bit.ly
67.199.248.11 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3XKNUwD 13yr old
Effective URL:
https://bit.ly/3XKNUwD 13yr old
Submission: On March 11 via api (March 11th 2026, 6:57:14 am UTC) from IL — Scanned from CA

Summary HTTP 42 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 9 domains to perform 42 HTTP transactions. The main IP is 67.199.248.11, located in United States and belongs to GOOGLE-CLOUD-PLATFORM - Google LLC, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 8027. 13yr old
TLS certificate: Issued by Amazon RSA 2048 M01 on February 24th 2026. Valid for: 7mo.

This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
12	99.84.169.128 99.84.169.128	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	142.250.65.72 142.250.65.72	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.168.122.29 3.168.122.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	142.250.191.2 142.250.191.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
1	142.251.210.33 142.251.210.33	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.250.191.1 142.250.191.1	15169 (GOOGLE) (GOOGLE - Google LLC)
7	142.251.211.162 142.251.211.162	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.251.45.194 142.251.45.194	15169 (GOOGLE) (GOOGLE - Google LLC)
3	142.250.217.129 142.250.217.129	15169 (GOOGLE) (GOOGLE - Google LLC)
1	142.251.40.228 142.251.40.228	15169 (GOOGLE) (GOOGLE - Google LLC)
42	14

4 67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: bit.ly

bit.ly 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 99.84.169.128 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-84-169-128.jfk50.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.65.72 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: iad23s91-in-f8.1e100.net

www.googletagmanager.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.168.122.29 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-168-122-29.jfk52.r.cloudfront.net

bitly.fides-cdn.ethyca.com 6mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 142.251.40.226 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lga34s39-in-f2.1e100.net

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.191.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnlgaa-az-in-f2.1e100.net

cm.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.210.33 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lclgaa-ba-in-f1.1e100.net

48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.191.1 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnlgaa-az-in-f1.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 142.251.211.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lclgaa-as-in-f2.1e100.net

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.45.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnlgaa-au-in-f2.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.250.217.129 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lclgaa-az-in-f1.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.40.228 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnlgaa-at-in-f4.1e100.net

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net d1ayxb9ooonjts.cloudfront.net 9yr old	31 KB
10	googlesyndication.com 48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com 1mo old tpc.googlesyndication.com — Cisco Umbrella Rank: 229 13yr old pagead2.googlesyndication.com — Cisco Umbrella Rank: 159 9yr old	122 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 337 9yr old cm.g.doubleclick.net — Cisco Umbrella Rank: 358 9yr old	264 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 411 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 412 2yr old	27 KB
4	bit.ly bit.ly — Cisco Umbrella Rank: 8027 13yr old	22 KB
1	google.com www.google.com — Cisco Umbrella Rank: 4 56yr old	569 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2682 4yr old	3 KB
1	ethyca.com bitly.fides-cdn.ethyca.com — Cisco Umbrella Rank: 50593 6mo old	91 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71 56yr old	107 KB
42	9

	Domain	Requested by
12	d1ayxb9ooonjts.cloudfront.net	bit.ly
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com ep2.adtrafficquality.google
6	securepubads.g.doubleclick.net	bit.ly securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	bit.ly	bit.ly
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google
1	48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cm.g.doubleclick.net	securepubads.g.doubleclick.net
1	bitly.fides-cdn.ethyca.com	bit.ly
1	www.googletagmanager.com	bit.ly
42	13

This site contains links to these domains. Also see Links.

Domain
bitly.com
ethyca.com
edu-il.co.il
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
bit.ly Amazon RSA 2048 M01	`2026-02-24` - `2026-09-09`	7mo	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2025-05-05` - `2026-04-23`	1yr	crt.sh
*.google-analytics.com WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh
bitly.fides-cdn.ethyca.com Amazon RSA 2048 M01	`2025-10-23` - `2026-11-21`	1yr	crt.sh
*.g.doubleclick.net WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh
invstatic101.creativecdn.com WR3	`2026-01-31` - `2026-05-01`	3mo	crt.sh
tpc.googlesyndication.com WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh
adtrafficquality.google WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh
*.google.com WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/3XKNUwD
Frame ID: 2B750207A7F3BE0F93A82628AC2ECF13
Requests: 26 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/partnerpixels?url=https%3A%2F%2Fbit.ly%2F3XKNUwD
Frame ID: D8968A9E5BDB7BA1DA78DCAE422137A8
Requests: 1 HTTP requests in this frame

Frame: https://48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 8A6235A8D5B57899990BF61839BC5763
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviC4ZEk7Z4Mk7bu2040PEaSMdzJcuWDIDryTOunxYEBh2zEbnfXzCHIO7od0Gd-2luGLOLOpGMnNM27LkOtc1_GMhl2tJHTyfZ62RUezRq610oMfUl477--hZMQ1e9zmcoEQPUqpJl0DZ2Am9w170gNDHu3hXrKr8RaGwaKPkgYWpMh3YAptxHeZEKya45gS6_RbcAsFIION30oZD1hxu0zjcyENzlg8HbLKj4S63-9WH8CKjG16_d5CXu9BA9X_9mETYPKfdqPkw6sUiskeukMFtjTrHUwrU_H95CL43737GtZSl1qpazwc8BG_o1pYc_A8kZl4ezEN8G7iIDiWetzg_RNUjuoTBLWETk6I0B3E47AuJ_yY-OgAYqR9ZuCcyyF0MBlM3cmz_iVCg7nkHUDohYBmcIyV1YOoYJzNYaox8hWdsr4Zc_u2JdJXYMeQUh450lE8N31cqkBvKYSUo7&sai=AMfl-YS55EdZoWgiQQ8z1pET8R99H2IEhvHnfvSsTTkPR2__-rGRjkoTxHs5ZkBmfzRNqZ1uNdo_33TwyQTUELVl8F1A5pmhr6UCKIWSk-xWe8FIaxm1u2ZhdW62J1l6fr8Xcc2cA8awgtaWY-VGC9NUl0x60ujCErhHZkte402_FAobqlLeuUsQGrkls2AuxLaVXDYmtv0TIqGjV8RKRdRB1e5LPsxvUUGzAyvmdLC_f4g_B6ZhxwXFi91SEUEMvqWLHoVIHsLdSzd3ZP1Gxvihyuy6N70RC1ihVPjLVPOTROdbkJgk13zkDl_FhHv3mLXE7ZCF-HnyyMfB3LkIa0tX2TVn93_GiDKqqM8&sig=Cg0ArKJSzGYy6votH5faEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E9640058F447B934A37123B53A5C49EE
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html
Frame ID: 649C183948191217F4A5CF7AF790236B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2B3797BB8FAAFE5550F0D2E9E21462D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | bit.ly/3XKNUwD

Page URL History Show full URLs

http://bit.ly/3XKNUwD HTTP 307
https://bit.ly/3XKNUwD Page URL

Detected technologies

DoubleClick Floodlight (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.doubleclick\.net

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
\.googletagmanager\.com/

Google Publisher Tag (Advertising) Expand

Overall confidence: 100%
Detected patterns

securepubads\.g\.doubleclick.net/tag/js/gpt\.js

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

14
IPs

1
Countries

666 kB
Transfer

2311 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://bitly.com/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ethyca.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: http://bitly.com/?utm_source=Bitly&utm_medium=referral&utm_campaign=preview_page

Search URL Search Domain Scan URL

URL: https://edu-il.co.il/%d7%9c%d7%a9%d7%a2%d7%95%d7%aa-%d7%94%d7%a4%d7%a0%d7%90%d7%99/%d7%9e%d7%93%d7%a2%d7%99%d7%9d-%d7%9c%d7%97%d7%a0%d7%95%d7%9b%d7%94/
Title: edu-il.co.il/%D7%9C%D7%A9%D7%A2%D7%95%D7%AA-%D7%94%D7%A4%D7%A0%D7%90%D7%99/%D7%9E%D7%93%D7%A2%D7%99%D7%9D-%D7%9C%D7%97%D7%A0%D7%95%D7%9B%D7%94/

Search URL Search Domain Scan URL

URL: https://bitly.com/blog/trust-safety-at-bitly/
Title: Learn how

Search URL Search Domain Scan URL

URL: https://x.com/bitly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitly/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitly/mycompany/

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssHq9ap866MkFk8GkMuX2x6qL2OWDBsEi1c-i535K8sgS_ZTY_MRRV-zMrhXjKywZG3Y7tXXXffpUYttmxSTKOV1KLK-5npqrmNQlVeUjh6ev21dfVRqPzWMfrEmgmcJvL-4XajZdLwepzh-fURjpPcm_bklthoLv-HNV9bi7F0c_ngub5KR7QBKB_ZF3BbXFMJFXJzTFJdczsrlfzHeq7udkUQiy9cy9DRoZw_V7p4CcNC46O8PALpGLacX8xGnPf0N-WxIoMMF1nE-LScQtxl2W1EjS6UUc7KgqKAsuRu87rATp8ijb8QjoX3tjHJY0eZuyXWeoFdLQN-_Dw9jMex5O9OAOGT4e8_ZcWgsh6NOfVhFQ29LUZsQmBYButeRww7JpwOt4cIiO_0-BODN7QFoLmApK5g6H2Zb_bYoSOEtTXYAET_t4X2g3paUsax1bsB&sai=AMfl-YSZQ-ItRq4el3kV7rXuLV40RXpixIygT0iwtErT8k05bN0atRfoGkGYC-5V3kYYnwrVsrqtr-CcILlXB_Aw7c97SO7kl50bXbTPwsR6YluyRV5du4IwDSjiM5g-Gso_1cCUMuj91w7ybFQ56v4GnRLxKg1q_wDZv9cZzDvCdhGNHUgdze8pGs-er3XASRnJfY_zgE62AkUf-KUNCjauo0_h39C887IZhb1-et5kVeLB-1yIIlmhWENz7iriWaAHSHPvdwwUNCtoj7X6bMGssivcYIJT6lzwJddMwO0TziXilcOmutZEZny-c3egAeYRnkwX_ZFVaoO4n2eQoIegY8bZFEXPmuHw2j4&sig=Cg0ArKJSzIFDd7-MgWrP&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://bitly.com/%3Futm_source%3Dpreview_page%26utm_tag%3Dhouse_ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3XKNUwD HTTP 307
https://bit.ly/3XKNUwD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 3XKNUwD Show response
bit.ly/
Redirect Chain

http://bit.ly/3XKNUwD
https://bit.ly/3XKNUwD

21 KB
22 KB

101ms
72ms

Document
text/html

67.199.248.11
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: 9edaec91d23bc395316a99bc2259dd311262ed1660576040542737fc93dfc83b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 21804
content-type: text/html; charset=utf-8
date: Wed, 11 Mar 2026 06:57:14 GMT
server: nginx
via: 1.1 google
x-robots-tag: noindex

Redirect headers

Location: https://bit.ly/3XKNUwD
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 F91CE64489DC8F93951CBC1B287E2C712CA507BB.css
d1ayxb9ooonjts.cloudfront.net/d/ 11 KB
3 KB 157ms
20ms Stylesheet
text/css 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/F91CE64489DC8F93951CBC1B287E2C712CA507BB.css
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: e7092eb1e0435cb3e7e16af9c4b94f66e441adcc54e70e765deb5515ca8f6504

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

x-amz-cf-pop: JFK50-P15
content-encoding: gzip
etag: W/"aad44d254e1f4b1d19184c0ad6b04a53"
age: 76713
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Aigw3CtAUrf460Y1uyuq8ZkurTQq6Vk0FeiAPbMsvJgZ1tO320y9Gg==
date: Tue, 10 Mar 2026 09:38:41 GMT
content-type: text/css; charset=utf-8
vary: accept-encoding
server: nginx
last-modified: Mon, 08 Dec 2025 18:24:53 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
d1ayxb9ooonjts.cloudfront.net/d/ 3 KB
2 KB 157ms
21ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

x-amz-cf-pop: JFK50-P15
content-encoding: gzip
etag: W/"f8bbacdf5ce2e98b14f9fef2a8a86085"
age: 76713
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: DGfgt_Rih655U4hoRGUg6OoDWue54l9puOZBXV75VfBggLIIsPpIUA==
date: Tue, 10 Mar 2026 09:38:41 GMT
content-type: image/svg+xml
vary: accept-encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 7998B890712079265CF48279A49C2BE33A5EA5C5.svg
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
982 B 158ms
22ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7998B890712079265CF48279A49C2BE33A5EA5C5.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: c51fd35cfbc5051824cd1a683fade7868ec80575227d1446ec833e97727f28b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

x-amz-cf-pop: JFK50-P15
content-encoding: gzip
etag: W/"2ef45692189bc5c8584a06b7b8409342"
age: 85829
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: bKrhEcSoPTw6WkYPgQVIy_EREzJrsZyiyb9Zx72vnTEjnDBKPhMb-Q==
date: Tue, 10 Mar 2026 07:06:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Mon, 12 May 2025 23:58:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 1D999C15ABD60F9C7614234E59748D6E88DA48CB.svg
d1ayxb9ooonjts.cloudfront.net/d/ 563 B
927 B 20ms
20ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/1D999C15ABD60F9C7614234E59748D6E88DA48CB.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 50372d78d348a80a73a452b595840a7e2b2def7406a291b0842c3ef097b8c14e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "a42b6b8c5ace48e0e2dbeb10abd894dd"
age: 69199
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: q2Rhg3Wih6fNHcNZWoO7NaVAe5oRr04uZKcZIUxCK1UKp38kikl4Kw==
date: Tue, 10 Mar 2026 11:43:55 GMT
content-type: image/svg+xml
last-modified: Mon, 12 May 2025 23:58:32 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 6C891B94781612666EDE9475CC59454B79851F4F.svg
d1ayxb9ooonjts.cloudfront.net/d/ 522 B
886 B 22ms
21ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/6C891B94781612666EDE9475CC59454B79851F4F.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 6a39349df968a2349960f419cdfff35591b3d0ff89e0e0a69831ec30c82d5cb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "8d1edaef37d15589ffdb15fd94916f0b"
age: 72218
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 522
x-amz-cf-id: UfgpctPZzHBdAmHp4iaaaKnWReRkI-Q9_rSa5aOps8tww1LIm86Z2Q==
date: Tue, 10 Mar 2026 10:53:36 GMT
content-type: image/svg+xml
last-modified: Mon, 12 May 2025 23:58:32 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
d1ayxb9ooonjts.cloudfront.net/d/ 362 B
728 B 24ms
19ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "636eb2721b75f46b2f61790d3b627d70"
age: 73232
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 362
x-amz-cf-id: Idh-z63N7IYHnoBI85ZNpz8rkzRlMno3p3OvjbSA-QDLUf9uQTRDsw==
date: Tue, 10 Mar 2026 10:36:42 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 17 KB
17 KB 27ms
23ms Image
image/webp 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "a6c2aae1b41d9e328c4f8e6c34e3d12c"
age: 77964
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 17206
x-amz-cf-id: mblCj1_4DYk8Isz_DGxiSqu7H0FWlDJuCs5qw6V4e5QlXkYl4Pd_8A==
date: Tue, 10 Mar 2026 09:17:50 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 17:03:54 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
d1ayxb9ooonjts.cloudfront.net/d/ 401 B
765 B 27ms
23ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "ac532c5f7b8ff686a348d1abaa8326d4"
age: 73218
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 401
x-amz-cf-id: yKAla8ZZtpzNTvjfu3i7XusGanIi1jeG-rv2b6mE6BAm-7lUTSLs7w==
date: Tue, 10 Mar 2026 10:37:01 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 12032AF2C457BB634C4039A306C2C39420BF51EB.svg
d1ayxb9ooonjts.cloudfront.net/d/ 2 KB
1 KB 28ms
24ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/12032AF2C457BB634C4039A306C2C39420BF51EB.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

x-amz-cf-pop: JFK50-P15
content-encoding: gzip
etag: W/"8f18e0d46157b022c600e0e735813a91"
age: 73725
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: f34lD0XL-YtZNl4yy3EfjIT-jzJJT3pUyfna-iHcOv7_qipNypr3Cg==
date: Tue, 10 Mar 2026 10:28:31 GMT
content-type: image/svg+xml
vary: accept-encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 704DBB97AC75F2A7D9571254B944F17277707059.svg
d1ayxb9ooonjts.cloudfront.net/d/ 502 B
865 B 28ms
25ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/704DBB97AC75F2A7D9571254B944F17277707059.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "a0ff281181e05ab5f10f48b00bdf362e"
age: 76713
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 502
x-amz-cf-id: paKnMzUZ8PQiS_CBbr3LhsJ4IHo5sFRjsWcSwpiPzfn65Ce0Fbco7Q==
date: Tue, 10 Mar 2026 09:38:42 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
d1ayxb9ooonjts.cloudfront.net/d/ 648 B
1013 B 28ms
25ms Image
image/svg+xml 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "01e6d41986e3aff2a481b34bbb250d3d"
age: 73724
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 648
x-amz-cf-id: g4m5yIWAcWLR4mnxvU66LK_4qUEm3DmlfQgQz-l0cZfRe66EOLd78Q==
date: Tue, 10 Mar 2026 10:28:31 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

POST
H2 200 beacon
bit.ly/preview_page/ 16 B
80 B 39ms
32ms Ping
application/json 67.199.248.11
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/3XKNUwD

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Wed, 11 Mar 2026 06:57:14 GMT
content-type: application/json
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
107 KB 243ms
45ms Script
application/javascript 142.250.65.72
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWRJL959

Requested by

Host: bit.ly
URL: https://bit.ly/3XKNUwD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.72 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

iad23s91-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7c6b3dabe2f9879ec27aa4be10c3e364a97aadc897b80c95d262f59e4f048d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: zstd
expires: Wed, 11 Mar 2026 06:57:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Mar 2026 06:57:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Mar 2026 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 109038
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 fides.js Show response
bitly.fides-cdn.ethyca.com/ 708 KB
91 KB 104ms
24ms Script
application/javascript 3.168.122.29
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://bitly.fides-cdn.ethyca.com/fides.js?&property_id=FDS-I3S3I5
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.29 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-3-168-122-29.jfk52.r.cloudfront.net
Software: /
Resource Hash: ae630d527331584ea7802c64720ecb199bb54bb4f9dda096ec5cc3d78492e878

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: max-age=3600, stale-while-revalidate=86400, stale-if-error=86400, public
content-encoding: gzip
etag: "8ajj1wziehfjbs"
age: 3822
via: 1.1 3d51d72e2d6c0f3bdc1eee797b793c6c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: ZTEFM32td4gIUSsUnv01GYBJ4XTvnAIZVYLxXezSoDECWruZb7m4sw==
date: Wed, 11 Mar 2026 05:53:33 GMT
content-type: application/javascript
vary: cloudfront-viewer-country,cloudfront-viewer-country-region,Accept-Encoding
x-amz-cf-pop: JFK52-P7
access-control-allow-headers: *

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 33ms
32ms Ping
application/json 67.199.248.11
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/3XKNUwD

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Wed, 11 Mar 2026 06:57:15 GMT
content-type: application/json
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
34 KB 107ms
52ms Script
text/javascript 142.251.40.226
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bit.ly
URL: https://bit.ly/3XKNUwD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e68388a4a163ed9f94f9cbcb2a3079fd6fe1e2dfc357ce71880c166dfac071b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: br
etag: 565 / 20523 / m202603050101 / config-hash: 14020457220155234244
x-content-type-options: nosniff
expires: Wed, 11 Mar 2026 06:57:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 11 Mar 2026 06:57:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34799
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/ 643 KB
201 KB 27ms
27ms Script
text/javascript 142.251.40.226
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

f84e5dd4157c0dbd248c7a38e71c017cb6c8250a01c91853fd8af262d51f062d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: br
etag: 16225610925576669196
age: 12899
x-content-type-options: nosniff
expires: Thu, 11 Mar 2027 03:22:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 11 Mar 2026 03:22:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 205920
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202603100101/ 64 KB
23 KB 35ms
33ms Other
text/plain 142.251.40.226
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202603100101/gpt

Requested by

Host: bit.ly
URL: https://bit.ly/3XKNUwD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

a94918f070a4879b9c18e25d5f6e3671f83a4cb57399fe5cb7df5b88ba2a81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 7780743490690308274
age: 44707
x-content-type-options: nosniff
expires: Tue, 17 Mar 2026 18:32:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 10 Mar 2026 18:32:08 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23136
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202603100101"

GET
H2 200 partnerpixels Show response
cm.g.doubleclick.net/ Frame D896 41 B
213 B 107ms
41ms Document
text/html 142.250.191.2
Google LLC

General

Check archive.org

Download Go to

Full URL

https://cm.g.doubleclick.net/partnerpixels?url=https%3A%2F%2Fbit.ly%2F3XKNUwD

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.191.2 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-az-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3XKNUwD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 48
content-type: text/html; charset=UTF-8
date: Wed, 11 Mar 2026 06:57:15 GMT
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 3 KB
3 KB 447ms
400ms Script
text/javascript 34.96.70.87
Google LLC

General

Check archive.org

Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

etag: 861bdaf24bda5c0db45c6ebe1c94a9eb
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2729
date: Wed, 11 Mar 2026 06:57:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 05 Feb 2025 14:45:21 GMT
server: Google Frontend
x-cloud-trace-context: e8ab7275318fe6bab7b018c6c198391f

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
6 KB 300ms
299ms Fetch
text/plain 142.251.40.226
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=6944189644141410&correlator=828239013274417&eid=31097144%2C95379823&output=ldjh&gdfp_req=1&vrg=202603050101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&dids=div-gpt-ad-1724340542602-0&adfs=3434351373&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1773212235602&lmt=1773212235&adxs=179&adys=402&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F3XKNUwD&vis=1&psz=658x709&msz=300x0&fws=0&ohw=0&a3p=EhcKCHJ0YmhvdXNlGMfuvd3NM0gAUgIIZA..&psd=WzMxLFtdXQ..&dlt=1773212234726&idt=714&prev_scp=ac%3DPrior_to_2023%26g%3DIL%26cohort%3Dpre_9_3%26connection_type%3Dlink%26ea%3Ddefault%26browser%3Dchrome%26dt%3Ddesktop%26hw%3D78%26dg%3DCA%26tt%3Dcore%26t%3Dg_e&adks=3309689787&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

6c7a50fa4ecb7375e26aa0b3ecc64ac41627fa95bc385578d09c0b6641f44386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: dcb
google-lineitem-id: 6771137968
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 11 Mar 2026 06:57:15 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138526851862
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bit.ly
content-length: 5798
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 8A62 7 KB
3 KB 130ms
34ms Document
text/html 142.251.210.33
Google LLC

General

Check archive.org

Download Go to

Full URL

https://48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.210.33 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-ba-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3XKNUwD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Mar 2026 06:57:15 GMT
expires: Wed, 11 Mar 2026 06:57:15 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E964 0
0 49ms
48ms Fetch
image/gif 142.251.40.226
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviC4ZEk7Z4Mk7bu2040PEaSMdzJcuWDIDryTOunxYEBh2zEbnfXzCHIO7od0Gd-2luGLOLOpGMnNM27LkOtc1_GMhl2tJHTyfZ62RUezRq610oMfUl477--hZMQ1e9zmcoEQPUqpJl0DZ2Am9w170gNDHu3hXrKr8RaGwaKPkgYWpMh3YAptxHeZEKya45gS6_RbcAsFIION30oZD1hxu0zjcyENzlg8HbLKj4S63-9WH8CKjG16_d5CXu9BA9X_9mETYPKfdqPkw6sUiskeukMFtjTrHUwrU_H95CL43737GtZSl1qpazwc8BG_o1pYc_A8kZl4ezEN8G7iIDiWetzg_RNUjuoTBLWETk6I0B3E47AuJ_yY-OgAYqR9ZuCcyyF0MBlM3cmz_iVCg7nkHUDohYBmcIyV1YOoYJzNYaox8hWdsr4Zc_u2JdJXYMeQUh450lE8N31cqkBvKYSUo7&sai=AMfl-YS55EdZoWgiQQ8z1pET8R99H2IEhvHnfvSsTTkPR2__-rGRjkoTxHs5ZkBmfzRNqZ1uNdo_33TwyQTUELVl8F1A5pmhr6UCKIWSk-xWe8FIaxm1u2ZhdW62J1l6fr8Xcc2cA8awgtaWY-VGC9NUl0x60ujCErhHZkte402_FAobqlLeuUsQGrkls2AuxLaVXDYmtv0TIqGjV8RKRdRB1e5LPsxvUUGzAyvmdLC_f4g_B6ZhxwXFi91SEUEMvqWLHoVIHsLdSzd3ZP1Gxvihyuy6N70RC1ihVPjLVPOTROdbkJgk13zkDl_FhHv3mLXE7ZCF-HnyyMfB3LkIa0tX2TVn93_GiDKqqM8&sig=Cg0ArKJSzGYy6votH5faEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: bit.ly
URL: https://bit.ly/3XKNUwD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 11 Mar 2026 06:57:15 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 11 Mar 2026 06:57:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260310/r20110914/client/ Frame E964 3 KB
2 KB 132ms
27ms Script
text/javascript 142.250.191.1
Google LLC

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260310/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.191.1 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-az-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: br
etag: 6020003950853699975
age: 41979
x-content-type-options: nosniff
expires: Tue, 24 Mar 2026 19:17:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 10 Mar 2026 19:17:37 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E964 237 KB
73 KB 85ms
28ms Script
text/javascript 142.251.211.162
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

cafe /

Resource Hash

9f71eb8c2f7d141ee4aafea9cf30d3dbd3240089a54f4ef9581b29b92ea981f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: br
etag: 18286255653023805402
age: 840
x-content-type-options: nosniff
expires: Wed, 11 Mar 2026 07:43:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 11 Mar 2026 06:43:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 74720
x-xss-protection: 0
server: cafe

GET
H2 200 8412499337025959027
tpc.googlesyndication.com/simgad/ Frame E964 22 KB
22 KB 131ms
27ms Image
image/png 142.250.191.1
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8412499337025959027

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.191.1 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-az-in-f1.1e100.net

Software

sffe /

Resource Hash

b0d9da3f54f24e28236048aaf97c5b0226f0df4f61dd48e42123f652ea4aa9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

age: 363637
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 07 Mar 2027 01:56:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 07 Mar 2026 01:56:39 GMT
last-modified: Mon, 11 Aug 2025 15:13:02 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 22146
x-xss-protection: 0
server: sffe

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 35ms
33ms Ping
application/json 67.199.248.11
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/3XKNUwD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.11 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/3XKNUwD

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Wed, 11 Mar 2026 06:57:15 GMT
content-type: application/json
server: nginx

GET
DATA 200
OK truncated
/ Frame E964 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb1c2205f30ac6734e30bbb8424fbd46959e10e92e32528e9da69e77d5237b3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E964 0
0 50ms
48ms Fetch
image/gif 142.251.211.162
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Mar 2026 06:57:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E964 0
0 42ms
42ms Fetch
image/gif 142.251.211.162
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Mar 2026 06:57:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E964 0
0 42ms
41ms Fetch
image/gif 142.251.211.162
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Mar 2026 06:57:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E964 0
0 48ms
48ms Fetch
image/gif 142.251.40.226
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9RJ-PQdqM3gcGtQ8LiBlKgvhV2Rg2QIbuQdUZJrpTtRV9GIEN7wJyMk1kKgQiJNHShrl4madFhJDmdCpUuWsvn3h39eyEItVP8came6GkIl5H6qDr7_sjs1b45Ps_UKixdCpkv9lEhwsNzhV1btxFic36Lrev0ocOTRgfPyhiWWdScOfDj5sDAvIU6KqAg_arPisbujQ_097jANBKv45RqYRSPFO1SJtSLwwjBzOwdMgB0KQ5mHFdmoB4y1AzdIBrZ076SSfE0RoWCNR7LS6losGfHLrUtSf9y8lpbaceGpy1Ki70rl6l-EYmGQ5mLKq202C2GQQBvspOqxQkGPyPcrZ8380mDHAxqGlCOuq-ty-lJ3qWeItT7siPePnBn5Qt-_lla6TkjGVOYEXGLbXDEUGqp-bF7mCqlo8ajHdy5sZDqubUF_yQ6czbcAO50chIIYjjxZh-p56m8U-ioo_SQEc&sai=AMfl-YQtECqVyTIsB9y1GVubOxdBq0Lxq25-n6uGW7MlsFN8qWIrPxfNq3oKhux_zSzjsg7F0idROZbLnm6hstZuTAQEka_LPuIH2OAQNzW6NlyXVkl8srMp5vNi9kk_4f5-21X-biF1FyDcpgxIbdKza9bpZgfEx0LWD4gDeZ2JO42bfgOl_omSy9naYSTbQQljNXPMIgxx9_mbpQynlw8WPLkJ48t0CkSCaMltRAHRl2WUcoqPuofbMSTMKMqfPtxvaynnavgRTso04f4DCbTMbO31IAgF3hWUl3JoKhutpp9nrn_oRzdea7o2dsljbyUNH_LZTPWrb5IiH17lSr0TJWKGvID5sGTiHP8&sig=Cg0ArKJSzP5VOy8XkrSGEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 11 Mar 2026 06:57:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 11 Mar 2026 06:57:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 96ms
59ms XHR
application/json 142.251.45.194
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202603050101&st=env&sjk=6944189644141410

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.45.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-au-in-f2.1e100.net

Software

cafe /

Resource Hash

b0a551346490c7051a4d166acf0d44edf63e945ce459105c74a426b0a76266b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13536
date: Wed, 11 Mar 2026 06:57:16 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 911DC5232AD960E5CD922312AAAA1768D921C30F.png
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
1 KB 20ms
20ms Other
image/png 99.84.169.128
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/911DC5232AD960E5CD922312AAAA1768D921C30F.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.169.128 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-84-169-128.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

vary: accept-encoding
etag: "de191ceae91ff28f37bcd7fe122e3a09"
age: 76713
via: 1.1 9b467d1b9559306c930b2f8176043a22.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1142
x-amz-cf-id: L37xlGpEmBPDUyq_uoN8K8wn-AVR-xtSdn7dbSK2_Ny7KNXUHBqvYA==
date: Tue, 10 Mar 2026 09:38:43 GMT
content-type: image/png
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: JFK50-P15
x-amz-server-side-encryption: AES256

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 21 KB
8 KB 111ms
41ms Script
text/javascript 142.250.217.129
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.217.129 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-az-in-f1.1e100.net

Software

sffe /

Resource Hash

893c7f6aca9aca8c8aded19a9cd8919cbd7a205cff7f6503d1241b8fa2f721ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

content-encoding: gzip
etag: "1772145733101481"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 11 Mar 2026 06:57:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Mar 2026 06:57:16 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7609
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/253/ Frame 649C 14 KB
6 KB 88ms
27ms Document
text/html 142.250.217.129
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.217.129 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-az-in-f1.1e100.net

Software

sffe /

Resource Hash

b77745f4a57eb621e30714ec9daf54ab1191ea694bca8898a48b5ce75de5843b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3XKNUwD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5450
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Mar 2026 06:21:56 GMT
expires: Wed, 11 Mar 2026 07:11:56 GMT
last-modified: Thu, 26 Feb 2026 22:42:13 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2B3 829 B
569 B 100ms
48ms Document
text/html 142.251.40.228
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.228 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-at-in-f4.1e100.net

Software

ESF /

Resource Hash

244f208e6aa24fb96e2f92663225382e656fcdfa6ea5ad1660eb945502359415

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IK2LkFf1-KgF8s_Zt9WXaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/3XKNUwD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IK2LkFf1-KgF8s_Zt9WXaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Mar 2026 06:57:16 GMT
expires: Wed, 11 Mar 2026 06:57:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mEJAvhFLQgqdGjt4tMRTKhv9ZqnIbMTy9pL7t_--0Ew.js Show response
pagead2.googlesyndication.com/bg/ Frame 649C 57 KB
22 KB 82ms
28ms Script
text/javascript 142.251.211.162
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mEJAvhFLQgqdGjt4tMRTKhv9ZqnIbMTy9pL7t_--0Ew.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

sffe /

Resource Hash

984240be114b420a9d1a3b78b4c4532a1bfd66a9c86cc4f2f692fbb7ffbed04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 396475
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Sat, 06 Mar 2027 16:49:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Mar 2026 16:49:21 GMT
last-modified: Fri, 06 Mar 2026 12:08:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22257
x-xss-protection: 0
server: sffe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2B3 0
17 B 78ms
45ms Image
image/ 142.251.211.162
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=253&li=gpt_m202603050101&jk=6944189644141410&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Mar 2026 06:57:16 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 649C 0
40 B 28ms
27ms Image
text/plain 142.250.217.129
Google LLC

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?t1iR1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.217.129 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: lclgaa-az-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 11 Mar 2026 06:57:16 GMT
cross-origin-resource-policy: cross-origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E964 42 B
65 B 45ms
44ms Fetch
image/gif 142.251.211.162
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZyu5rq_eJ_v7O4RfI3OnijFFE-zzZL9wmDQLvx6tQoKg8YTmdeDDn9HxV8ksKXZd3d6HY6hSTeDRcj3DUemW3t73PWq2txQOSlKMyQNvJSD9yqNSPjCYv0HpMUwIV0IfNW7UcGsGkIStvyNAN8g111wuRw8izUEW4ax6PvZuffzNDRBdl2xxY1K4&sig=Cg0ArKJSzKdSeBvi5q0VEAE&id=lidar2&mcvt=1000&p=261,161,541,497&tm=1047.900001525879&tu=48&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260302&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3309689787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6914503600&rst=1773212235949&rpt=264&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.211.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-as-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 11 Mar 2026 06:57:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 61ms
59ms Image
image/ 142.251.45.194
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=253&t=2&li=gpt_m202603050101&jk=6944189644141410&bg=!e3ileBrNAAa6gAM2moA7AEcBe5WfOAYNRysXxeoJc9bexFl4hjWKancP5Gx5JyUZ7uxuyOYTsxbKln8wgbP8nB0c5cJoIi_LppOxruu3hcFf0VDo_gbiSAIAAAE0UgAAAAdoAQd-ADcP7N_nNDu0DTdNfvAKQwC424_jeAmueBdwhYkTlQl6excmMuqjaPP0Un0I3cTxK5AlOCrr6APsmQJOi1FzEKEPwuqFuhc2rXL6FUv4IVaMygfVW33ft9wzSQ1hUC_hRznb1yIbyRvzqk5oGUj6Qe6Y51HgOOK0gBwVkHw86fbih1RIhvZJ7yx15zkWduclNhdwyPh-46qEtUAfUpCoVWuflsbITuD-RFSOEsF6VLpuewE_M59ipkerRJgoRMtoAxwwHVT5QezB9qc6SD09av-BoPNbQGz9Ly8NQXRfTJYbn2JQhYvDz9nxHQJyJ0I-fsibR8erAJ7qcDodKs0pi7qtF0wIhBrbQJUG6Gqz-wQDpve0NgTK0g7EFvJEscfoHagPrAKcs233d_86ktppIijO-BjY4EhRW5EyHryVxvGu3zoy8TGzUTFlJMp6sPFiqBMdfbYtIilR6BScZmppaqImN_q_A5-uWef5V0YNM3Dtb7oojLA_TRKQAJAI2z5F-Qks5pjvakgmVQUidpRQyboL8kaAU9symV1PMAs2wSMoFAA5PqCu4nVCIfOhLd7fPv2vXznr82JNkwcUwqX4pCyLotFZVUkCctYuFvOhivQ1K0QBFmDn3Dcw5R_fVPVri7Me3AY2TRtRu-ZmbWj4J2i9O7tczqmQKnoVWp-YS0EIKNkuB7gdHEP-TqY-468YuIBhrPBIwln9KhKSDdObbepex2X3Ym_-ICgNnpQvYlNEaCIAaf2_ugrycAY6lR_xlLUJWe3PvMTmq82Ccyk2-DVStR5QZe1atMrWl7Y3uzTLDcdQICmFZvMyKouETx50OgCIyi4_7DTPG7gPTtPQiV1n3JJsRa-fvH8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.45.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-au-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer: https://bit.ly/3XKNUwD

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Mar 2026 06:57:17 GMT
x-xss-protection: 0
content-type: image/
server: cafe

Verdicts & Comments Add Verdict or Comment

22 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 16:52:44	Name: _bit Value: q2b6Ve-f8d7196ffd9c2dacd6-00d
.bit.ly/	1970-01-21 21:55:08	Name: __gads Value: ID=9ad44ec1cd3c62e6:T=1773212235:RT=1773212235:S=ALNI_MZ-5XGZTf2y0cVzS7KWfvVnHZd8MA
.bit.ly/	1970-01-21 21:55:08	Name: __gpi Value: UID=00001302d3fbe120:T=1773212235:RT=1773212235:S=ALNI_MZAasQ-nVp5eGmOQvr6vaIgoRam-Q
.bit.ly/	1970-01-21 16:52:44	Name: __eoi Value: ID=b24232bef29d1274:T=1773212235:RT=1773212235:S=AA-Afjar8h4kAF7n_yU3p7dqxmvQ
.doubleclick.net/	1970-01-21 22:09:32	Name: IDE Value: AHWqTUnXqHYMYc9CfYuyyYdKh8HLFv4nHyRmsZ2RBm1JyEMgmQ0bO0SZN8o0xmEL4Jk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C0B0002C390000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48c7c98ced2974ac3cc505deed4af035.safeframe.googlesyndication.com
bit.ly
bitly.fides-cdn.ethyca.com
cm.g.doubleclick.net
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
invstatic101.creativecdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
142.250.191.1
142.250.191.2
142.250.217.129
142.250.65.72
142.251.210.33
142.251.211.162
142.251.40.226
142.251.40.228
142.251.45.194
3.168.122.29
34.96.70.87
67.199.248.11
99.84.169.128
244f208e6aa24fb96e2f92663225382e656fcdfa6ea5ad1660eb945502359415
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad
50372d78d348a80a73a452b595840a7e2b2def7406a291b0842c3ef097b8c14e
56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
6a39349df968a2349960f419cdfff35591b3d0ff89e0e0a69831ec30c82d5cb8
6c7a50fa4ecb7375e26aa0b3ecc64ac41627fa95bc385578d09c0b6641f44386
7c6b3dabe2f9879ec27aa4be10c3e364a97aadc897b80c95d262f59e4f048d14
893c7f6aca9aca8c8aded19a9cd8919cbd7a205cff7f6503d1241b8fa2f721ff
984240be114b420a9d1a3b78b4c4532a1bfd66a9c86cc4f2f692fbb7ffbed04c
9edaec91d23bc395316a99bc2259dd311262ed1660576040542737fc93dfc83b
9f71eb8c2f7d141ee4aafea9cf30d3dbd3240089a54f4ef9581b29b92ea981f3
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a94918f070a4879b9c18e25d5f6e3671f83a4cb57399fe5cb7df5b88ba2a81ae
ae630d527331584ea7802c64720ecb199bb54bb4f9dda096ec5cc3d78492e878
b0a551346490c7051a4d166acf0d44edf63e945ce459105c74a426b0a76266b0
b0d9da3f54f24e28236048aaf97c5b0226f0df4f61dd48e42123f652ea4aa9df
b77745f4a57eb621e30714ec9daf54ab1191ea694bca8898a48b5ce75de5843b
bb1c2205f30ac6734e30bbb8424fbd46959e10e92e32528e9da69e77d5237b3e
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e
c51fd35cfbc5051824cd1a683fade7868ec80575227d1446ec833e97727f28b2
cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1
e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b
e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68388a4a163ed9f94f9cbcb2a3079fd6fe1e2dfc357ce71880c166dfac071b2
e7092eb1e0435cb3e7e16af9c4b94f66e441adcc54e70e765deb5515ca8f6504
eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f84e5dd4157c0dbd248c7a38e71c017cb6c8250a01c91853fd8af262d51f062d
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

bit.ly 67.199.248.11 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

14 IPs

1 Countries

666 kBTransfer

2311 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bit.ly
67.199.248.11 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

14
IPs

1
Countries

666 kB
Transfer

2311 kB
Size

5
Cookies

42 HTTP transactions
1 data transactions