv7LiUYNnblnrRZcXNJv_F-P2g==
date
Mon, 12 Jan 2026 07:44:13 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Sep 2025 16:21:55 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"a6c2aae1b41d9e328c4f8e6c34e3d12c"
age
47046
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
17206
x-amz-cf-id
HIeYu8hg60jZgVHLIivW_G4FbC8HoxK1_omQhHk_A18SqLTwm8x16g==
date
Mon, 12 Jan 2026 09:16:55 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 17:03:54 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
8F3DE83972DE9FAF0F1BFB78EEE9B328961E4BD6.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		545 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/8F3DE83972DE9FAF0F1BFB78EEE9B328961E4BD6.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
04c48af63be3214a9554d5ed50cea2081bf2151f6fa783f6aa05f5d46403ece7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"920d002a6c8d36fd4afab15abc0aa789"
age
47150
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
545
x-amz-cf-id
332DtMaWjBaOf5I8ro6KhUW-twZSppU4vzv0yt_oksTZZUoAcjVPBQ==
date
Mon, 12 Jan 2026 09:15:21 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Sep 2025 16:21:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
2D3B3BE2727BCB4DB9F28A127A519959F5965C8B.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/2D3B3BE2727BCB4DB9F28A127A519959F5965C8B.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
6d9e61314774c5d5207bb8bbf79f347ab7ab2606300cf29b6c884df898cb6f77

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

x-amz-cf-pop
JFK50-P15
content-encoding
gzip
etag
W/"28839cbd3e50109d160a8e818e76eb21"
age
57298
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
c2op7z75MDsKh_Z6vIhZbhvY-jd-Bm-azQND0HjKzhgQWhkZe7DI8Q==
date
Mon, 12 Jan 2026 06:26:03 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Thu, 18 Sep 2025 16:21:56 GMT
x-amz-server-side-encryption
AES256
3D3FDD2797AD35A817818C99BE2501EE2054C6A8.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		609 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/3D3FDD2797AD35A817818C99BE2501EE2054C6A8.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9b3914a463e5577e734306e5867bb5d6762972fb8af244a7722dd225c95955c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"96614f61733dfb8a73f7cf7df824f557"
age
48044
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
609
x-amz-cf-id
G51cHf11nI6i1HRZP9Flf3_UbB-BVzXeCeaZpcoqj7NdUD3MX288OQ==
date
Mon, 12 Jan 2026 09:00:19 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Sep 2025 16:21:55 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
1462554B7896CF129BC400286CDF784C56018B6A.svg
d1ayxb9ooonjts.cloudfront.net/d/ 		971 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/1462554B7896CF129BC400286CDF784C56018B6A.svg
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e4ecd543581da4a4b57caf4ce214efbf69522be9cd7ad73b367c64371007bd6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"a0c1a18aacc51256f7f3a7c01885268a"
age
52248
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
971
x-amz-cf-id
2trU0cNrN9peoWWn7CKIAk6clesQa7SjaU5ozIMUg27UkL4SqhpW2Q==
date
Mon, 12 Jan 2026 07:50:16 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Sep 2025 16:21:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
beacon
bit.ly/preview_page/ 		16 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/MLK-Craft

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Mon, 12 Jan 2026 22:21:01 GMT
content-type
application/json
server
nginx
gtm.js
www.googletagmanager.com/ 		275 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PWRJL959
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d74d3d0a0a5ad0c0d673f2577a9693142e7dd11e4adace32dee3ce4e606f69e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

content-encoding
zstd
expires
Mon, 12 Jan 2026 22:21:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 22:21:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 12 Jan 2026 21:47:52 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
101156
x-xss-protection
0
server
Google Tag Manager
fides.js
bitly.fides-cdn.ethyca.com/ 		666 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitly.fides-cdn.ethyca.com/fides.js?&property_id=FDS-I3S3I5
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-122-29.jfk52.r.cloudfront.net
Software
/
Resource Hash
67d32372a6518aa4d5fcd5e4d6a6f8bc1e4972d5d2ce269be66b7fccb17b7b00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
etag
"ptzjvquaf1emdr"
age
1095
via
1.1 92f94ac195c7f28197d4898bcd6519b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
0O3syS_mN2Cfg5gDqPPcGoFOtPqIIxyNNX-8jQC-59SesPhIMmtgQw==
date
Mon, 12 Jan 2026 22:02:46 GMT
content-type
application/javascript
vary
cloudfront-viewer-country,cloudfront-viewer-country-region,Accept-Encoding
x-amz-cf-pop
JFK52-P7
access-control-allow-headers
*
beacon
bit.ly/preview_page/ 		16 B
29 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/MLK-Craft

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Mon, 12 Jan 2026 22:21:02 GMT
content-type
application/json
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
933ad6fedc28c069d72aec9c898e7f657a077fcb4d1b76edd471ab4efc035cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

content-encoding
br
etag
612 / 20465 / m202601080101 / config-hash: 11336576966442140746
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 22:21:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 Jan 2026 22:21:02 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34715
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/ 		616 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
aeb3b009a488bdb9577653f671a0914b094f63822ff9ab0eef9b8b37b4d44cae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

content-encoding
br
etag
12916109649809660227
age
2941
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 21:32:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 Jan 2026 21:32:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
198768
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202601080101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202601080101/gpt
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
cf60345b955ac106d87ed26a2f73cb9bd0281293dab0f9a1b5b06e27d5064374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
13241406385580415262
age
3720
x-content-type-options
nosniff
expires
Mon, 19 Jan 2026 21:19:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 Jan 2026 21:19:02 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23231
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202601080101"
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

etag
861bdaf24bda5c0db45c6ebe1c94a9eb
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2729
date
Mon, 12 Jan 2026 22:21:03 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 05 Feb 2025 14:45:21 GMT
server
Google Frontend
x-cloud-trace-context
c7485db15642be06b23b31b5121989c9
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5388223988675822&correlator=3058764865737478&eid=31088081%2C83321072&output=ldjh&gdfp_req=1&vrg=202601080101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&dids=div-gpt-ad-1724340542602-0&adfs=3434351373&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1768256463143&lmt=1768256463&adxs=179&adys=376&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2FMLK-Craft&vis=1&psz=658x657&msz=300x0&fws=0&ohw=0&a3p=EhcKCHJ0YmhvdXNlGJ7CsaK7M0gAUgIIZA..&psd=WzMxLFtdXQ..&dlt=1768256460552&idt=2529&prev_scp=ac%3DPrior_to_2023%26g%3DUS%26cohort%3Dcohort3%26connection_type%3Dlink%26browser%3Dchrome%26dt%3Ddesktop%26hw%3D46%26dg%3DUS%26tt%3Dcore%26t%3Dg_e&adks=3309689787&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
c9e67f4d3bee1475cdfa94182cad56f464c2ffdf28864d235d65680232351d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

content-encoding
dcb
google-lineitem-id
6944282860
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 Jan 2026 22:21:03 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138510441884
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://bit.ly
content-length
3302
x-xss-protection
0
server
cafe
container.html
af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 3C63 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/MLK-Craft
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jan 2026 22:21:03 GMT
expires
Mon, 12 Jan 2026 22:21:03 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202601080101&st=env&sjk=5388223988675822
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
6255e496afa6035f7340e899d17247447f406d42618d42b0770c7ad2422150f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13504
date
Mon, 12 Jan 2026 22:21:03 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
911DC5232AD960E5CD922312AAAA1768D921C30F.png
d1ayxb9ooonjts.cloudfront.net/d/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1ayxb9ooonjts.cloudfront.net/d/911DC5232AD960E5CD922312AAAA1768D921C30F.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.169.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-169-197.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

vary
accept-encoding
etag
"de191ceae91ff28f37bcd7fe122e3a09"
age
29337
via
1.1 6c7ea40580de9d2983b3dfe024472fb0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1142
x-amz-cf-id
qzcAS35dm3_a1Keh3y792oa_P9g9yPzgh0yy-BsaugVKqE8SfF-AcQ==
date
Mon, 12 Jan 2026 14:12:06 GMT
content-type
image/png
last-modified
Thu, 06 Mar 2025 12:29:31 GMT
server
nginx
x-amz-cf-pop
JFK50-P15
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame BC12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshD0u84eOUC9zLfagRtax1G7QXAKsgMG0DQpdB52lpffWhpkKalDoIubL7qBXWNWDt2Y40a0zMpsKNDwxQTaGfray0_8Wc9HYJ7IpTAFKbJznMRb3IvbaaGjQyNP7gFhy47XO2ehdCUWg5Tdpmx08JT3mEim3KSd7rAh-lqXG56I517_cNp0Kq81k2Z_HoFI4nthCPQpd-CXu_ysq-epLfkt8vi0kpLpETfDIKk4_qPUjTjtaM_Vf_v9LXmsWg69T01WqBsyWmjSx7el6XlsZ7dunrXNyataXsTmZblKTxbTVAJoUikS_-X1KEVaroDOiw-6UQf0qYLcafrpNHO8MpdmmXUzpx-b4zbEveBCZV1bQIuggxbfFNEagaTsYME-P9klXhUzqUC8P2KDFT0ATSmomIJzr9rVBhYe7ULwA82qMI43ZOG6J_5xtL9EIf_3VCjmprosBOJSXV3iTP19NQBcufdPDmgCAJoyY7OFjsJJuc9Q&sai=AMfl-YQxI9gCXQkfFLrlNv1BOlomo-ANtAjocJ3iwHpvqFfCn9u5fCY__3uHCtqetELs-FoHGQRaqJMFiE28mAGYJDUPh8_ceYvy8JHFnR5yer7T0njZ3rKAMsX7XUWKOmv-ia_5_g3iONYOYj8F2d_lKRCqVEk3e4P14y4UK8F1EOXGp7C4-YK-J_E_W77Y5BLVztpc3WcIXXEdO_5TCZbMNA_Qm6YLHtkXE-7YFmLCYVviUxGomRT7DL8oags7HVPFdEyyByqjfq_G-TxvrGlLnTB9cj7AAJU&sig=Cg0ArKJSzHbjNK7gd_bDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 22:21:03 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 12 Jan 2026 22:21:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
infolinks_main.js
resources.infolinks.com/js/ Frame BC12 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3980f5c20f0980339c75849625c0eba4760a66c5bb7719a56736112b0774c1cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"119c-647b39e9e89d9"
age
3413
via
1.1 google
cf-ray
9bd00b73ce5ae765-DEN
expires
Mon, 12 Jan 2026 22:24:10 GMT
date
Mon, 12 Jan 2026 22:21:03 GMT
content-type
application/javascript
last-modified
Tue, 06 Jan 2026 08:04:06 GMT
server
cloudflare
vary
accept-encoding
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BC12 		227 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

content-encoding
br
etag
12901288525138330123
age
1946
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 22:48:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 12 Jan 2026 21:48:37 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
71561
x-xss-protection
0
server
cafe
beacon
bit.ly/preview_page/ 		16 B
29 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bit.ly/preview_page/beacon
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
bit.ly
Software
nginx /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://bit.ly/MLK-Craft

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
date
Mon, 12 Jan 2026 22:21:03 GMT
content-type
application/json
server
nginx
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.178.155.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yuiadrs-in-f132.1e100.net
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 22:21:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 22:21:04 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
frame_content.js
resources.infolinks.com/js/2016.007-4.011/ Frame BC12 		3 KB
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/2016.007-4.011/frame_content.js
Requested by
Host: bit.ly
URL: https://bit.ly/MLK-Craft
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08aa4358f1d5ecbd9cd1830f8ab5867465c4d48cae63442ae9252e2ce7e1f2de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"a0d-64763aebc7e77"
age
1685
via
1.1 google
cf-ray
9bd00b74aae1e765-DEN
expires
Wed, 11 Feb 2026 21:52:58 GMT
date
Mon, 12 Jan 2026 22:21:04 GMT
content-type
application/javascript
last-modified
Fri, 02 Jan 2026 08:41:59 GMT
server
cloudflare
vary
accept-encoding
remote.js
d188m5xxcpvuue.cloudfront.net/mtc/cmd/ Frame BC12 		0
0
ice.js
resources.infolinks.com/js/2016.007-4.011/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/2016.007-4.011/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/2016.007-4.011/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da432a112a677fe670de4fa87b3e37d727776c36ddc7c1a13873c9422ab3c8a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"35d09-64763aebc9200"
age
1681
via
1.1 google
cf-ray
9bd00b75cface765-DEN
expires
Wed, 11 Feb 2026 21:53:02 GMT
date
Mon, 12 Jan 2026 22:21:04 GMT
content-type
application/javascript
last-modified
Fri, 02 Jan 2026 08:41:59 GMT
server
cloudflare
vary
accept-encoding
frame_inplace.js
resources.infolinks.com/js/2016.007-4.011/ Frame BC12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/2016.007-4.011/frame_inplace.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/2016.007-4.011/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9992cbc19c2f5c2e807743f1292dcf64538d99fd09140330ca28bbb924fce65d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"b48-64763aebc7e77"
age
3394
via
1.1 google
cf-ray
9bd00b75e837e765-DEN
expires
Wed, 11 Feb 2026 21:24:30 GMT
date
Mon, 12 Jan 2026 22:21:04 GMT
content-type
application/javascript
last-modified
Fri, 02 Jan 2026 08:41:59 GMT
server
cloudflare
vary
accept-encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 12 Jan 2026 22:21:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 12 Jan 2026 22:21:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame BC12 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b9856bdf8254a8eb0414a8d8719683553a35b4d9459983c4bb057590f7134b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 12 Jan 2026 22:21:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 0329 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.178.155.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yuiadrs-in-f132.1e100.net
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/MLK-Craft
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jan 2026 22:10:36 GMT
expires
Mon, 12 Jan 2026 23:00:36 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AEB6 		829 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f104.1e100.net
Software
ESF /
Resource Hash
590b9b2cea270f5ac0bd5bf0c1b6173d6260b31001e183c72a4d2c2250f490e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MCBCDKMpCA6z8WjbuQ9UPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bit.ly/MLK-Craft
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MCBCDKMpCA6z8WjbuQ9UPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jan 2026 22:21:04 GMT
expires
Mon, 12 Jan 2026 22:21:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
manage
router.infolinks.com/usync/ Frame 36B4 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=1873275&wsid=0&pdom=bit.ly&purl=https%3A%2F%2Fbit.ly%2FMLK-Craft
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/2016.007-4.011/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43f1a725ac717c176cefbc2994783f0d71a45435d0ab912add5b291e8df36c0

Request headers

Referer
https://bit.ly/MLK-Craft
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
9bd00b78aec31f52-DEN
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 12 Jan 2026 22:21:04 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		283 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=1873275&wsid=0&pdom=bit.ly&purl=https%3A%2F%2Fbit.ly%2FMLK-Craft
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/2016.007-4.011/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb979c181a76b1d1f43e977f797bae020ea851a7d9338477a9c43950bb1e5a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
no-store
content-encoding
br
cf-cache-status
DYNAMIC
via
1.1 google
cf-ray
9bd00b7809ffe765-DEN
p3p
CP="NON DSP NID OUR COR"
date
Mon, 12 Jan 2026 22:21:04 GMT
content-type
application/javascript;charset=ISO-8859-1
server
cloudflare
gsd
router.infolinks.com/ 		322 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=1873275&pdom=bit.ly&purl=https%3A%2F%2Fbit.ly%2FMLK-Craft&jsv=2016.007-4.011&_cb=17682564645650
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/2016.007-4.011/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a863fa40bc3564af2425b9a33001c08763023852ad909f24f39a5fc24c9c4690

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://bit.ly/MLK-Craft

Response headers

cache-control
max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9bd00b77d91ce765-DEN
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP NID OUR COR"
date
Mon, 12 Jan 2026 22:21:04 GMT
content-type
text/javascript;charset=UTF-8
server
cloudflare
doq.htm
rt3012.infolinks.com/action/ 		0
0
iqusync-1.46.min.js
resources.infolinks.com/static/usync/ 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AEB6 		0
0
pDqMMZkda3lQRUgqpS5JK3oWoYXrgZqWP3p6sDQANIk.js
pagead2.googlesyndication.com/bg/ Frame 0329 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 36B4 		0
0
getuid
ib.adnxs.com/ Frame 36B4 		0
0
v1
match.sharethrough.com/universal/ Frame 36B4 		0
0
redirect
ssp-sync.criteo.com/user-sync/ Frame 36B4 		0
0
infolink
pxl.iqm.com/i/ck/ Frame 36B4 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 36B4 		0
0
cm
u.openx.net/w/1.0/ Frame 36B4 		0
0
infolinks
sync.1rx.io/usersync2/ Frame 36B4 		0
0
getuid
eb2.3lift.com/ Frame 36B4 		0
0
us
sync.go.sonobi.com/ Frame 36B4 		0
0
server_match
ad.360yield.com/ Frame 36B4 		0
0
user-sync
sync.adkernel.com/ Frame 36B4 		0
0
u
user-sync.fwmrm.net/ad/ Frame 36B4 		0
0
pixel
ap.lijit.com/ Frame 36B4 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 36B4 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 36B4 		0
0
/
onetag-sys.com/usync/ Frame 36B4 		0
0
cksync
cs.media.net/ Frame 36B4 		0
0
5abf3d2eff2f70c0a0669cd9f0f84ba0.gif
cm-x.mgid.com/ Frame 36B4 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 36B4 		0
0
p-u1vdacBMXAcfT.gif
cms.quantserve.com/pixel/ Frame 36B4 		0
0
cm
p.rfihub.com/ Frame 36B4 		0
0
redirectuser
ssp.disqus.com/ Frame 36B4 		0
0
/
ssc-cms.33across.com/ps/ Frame 36B4 		0
0
oRTB
sync.inmobi.com/ Frame 36B4 		0
0
iq-usync
router.infolinks.com/dyn/ Frame 36B4 		0
0
gc-usync
router.infolinks.com/dyn/ Frame 36B4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d188m5xxcpvuue.cloudfront.net
URL
https://d188m5xxcpvuue.cloudfront.net/mtc/cmd/remote.js
Domain
rt3012.infolinks.com
URL
https://rt3012.infolinks.com/action/doq.htm?pcode=utf-8&r=17682564646871
Domain
resources.infolinks.com
URL
https://resources.infolinks.com/static/usync/iqusync-1.46.min.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202601080101&jk=5388223988675822&rc=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/pDqMMZkda3lQRUgqpS5JK3oWoYXrgZqWP3p6sDQANIk.js
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/redirect?profile=342&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fcrit-us%3Fuser_id%3D%24%7BCRITEO_USER_ID%7D
Domain
pxl.iqm.com
URL
https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent=
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/infolinks
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=208912&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqora-usync%3Fuid%3D%7BUID%7D
Domain
user-sync.fwmrm.net
URL
https://user-sync.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ffrwh-us%3Fuser_id%3D%23%7Buser.id%7D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90&tag=img&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fonetag-usync%3Fuid%3D%24%7BUSER_TOKEN%7D
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
Domain
cm-x.mgid.com
URL
https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=infolinks
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=43153&in=1
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fim-usync%3Fuid%3D%7BID5UID%7D
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/iq-usync
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/gc-usync

Verdicts & Comments Add Verdict or Comment

31 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| previewPage object| openDuration object| dataLayer function| gtag object| fides_overrides object| google_tag_manager object| google_tag_data object| Fides function| fidesDebugger object| googletag object| ggeac object| google_js_reporting_queue object| targeting object| google_reactive_ads_global_state number| google_unique_id object| GoogleGcLKhOms number| infolinks_pid boolean| infolinks_iframe string| infolinks_basePath string| infolinks_placement object| infolinks_slots boolean| infolinks_initFromFrame boolean| iceLoadStarted function| _typeof function| _defineProperty number| $iceId object| iqscript

7 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: q0cml0-207dcabfe08ce64414-00i
.bit.ly/ Name: __gads
Value: ID=5c2a5bfad5818216:T=1768256463:RT=1768256463:S=ALNI_MYZoS-ZhTlBZzCQb2GxGiyDZ6dgcA
.bit.ly/ Name: __gpi
Value: UID=00001325c2eedd2c:T=1768256463:RT=1768256463:S=ALNI_MbGwc6kq6gQi0GdLkBA3SiKPF7NzA
.bit.ly/ Name: __eoi
Value: ID=d2282204177d41cd:T=1768256463:RT=1768256463:S=AA-AfjaXoRXaVnvS5K43ImSbiM3a
.doubleclick.net/ Name: IDE
Value: AHWqTUk5vM2NvrjwONfrdv-kxgLy8JI5ugUsK1ZXPJBN9stPgRXcOdw-k4L--W1eSoA
bit.ly/ Name: logglytrackingsession
Value: ea24b3a5-ac36-4b15-871a-c336098ee1b6
.infolinks.com/ Name: cuid
Value: 109ef2c6-3ef5-4a71-b0d1-e560eb0d1e90

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
af871b176abf4e0da32f0774c2ed3a69.safeframe.googlesyndication.com
ap.lijit.com
bit.ly
bitly.fides-cdn.ethyca.com
cm-x.mgid.com
cms.quantserve.com
cs.media.net
d188m5xxcpvuue.cloudfront.net
d1ayxb9ooonjts.cloudfront.net
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
ib.adnxs.com
image8.pubmatic.com
invstatic101.creativecdn.com
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pxl.iqm.com
resources.infolinks.com
router.infolinks.com
rt3012.infolinks.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.inmobi.com
u.openx.net
user-sync.fwmrm.net
www.google.com
www.googletagmanager.com
ad.360yield.com
ap.lijit.com
cm-x.mgid.com
cms.quantserve.com
cs.media.net
d188m5xxcpvuue.cloudfront.net
eb2.3lift.com
ib.adnxs.com
image8.pubmatic.com
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pxl.iqm.com
resources.infolinks.com
router.infolinks.com
rt3012.infolinks.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.inmobi.com
u.openx.net
user-sync.fwmrm.net
142.250.31.155
142.251.163.104
172.253.115.155
172.253.115.156
172.253.115.97
172.253.122.132
172.66.41.9
172.66.42.247
192.178.155.132
3.168.122.29
34.96.70.87
67.199.248.10
99.84.169.197
04c48af63be3214a9554d5ed50cea2081bf2151f6fa783f6aa05f5d46403ece7
08aa4358f1d5ecbd9cd1830f8ab5867465c4d48cae63442ae9252e2ce7e1f2de
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
3980f5c20f0980339c75849625c0eba4760a66c5bb7719a56736112b0774c1cd
49ea5b89c77f6c7691df12f1fa42b962c1857c4f27de1a9bcdf17040a0066873
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
590b9b2cea270f5ac0bd5bf0c1b6173d6260b31001e183c72a4d2c2250f490e1
6255e496afa6035f7340e899d17247447f406d42618d42b0770c7ad2422150f2
67d32372a6518aa4d5fcd5e4d6a6f8bc1e4972d5d2ce269be66b7fccb17b7b00
6d9e61314774c5d5207bb8bbf79f347ab7ab2606300cf29b6c884df898cb6f77
73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8
7b9856bdf8254a8eb0414a8d8719683553a35b4d9459983c4bb057590f7134b2
8bf84cfc3821ee2997d6cc4e225d8109fb9d96471514ee2f74567ebb529a35f2
933ad6fedc28c069d72aec9c898e7f657a077fcb4d1b76edd471ab4efc035cd0
9992cbc19c2f5c2e807743f1292dcf64538d99fd09140330ca28bbb924fce65d
9bb979c181a76b1d1f43e977f797bae020ea851a7d9338477a9c43950bb1e5a4
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a863fa40bc3564af2425b9a33001c08763023852ad909f24f39a5fc24c9c4690
aeb3b009a488bdb9577653f671a0914b094f63822ff9ab0eef9b8b37b4d44cae
be4500e7b42eca45cd4ee26f374a3171f337151dc2dbb9f35e005d3673c096e0
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e
c43f1a725ac717c176cefbc2994783f0d71a45435d0ab912add5b291e8df36c0
c9e67f4d3bee1475cdfa94182cad56f464c2ffdf28864d235d65680232351d69
cf60345b955ac106d87ed26a2f73cb9bd0281293dab0f9a1b5b06e27d5064374
d74d3d0a0a5ad0c0d673f2577a9693142e7dd11e4adace32dee3ce4e606f69e8
d9b3914a463e5577e734306e5867bb5d6762972fb8af244a7722dd225c95955c
da432a112a677fe670de4fa87b3e37d727776c36ddc7c1a13873c9422ab3c8a0
e4ecd543581da4a4b57caf4ce214efbf69522be9cd7ad73b367c64371007bd6f
e7092eb1e0435cb3e7e16af9c4b94f66e441adcc54e70e765deb5515ca8f6504
e89cff3a0c4e797584656609a8de193f287b3bc6b94439e68f6f467b3a013417
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f46171b424e6627e6d48f507707e10b8ac9fe3a2dc648eb7d4bcb7efa39d50fe
f8d2d057439590596cf29413aefe22d9638a98b3715ad85c9e70768787826770
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce