bit.ly
67.199.248.10 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/41b4idp 13yr old
Effective URL:
https://bit.ly/41b4idp 13yr old
Submission: On March 23 via manual (March 23rd 2026, 3:48:15 pm UTC) from SG — Scanned from SG

Summary HTTP 42 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 9 domains to perform 42 HTTP transactions. The main IP is 67.199.248.10, located in United States and belongs to GOOGLE-CLOUD-PLATFORM - Google LLC, US. The main domain is bit.ly. The Cisco Umbrella rank of the primary domain is 6681. 13yr old
TLS certificate: Issued by Amazon RSA 2048 M01 on February 24th 2026. Valid for: 7mo.

This is the only time bit.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
12	13.33.100.110 13.33.100.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.194.97 172.217.194.97	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.169.71.91 3.169.71.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	64.233.170.155 64.233.170.155	15169 (GOOGLE) (GOOGLE - Google LLC)
1	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
1	74.125.68.132 74.125.68.132	15169 (GOOGLE) (GOOGLE - Google LLC)
2	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE - Google LLC)
2	64.233.170.132 64.233.170.132	15169 (GOOGLE) (GOOGLE - Google LLC)
5	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.253.158.132 172.253.158.132	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.194.103 172.217.194.103	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE - Google LLC)
42	15

4 67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: bit.ly

bit.ly 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 13.33.100.110 (New York, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-33-100-110.sin2.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.194.97 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: si-in-f97.1e100.net

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.169.71.91 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-169-71-91.tlv55.r.cloudfront.net

bitly.fides-cdn.ethyca.com 8mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 64.233.170.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sg-in-f155.1e100.net

securepubads.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.10.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sd-in-f156.1e100.net

cm.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 74.125.68.132 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sc-in-f132.1e100.net

50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com 3mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 74.125.24.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sf-in-f155.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 64.233.170.132 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sg-in-f132.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.250.4.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sm-in-f156.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.253.158.132 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: so-in-f132.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.194.103 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: si-in-f103.1e100.net

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.4.157 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sm-in-f157.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net d1ayxb9ooonjts.cloudfront.net — Cisco Umbrella Rank: 39032 10yr old	31 KB
10	googlesyndication.com 50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com 3mo old tpc.googlesyndication.com — Cisco Umbrella Rank: 211 13yr old pagead2.googlesyndication.com — Cisco Umbrella Rank: 149 10yr old	122 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 284 10yr old cm.g.doubleclick.net — Cisco Umbrella Rank: 282 10yr old	244 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 351 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 354 2yr old	27 KB
4	bit.ly bit.ly — Cisco Umbrella Rank: 6681 13yr old	21 KB
1	google.com www.google.com — Cisco Umbrella Rank: 8 13yr old	568 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1678 4yr old	3 KB
1	ethyca.com bitly.fides-cdn.ethyca.com — Cisco Umbrella Rank: 45181 8mo old	91 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50 13yr old	109 KB
42	9

	Domain	Requested by
12	d1ayxb9ooonjts.cloudfront.net	bit.ly
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com ep2.adtrafficquality.google
6	securepubads.g.doubleclick.net	bit.ly securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	bit.ly	bit.ly
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	www.google.com	ep2.adtrafficquality.google
1	50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cm.g.doubleclick.net	securepubads.g.doubleclick.net
1	bitly.fides-cdn.ethyca.com	bit.ly
1	www.googletagmanager.com	bit.ly
42	13

This site contains links to these domains. Also see Links.

Domain
bitly.com
ethyca.com
pastebin.com
x.com
www.instagram.com
www.facebook.com
www.linkedin.com
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
bit.ly Amazon RSA 2048 M01	`2026-02-24` - `2026-09-09`	7mo	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2025-05-05` - `2026-04-23`	1yr	crt.sh
*.google-analytics.com WR2	`2026-02-23` - `2026-05-18`	3mo	crt.sh
bitly.fides-cdn.ethyca.com Amazon RSA 2048 M01	`2025-10-23` - `2026-11-21`	1yr	crt.sh
*.g.doubleclick.net WR2	`2026-02-23` - `2026-05-18`	3mo	crt.sh
invstatic101.creativecdn.com WR3	`2026-01-31` - `2026-05-01`	3mo	crt.sh
adtrafficquality.google WR2	`2026-02-23` - `2026-05-18`	3mo	crt.sh
tpc.googlesyndication.com WR2	`2026-02-23` - `2026-05-18`	3mo	crt.sh
*.google.com WR2	`2026-02-23` - `2026-05-18`	3mo	crt.sh

This page contains 6 frames:

Primary Page: https://bit.ly/41b4idp
Frame ID: 33D1B4C43C5622CF6498C83BE9580C4D
Requests: 26 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/partnerpixels?url=https%3A%2F%2Fbit.ly%2F41b4idp
Frame ID: E5A2D62C4806E0885D3D361D7D9AAAB9
Requests: 1 HTTP requests in this frame

Frame: https://50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 0A7740BB2FC4993C996D59DE67FC83EC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT9oZX3BTbU6vVVYOamlABgw8mbNzkKx4XbAMudnhb8Ok-hAYINT-yVeZO_gAkK0ttdrflaiPxPQlAV79oW-Xut-aCPOESFY6d6NFPB4a5klV6Hh1qVJ3Es_CtBwfS1HI5G4yC5MJz66GemnAC7YHKdErCl9lxYeKq_v5xFUyQWYaTqJXtnS_5VeKyr7vmbhesuuv3vzcvTWrZg3lGxyU2r7GyN9rJGsw8mo3MtoMPV3MKXd6U11icERng2bl3oe3_T9IJPcZu6iJyeIJqFIGoYxv3obfe8JYrPel1h9hiFAEE7m-JjJPbbMUkHwXcjzlLxI1N_nPrEQOnrF48ymPlQ0zb3Yh1anbpt5TFumBebM26jiyllwqFgmTbMPvRQMJb5p09__7P7-S3wqscXW5J3-yf_13yeEoWJcWZviGm7yBR_OSSLTQSWvbY1m2Nszlf_TmVUtqdcLIsEmS2sXIi&sai=AMfl-YS9MlgRDHeExHRilJHa9xEq_rjRt4pIkxPCAKztWTGz7T3wE5bDh6TUAcGEleKy-R1u0ph3xkJwPwQSt3Hvs4IGkbBsbCnY_AWtwKu2xdtrt4KwWxJS0TqiBX7KjWIBVaW_CNwke9Vw1X37ZaVlq2mlZfTexenTbAMKkpRdsxFQCwzihiPkkSIKagELcmPfgxA5JMx4RKFnQvx5rkJ9muEqazWNUkFmrNZIt9lnUWMmXUTYY-XgUccroVQAFaiY5WUh3c01dwcyhWRHM12NbSFg3bfu5-iVZ3B340uwbf-NtdhwhDauZ3Xe5fUzKNpDnWWvVFZntPIJwXrhAwgv_jS829hJeCqkPw&sig=Cg0ArKJSzHCfNjyCASZ3EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 92D649B308173FBBC31C7628DF32375C
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html
Frame ID: 364499D5D931F4D7EE426453737503FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00770627FF64128CD5B08E055549113A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | bit.ly/41b4idp

Page URL History Show full URLs

http://bit.ly/41b4idp HTTP 307
https://bit.ly/41b4idp Page URL

Detected technologies

DoubleClick Floodlight (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.doubleclick\.net

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
\.googletagmanager\.com/

Google Publisher Tag (Advertising) Expand

Overall confidence: 100%
Detected patterns

securepubads\.g\.doubleclick.net/tag/js/gpt\.js

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

15
IPs

1
Countries

648 kB
Transfer

2236 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://bitly.com/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ethyca.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: http://bitly.com/?utm_source=Bitly&utm_medium=referral&utm_campaign=preview_page

Search URL Search Domain Scan URL

URL: https://pastebin.com/raw/fJC5y4ft
Title: pastebin.com/raw/fJC5y4ft

Search URL Search Domain Scan URL

URL: https://bitly.com/blog/trust-safety-at-bitly/
Title: Learn how

Search URL Search Domain Scan URL

URL: https://x.com/bitly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitly/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitly/mycompany/

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsv7r1z5nMZPBQVrK1vh4_6pSdGnQcJucb8f9ZuUd3KaZ_USxRuOhXHYXLFdmNzScY2mW778qfdnux0E43QMABRcnbyjmC4toB7-J6pHsBjs--jveoPce5_eaHJcqsDYS_uJ4dpdd6n1dNkRUGd3Q6lewjjAqmQ7oNq-UjgQJZJ6jgoVyjK4TjjLy1bJxbQrAg-vSfA9G4f6O8hzvs5cdwGAUs-SOJfAHKVZhYFDriDqRaicgwVk_-mWvCgn-nmXdGRweIzhgn-Nkid9oNZ6HZpsIL9KZxtq63fMu7kzI2Bu-tv-nJA6VcYyKRLkxKuRoRbUDyN6wXqNSbT_9Ky9iCW6SmVWmvERMNY2FyCpWPfaiW8x53zeFXz9f8n5e0dsFFdrYt8-nTsY1MDYYi0-Pz3IEZp9GUsyFSnA9xF5sT5ced_wemnUVHNDjBvGrKRHjT_A&sai=AMfl-YS34p8pWO2_VJ3EucgY3YZdcz1_tsK5QoLGaXfF22iPqeQjHUTwjUrfcbteovWs5AsepDBCFyv3fHYdgLjy3A1v2Gf7PR2ZCBEC-WZfcSfWnWVvQ4qcAtULesc7Doo9T0cnunwJFtXd_BPAiH1I5BWxtSRmUXeefSrWNTDc3UoUmA5ncGonGg-sVloGKP31hJwVJYGYQvoH_TMy7mt5R6UxuIky6lpc5jEzgCnY3cSUmRRTC5SfFL8Hu096STmPf5YAHfZ7_UEmi_K-yPfnXFGJff1VA_fiNSVU_5lCs-0S_AaqA9-nhfAWggAGxTqwwH5h_NKE4AHV2Pm4lND04EGxyMqW0inx_w&sig=Cg0ArKJSzIy_FUUYhxYW&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://bitly.com/%3Futm_source%3Dpreview_page%26utm_tag%3Dhouse_ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/41b4idp HTTP 307
https://bit.ly/41b4idp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 41b4idp Show response
bit.ly/
Redirect Chain

http://bit.ly/41b4idp
https://bit.ly/41b4idp

21 KB
21 KB

698ms
269ms

Document
text/html

67.199.248.10
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: 12c9a6eed2603d77156f42edb7da103f34adbf7668579dce95a1d47b9d8d1a29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 21223
content-type: text/html; charset=utf-8
date: Mon, 23 Mar 2026 15:48:15 GMT
server: nginx
via: 1.1 google
x-robots-tag: noindex

Redirect headers

Location: https://bit.ly/41b4idp
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 F91CE64489DC8F93951CBC1B287E2C712CA507BB.css
d1ayxb9ooonjts.cloudfront.net/d/ 11 KB
3 KB 237ms
5ms Stylesheet
text/css 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/F91CE64489DC8F93951CBC1B287E2C712CA507BB.css
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: e7092eb1e0435cb3e7e16af9c4b94f66e441adcc54e70e765deb5515ca8f6504

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

x-amz-cf-pop: SIN2-P2
content-encoding: gzip
etag: W/"aad44d254e1f4b1d19184c0ad6b04a53"
age: 61594
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: D_wPhVixfWZieY_GHQ5CpwHi-xIoucS_gKVdw_YchaPyTPX8x7IPIw==
date: Sun, 22 Mar 2026 22:41:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Mon, 08 Dec 2025 18:24:53 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
d1ayxb9ooonjts.cloudfront.net/d/ 3 KB
2 KB 214ms
7ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/C1479C1BB4EBAEE77A9F4B616943FFEE9DAAEA0E.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

x-amz-cf-pop: SIN2-P2
content-encoding: gzip
etag: W/"f8bbacdf5ce2e98b14f9fef2a8a86085"
age: 69790
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: rRWFOkYas3JfE0lhlhkHtp8NNK7AdDg7IJuZ_ZRgyshQTsIO_lHquw==
date: Sun, 22 Mar 2026 20:33:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 7998B890712079265CF48279A49C2BE33A5EA5C5.svg
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
980 B 211ms
7ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7998B890712079265CF48279A49C2BE33A5EA5C5.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: c51fd35cfbc5051824cd1a683fade7868ec80575227d1446ec833e97727f28b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

x-amz-cf-pop: SIN2-P2
content-encoding: gzip
etag: W/"2ef45692189bc5c8584a06b7b8409342"
age: 60675
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GuW_uXUQeyZi2SzHpJ2M-JuX8_5ylCyctGxkk3FXpfbd29NodUXF3g==
date: Sun, 22 Mar 2026 22:57:02 GMT
content-type: image/svg+xml
vary: accept-encoding
server: nginx
last-modified: Mon, 12 May 2025 23:58:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 1D999C15ABD60F9C7614234E59748D6E88DA48CB.svg
d1ayxb9ooonjts.cloudfront.net/d/ 563 B
925 B 23ms
19ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/1D999C15ABD60F9C7614234E59748D6E88DA48CB.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 50372d78d348a80a73a452b595840a7e2b2def7406a291b0842c3ef097b8c14e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: accept-encoding
etag: "a42b6b8c5ace48e0e2dbeb10abd894dd"
age: 20762
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: mOFIPGi1sJ826TJ7PgtdhaKUhPxqsLHbsGjys7hl0aDGq8imTUQmmw==
date: Mon, 23 Mar 2026 10:02:14 GMT
content-type: image/svg+xml
last-modified: Mon, 12 May 2025 23:58:32 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 6C891B94781612666EDE9475CC59454B79851F4F.svg
d1ayxb9ooonjts.cloudfront.net/d/ 522 B
887 B 53ms
48ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/6C891B94781612666EDE9475CC59454B79851F4F.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 6a39349df968a2349960f419cdfff35591b3d0ff89e0e0a69831ec30c82d5cb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: accept-encoding
etag: "8d1edaef37d15589ffdb15fd94916f0b"
age: 38739
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 522
x-amz-cf-id: _nVS0ORgKMvVKZvVIBLUV1BviMVasNvdsVkVXtu0IB2R57bDMVBAzQ==
date: Mon, 23 Mar 2026 05:02:37 GMT
content-type: image/svg+xml
last-modified: Mon, 12 May 2025 23:58:32 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
d1ayxb9ooonjts.cloudfront.net/d/ 362 B
726 B 54ms
48ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8955792E2AE2972C05969B26C881AD988C9BB5BD.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: Accept-Encoding
etag: "636eb2721b75f46b2f61790d3b627d70"
age: 71919
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 362
x-amz-cf-id: B-36s0RpCPKDLAQ3w0IT84TjMijq-ptjEyub4Rk2B428gA7nEyaWZg==
date: Sun, 22 Mar 2026 19:49:38 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
d1ayxb9ooonjts.cloudfront.net/d/ 17 KB
17 KB 285ms
280ms Image
image/webp 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/7C75D35E20E45DF9C90AF96EB32B81BAAA55B50D.webp
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: Accept-Encoding
etag: "a6c2aae1b41d9e328c4f8e6c34e3d12c"
age: 61570
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 17206
x-amz-cf-id: Pp6o2csiCYEvWE037XKL2qO-uEzKN-GsT-FyeQy3eFooqN_MtRw1gA==
date: Sun, 22 Mar 2026 22:42:08 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 17:03:54 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
d1ayxb9ooonjts.cloudfront.net/d/ 401 B
764 B 287ms
282ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/E8AA887989AD48F5366B7DCFAEAB4A3FF8150A1D.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: accept-encoding
etag: "ac532c5f7b8ff686a348d1abaa8326d4"
age: 46347
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 401
x-amz-cf-id: OX262RpQObAzjeauowQd5PheFw0mmFot_3udy7KoVBtBBf_84w2WoQ==
date: Mon, 23 Mar 2026 02:55:49 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 12032AF2C457BB634C4039A306C2C39420BF51EB.svg
d1ayxb9ooonjts.cloudfront.net/d/ 2 KB
1 KB 285ms
281ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/12032AF2C457BB634C4039A306C2C39420BF51EB.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

x-amz-cf-pop: SIN2-P2
content-encoding: gzip
etag: W/"8f18e0d46157b022c600e0e735813a91"
age: 67694
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2aLU-dO8yVKLixN9VpDxvKJHt9x2luXTVqoUxVnh-Mx7gWm585tX_A==
date: Sun, 22 Mar 2026 21:00:02 GMT
content-type: image/svg+xml
vary: accept-encoding
server: nginx
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 704DBB97AC75F2A7D9571254B944F17277707059.svg
d1ayxb9ooonjts.cloudfront.net/d/ 502 B
865 B 286ms
281ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/704DBB97AC75F2A7D9571254B944F17277707059.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: Accept-Encoding
etag: "a0ff281181e05ab5f10f48b00bdf362e"
age: 71919
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 502
x-amz-cf-id: rCbdeuhSH43ArM4jjnZ17sFZ41xhZ4W3gwGRcznlYXVkNvlyPcQ95g==
date: Sun, 22 Mar 2026 19:49:37 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
d1ayxb9ooonjts.cloudfront.net/d/ 648 B
1011 B 287ms
283ms Image
image/svg+xml 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/8F9B499DDC670821F87C474721CA954C0C1AD3F5.svg
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: accept-encoding
etag: "01e6d41986e3aff2a481b34bbb250d3d"
age: 63897
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 648
x-amz-cf-id: aBnC_TroAGgLOeucA_9giEj3HL1sk7WVfhWMMr_iL6o8px3I5hOz0w==
date: Sun, 22 Mar 2026 22:03:19 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Mar 2025 12:29:32 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

POST
H2 200 beacon
bit.ly/preview_page/ 16 B
80 B 254ms
247ms Ping
application/json 67.199.248.10
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/41b4idp

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 23 Mar 2026 15:48:16 GMT
content-type: application/json
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
109 KB 238ms
11ms Script
application/javascript 172.217.194.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWRJL959

Requested by

Host: bit.ly
URL: https://bit.ly/41b4idp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

si-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9b2ce11036f909146d1276dca44e76c9f73050281320e58d947497125ee54d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: zstd
expires: Mon, 23 Mar 2026 15:48:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Mar 2026 15:48:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Mar 2026 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 111324
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 fides.js Show response
bitly.fides-cdn.ethyca.com/ 690 KB
91 KB 2489ms
374ms Script
application/javascript 3.169.71.91
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://bitly.fides-cdn.ethyca.com/fides.js?&property_id=FDS-I3S3I5
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.169.71.91 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-3-169-71-91.tlv55.r.cloudfront.net
Software: /
Resource Hash: 32f6165a95fdeaf723c452fc809f3946cc3553df3f6f89c1c78ef2f115c8b81a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: max-age=3600, stale-while-revalidate=86400, stale-if-error=86400, public
content-encoding: gzip
etag: "t997irtcs9f5g3"
age: 2736
via: 1.1 62133de210e7126dcf7c7e55389bfa22.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: EEcJnBqLw_d5ZyhptKBBdNXVMyC0VRqDjiXAqMcXtyzSXYM3VH78eA==
date: Mon, 23 Mar 2026 15:02:42 GMT
content-type: application/javascript
vary: cloudfront-viewer-country,cloudfront-viewer-country-region,Accept-Encoding
x-amz-cf-pop: TLV55-P1
access-control-allow-headers: *

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 227ms
226ms Ping
application/json 67.199.248.10
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/41b4idp

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 23 Mar 2026 15:48:19 GMT
content-type: application/json
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 29ms
18ms Script
text/javascript 64.233.170.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bit.ly
URL: https://bit.ly/41b4idp

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

3818322bd9d19ec78ad6ea171279136bd6b00fe23a6d3188428466518ac6f341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: br
etag: 731 / 20535 / m202603170101 / config-hash: 4758027762357444092
x-content-type-options: nosniff
expires: Mon, 23 Mar 2026 15:48:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 23 Mar 2026 15:48:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34890
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/ 577 KB
181 KB 5ms
5ms Script
text/javascript 64.233.170.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

8736a524039140dd3f9e4f14a771b0de65856e6fda9e49df0f5b8169738fc57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: br
etag: 16251858746889194152
age: 53919
x-content-type-options: nosniff
expires: Tue, 23 Mar 2027 00:49:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 23 Mar 2026 00:49:40 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 185329
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202603190101/ 64 KB
23 KB 46ms
45ms Other
text/plain 64.233.170.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202603190101/gpt

Requested by

Host: bit.ly
URL: https://bit.ly/41b4idp

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

57b72388189c0685454ef43399e4a9345f4c6d0f5c7331deebc4f1a1c1f2a492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 16386929522506315440
age: 50054
x-content-type-options: nosniff
expires: Mon, 30 Mar 2026 01:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 23 Mar 2026 01:54:05 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23741
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202603190101"

GET
H2 200 partnerpixels Show response
cm.g.doubleclick.net/ Frame E5A2 41 B
232 B 26ms
12ms Document
text/html 142.251.10.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://cm.g.doubleclick.net/partnerpixels?url=https%3A%2F%2Fbit.ly%2F41b4idp

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/41b4idp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 48
content-type: text/html; charset=UTF-8
date: Mon, 23 Mar 2026 15:48:20 GMT
referrer-policy: origin
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 3 KB
3 KB 332ms
317ms Script
text/javascript 34.96.70.87
Google LLC

General

Check archive.org

Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

etag: 861bdaf24bda5c0db45c6ebe1c94a9eb
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2729
date: Mon, 23 Mar 2026 15:48:20 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 05 Feb 2025 14:45:21 GMT
server: Google Frontend
x-cloud-trace-context: 82bedb509886769dfbb3a23479fea854

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
5 KB 459ms
459ms Fetch
text/plain 64.233.170.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=710366422303377&correlator=2600015283190467&eid=31097209%2C83322746&output=ldjh&gdfp_req=1&vrg=202603170101&ptt=17&impl=fifs&iu_parts=23199830770%2Cbitly_previewpage_default_responsive_side_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&ifi=1&dids=div-gpt-ad-1724340542602-0&adfs=3434351373&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1774280900201&lmt=1774280900&adxs=179&adys=350&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbit.ly%2F41b4idp&vis=1&psz=658x605&msz=300x0&fws=0&ohw=0&a3p=EhcKCHJ0YmhvdXNlGOT8h9vRM0gAUgIIZA..&dlt=1774280896003&idt=4149&prev_scp=ac%3D2025-08%26g%3DID%26cohort%3D9_3_auto%26connection_type%3Dlink%26ea%3Ddefault%26browser%3Dchrome%26dt%3Ddesktop%26hw%3D39%26dg%3DIN%26tt%3Dcore%26t%3Dg_e&adks=3309689787&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

c40303a7feee3a3fb09af12f68115268a6955e3fc707e148e48d14eed3abbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: dcb
google-lineitem-id: 6771137968
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 23 Mar 2026 15:48:20 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138526851862
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bit.ly
content-length: 5226
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 0A77 7 KB
3 KB 20ms
7ms Document
text/html 74.125.68.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/41b4idp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Mar 2026 15:48:20 GMT
expires: Mon, 23 Mar 2026 15:48:20 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 91ms
24ms XHR
application/json 74.125.24.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202603170101&st=env&sjk=710366422303377

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

180361177b7dcc5744a2e125e805a4387be92c63228c4491f9f77c2071e9a784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13644
date: Mon, 23 Mar 2026 15:48:20 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 911DC5232AD960E5CD922312AAAA1768D921C30F.png
d1ayxb9ooonjts.cloudfront.net/d/ 1 KB
1 KB 27ms
26ms Other
image/png 13.33.100.110
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/d/911DC5232AD960E5CD922312AAAA1768D921C30F.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.110 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-100-110.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

vary: Accept-Encoding
etag: "de191ceae91ff28f37bcd7fe122e3a09"
age: 68729
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1142
x-amz-cf-id: 5LZGH9vJrLwZBs81Ny8a7gNi81Gl1bekyuhTQACYbI4qVQL8uMCddA==
date: Sun, 22 Mar 2026 20:42:51 GMT
content-type: image/png
last-modified: Thu, 06 Mar 2025 12:29:31 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92D6 0
0 16ms
15ms Fetch
image/gif 64.233.170.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT9oZX3BTbU6vVVYOamlABgw8mbNzkKx4XbAMudnhb8Ok-hAYINT-yVeZO_gAkK0ttdrflaiPxPQlAV79oW-Xut-aCPOESFY6d6NFPB4a5klV6Hh1qVJ3Es_CtBwfS1HI5G4yC5MJz66GemnAC7YHKdErCl9lxYeKq_v5xFUyQWYaTqJXtnS_5VeKyr7vmbhesuuv3vzcvTWrZg3lGxyU2r7GyN9rJGsw8mo3MtoMPV3MKXd6U11icERng2bl3oe3_T9IJPcZu6iJyeIJqFIGoYxv3obfe8JYrPel1h9hiFAEE7m-JjJPbbMUkHwXcjzlLxI1N_nPrEQOnrF48ymPlQ0zb3Yh1anbpt5TFumBebM26jiyllwqFgmTbMPvRQMJb5p09__7P7-S3wqscXW5J3-yf_13yeEoWJcWZviGm7yBR_OSSLTQSWvbY1m2Nszlf_TmVUtqdcLIsEmS2sXIi&sai=AMfl-YS9MlgRDHeExHRilJHa9xEq_rjRt4pIkxPCAKztWTGz7T3wE5bDh6TUAcGEleKy-R1u0ph3xkJwPwQSt3Hvs4IGkbBsbCnY_AWtwKu2xdtrt4KwWxJS0TqiBX7KjWIBVaW_CNwke9Vw1X37ZaVlq2mlZfTexenTbAMKkpRdsxFQCwzihiPkkSIKagELcmPfgxA5JMx4RKFnQvx5rkJ9muEqazWNUkFmrNZIt9lnUWMmXUTYY-XgUccroVQAFaiY5WUh3c01dwcyhWRHM12NbSFg3bfu5-iVZ3B340uwbf-NtdhwhDauZ3Xe5fUzKNpDnWWvVFZntPIJwXrhAwgv_jS829hJeCqkPw&sig=Cg0ArKJSzHCfNjyCASZ3EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: bit.ly
URL: https://bit.ly/41b4idp

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 23 Mar 2026 15:48:20 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 23 Mar 2026 15:48:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20260320/r20110914/client/ Frame 92D6 3 KB
2 KB 229ms
6ms Script
text/javascript 64.233.170.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20260320/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

73ef34ed57b69c5a35720bfc3ac6ebf6da3cf1289824112841d403c0fd169f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: br
etag: 772434001065076922
age: 9215
x-content-type-options: nosniff
expires: Mon, 06 Apr 2026 13:14:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 23 Mar 2026 13:14:45 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1235
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 92D6 237 KB
73 KB 93ms
6ms Script
text/javascript 142.250.4.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

4d5dc25198f0f493ce8b221a2e559147962e73d4cfc747f05fb41638e4c7800d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: br
etag: 3719088209277678497
age: 1249
x-content-type-options: nosniff
expires: Mon, 23 Mar 2026 16:27:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 23 Mar 2026 15:27:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=Shift_JIS
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 74813
x-xss-protection: 0
server: cafe

GET
H2 200 8412499337025959027
tpc.googlesyndication.com/simgad/ Frame 92D6 22 KB
22 KB 228ms
7ms Image
image/png 64.233.170.132
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8412499337025959027

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

b0d9da3f54f24e28236048aaf97c5b0226f0df4f61dd48e42123f652ea4aa9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

age: 405503
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Thu, 18 Mar 2027 23:09:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Wed, 18 Mar 2026 23:09:57 GMT
last-modified: Mon, 11 Aug 2025 15:13:02 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 22146
x-xss-protection: 0
server: sffe

POST
H3 200 beacon
bit.ly/preview_page/ 16 B
29 B 224ms
223ms Ping
application/json 67.199.248.10
Google LLC

General

Check archive.org

Download Go to

Full URL: https://bit.ly/preview_page/beacon
Requested by: Host: bit.ly
URL: https://bit.ly/41b4idp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 67.199.248.10 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: bit.ly
Software: nginx /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://bit.ly/41b4idp

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 23 Mar 2026 15:48:20 GMT
content-type: application/json
server: nginx

GET
DATA 200
OK truncated
/ Frame 92D6 217 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06747c3fea54e612a9c687cf3fd9d488508fd0d0aad4f4ff27f2d04be2edf2a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 21 KB
8 KB 233ms
6ms Script
text/javascript 172.253.158.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202603170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.158.132 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

so-in-f132.1e100.net

Software

sffe /

Resource Hash

893c7f6aca9aca8c8aded19a9cd8919cbd7a205cff7f6503d1241b8fa2f721ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

content-encoding: gzip
etag: "1772145733101481"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 23 Mar 2026 15:48:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Mar 2026 15:48:20 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7609
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D6 0
0 9ms
8ms Fetch
image/gif 142.250.4.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 23 Mar 2026 15:48:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D6 0
0 8ms
7ms Fetch
image/gif 142.250.4.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 23 Mar 2026 15:48:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D6 0
0 8ms
8ms Fetch
image/gif 142.250.4.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 23 Mar 2026 15:48:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92D6 0
0 22ms
22ms Fetch
image/gif 64.233.170.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6R4KrAviT_hTX72WGTwGW-XjcVfHU4IQtFh1ARR94g7LVgS1VX7GqquZhDBYNEaoEmlAHtT_XZObpKMIl71_ml7e5V5v_8XSQEqFJlmBm8zkt2xjt0VqF1rewPzxG58aa6tWyoAyjawW16pNDD3PzPo1Ic8WAdew1uOi-0-SQAWdfXp1agebR8PoEkE_2Md7lf8bPbKRe-th2pzTRGV4UM0VlkVYs3p1JZnqB1Xq1n8rTpXZZfhjnnqcxhwCFXwRtph7Yf1cRp_dD_dZySzQobXpRyuM04ZLGI68h7pdL-KO8_LbnxQyDkzGoEcNd5tTbXkhV6GkqsXpq-5cohjzaLripadvKB7kVtbZLPHXf_qZqw3ld7jsnPzkZAeiai9jA4L4Rzc1g19Id3vvdf7zIBq0utKvIfz0xMEelQ4agsLYbiqF-GQrmqpHkob8kfJwAog7Os4IEMjd7ngok587cgWs&sai=AMfl-YTHYv1gQcWiWbruufwGzqGVRay_c-FYdcqxSR2rBiR4sFWXAXuLUAX-DFvjnjABoZnsulMpB9qq3rG_kKWS33bSZ66G0qoCUlO1dRT1EFRZHMxbJYIFenmbRfZv9SCEMPeDjEB8RMOZURyTfsjj5ocLNEcCjo7Q8QPiPwPzWzthadl3o5wONT9p7k9htbXurEX9UrKHb21den111naIQjuAwq4GajDUM9OkD1jecGjjgw8t6Xr_yQLft7jI_3SrJKpVh7UCwV37yGu4iJPmEH_mDifTJaXEGNOxnv-xFYfn-KJNWb3JIua4KhzKuWfNMYLv7nQbERHQJytRbUseKnj9NRcBJeSsSQ&sig=Cg0ArKJSzD7pj8BYfPU-EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 23 Mar 2026 15:48:20 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 23 Mar 2026 15:48:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/253/ Frame 3644 14 KB
6 KB 19ms
7ms Document
text/html 172.253.158.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.158.132 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

so-in-f132.1e100.net

Software

sffe /

Resource Hash

b77745f4a57eb621e30714ec9daf54ab1191ea694bca8898a48b5ce75de5843b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/41b4idp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5450
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Mar 2026 15:24:43 GMT
expires: Mon, 23 Mar 2026 16:14:43 GMT
last-modified: Thu, 26 Feb 2026 22:42:13 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0077 829 B
568 B 89ms
80ms Document
text/html 172.217.194.103
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.103 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

si-in-f103.1e100.net

Software

ESF /

Resource Hash

627aa0304083575d6786a99eb3ea83319a27a20c91b408a4b9e79e3ef8c5d675

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WNOibWKrrPz-oJT0DzFAVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bit.ly/41b4idp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WNOibWKrrPz-oJT0DzFAVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Mar 2026 15:48:21 GMT
expires: Mon, 23 Mar 2026 15:48:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 avaWxxNl1TEG5yNxRtJSUTr4_32MEaSvTkgruF5ToMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3644 57 KB
22 KB 13ms
4ms Script
text/javascript 142.250.4.157
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/avaWxxNl1TEG5yNxRtJSUTr4_32MEaSvTkgruF5ToMc.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f157.1e100.net

Software

sffe /

Resource Hash

6af696c71365d53106e7237146d252513af8ff7d8c11a4af4e482bb85e53a0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 582748
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Tue, 16 Mar 2027 21:55:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Mar 2026 21:55:53 GMT
last-modified: Wed, 11 Mar 2026 09:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22299
x-xss-protection: 0
server: sffe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0077 0
17 B 8ms
8ms Image
image/ 142.250.4.157
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=253&li=gpt_m202603170101&jk=710366422303377&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 23 Mar 2026 15:48:21 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 3644 0
40 B 6ms
4ms Image
text/plain 172.253.158.132
Google LLC

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?1N0AfA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.158.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: so-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Mar 2026 15:48:21 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 26ms
24ms Image
image/ 74.125.24.155
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=253&t=2&li=gpt_m202603170101&jk=710366422303377&bg=!39yl3L7NAAYhAk0PAQI7AEcBe5WfOPDQmZIYh5qbwc-huXdW8WjHzsLdY_TviYGo470fpHrH3XVjxbEUDP5VJiGHh7VsBkXrxPXJxV01u46L2Mk_g1y_jQIAAACzUgAAAAdoAQd-ADe2izM-wq_NQGlRVZ_WNtoUcTZ9J3UK1BpJ6vsBwFbrpimL7yjXriVE4xJhw8B3fM6dXTgJo8kamQJfYBnhom0DJMJjgPzdd9K19JEGzk4-iRPGf0kx5JtA58gazTdwF6OtxO3f9Xi-6p4uwvd4_Mgw-ZEz6yp_jJWjOiUuwUb3dglnIpJkizN3AQg26_jWWAhU-uVyV8rvcnZEbvd-52T2BuZX4n9SHwN9q8HI942iHIAkFIb4Mdvpay1xf40cN6P5HQBPpCWY9-Igg9HwSLEWBP5rklff--kWfdBB5fBCvWgTAL8BmJWqNzQYAwYrI3h0390UHPV6VIc4Zr9CgUx_ZWIRZ1fDelVyt70d9eNHRkLO_DuT3X5X1foL4qN-n4I6WgVBQ4188RB8l68qBmhUjZs3deCL_F0oA_jbcNJgo0mpodNwOfPHYS4R1kBngcqvIcn_L2c6eIDGDJDPW5qyC85R8DliPq0CEaJiaTY_pOH8jeOgmSATsHpPWnkRoQxCJGJSua3stnT7XNp2_Oj2nGuJctztTnefH-8GgJGUjWiSOURaLG2YMBgZ-z_1DmxNc1I7JpleLaD_BJodHEgITDFVPMUAmPnvvBID1nhl8jeEqi-wKTCeMikeFkYkVWBWYZrO3EcAHIcZDl1934L7xgb716M7TPrK9owNb1jeSLdNUyPHSaL9AQynkWFA3XanciFHz_ZYpxwLYm26aE3iJ4vqfObUhdwp55DH21Das5WQdc1R8WQlHUaNG873YEysbXVpAecx5tnJg5x-OJqm_M05h4B0bfw2M8PROkOgPFdBvA1xY4xCd3QhiWbagffWI_7J0R5EaOC7vOM030gGLzgAPB0MwvXHQNz_tAPvQhtoG9Wmq4H4YA

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 23 Mar 2026 15:48:21 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92D6 42 B
65 B 11ms
11ms Fetch
image/gif 142.250.4.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2yDe0lhQPQO7Kn5NGrJAoPDxiPdOMcVpP8juCRDsm22ReGZA1ngjMzjXlON9q_nknG1oXOYmC3TY4WYs7F9AXoLa9MGlau6C-BIzOBhBY_SAtGT_6d3hw4fMv1XdsEYWWnGgXt1r7pI-kh24Xgbkpoe4a_O2cKStiFVjJFDJiyyXsfq2U9VAZIh4&sig=Cg0ArKJSzEilBoYbb8QvEAE&id=lidar2&mcvt=1000&p=209,161,489,497&tm=1064.2999992370605&tu=64.5&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260318&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3309689787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=7021370000&rst=1774280900703&rpt=249&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer: https://bit.ly/41b4idp

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 23 Mar 2026 15:48:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Verdicts & Comments Add Verdict or Comment

22 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 17:10:32	Name: _bit Value: q2nfMf-831a48d134d57ee6e6-00C
.bit.ly/	1970-01-21 22:12:56	Name: __gads Value: ID=f5b5bcc814adc4e8:T=1774280900:RT=1774280900:S=ALNI_MY6Hy-rixaaXy3HyF3gdjuxBiJm9A
.bit.ly/	1970-01-21 22:12:56	Name: __gpi Value: UID=0000122aa861fc75:T=1774280900:RT=1774280900:S=ALNI_MbLjWURHMVeZrdKTbAFvTslAsFh0Q
.bit.ly/	1970-01-21 17:10:32	Name: __eoi Value: ID=ae5e71ad036f8cb9:T=1774280900:RT=1774280900:S=AA-AfjYoLOQC6FT_BbFvXFSD7QfA
.doubleclick.net/	1970-01-21 22:27:20	Name: IDE Value: AHWqTUmnLQSOi5gi-qWYDI9Lps5cPWcTg2e5sGC7_icj4PZ07T0c_NvjXEmH5aD-t1g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/253/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B0EE190C2C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

50602029e5a5685a802e908331f57253.safeframe.googlesyndication.com
bit.ly
bitly.fides-cdn.ethyca.com
cm.g.doubleclick.net
d1ayxb9ooonjts.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
invstatic101.creativecdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
13.33.100.110
142.250.4.156
142.250.4.157
142.251.10.156
172.217.194.103
172.217.194.97
172.253.158.132
3.169.71.91
34.96.70.87
64.233.170.132
64.233.170.155
67.199.248.10
74.125.24.155
74.125.68.132
06747c3fea54e612a9c687cf3fd9d488508fd0d0aad4f4ff27f2d04be2edf2a8
12c9a6eed2603d77156f42edb7da103f34adbf7668579dce95a1d47b9d8d1a29
180361177b7dcc5744a2e125e805a4387be92c63228c4491f9f77c2071e9a784
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
32f6165a95fdeaf723c452fc809f3946cc3553df3f6f89c1c78ef2f115c8b81a
3818322bd9d19ec78ad6ea171279136bd6b00fe23a6d3188428466518ac6f341
3f1c4d1df1ad822b77bfad7569189f3861c51e63e9dd05fd5d37e7d395b376ad
4d5dc25198f0f493ce8b221a2e559147962e73d4cfc747f05fb41638e4c7800d
50372d78d348a80a73a452b595840a7e2b2def7406a291b0842c3ef097b8c14e
56a8a4fb115b24277c898d84fe68a5a12276708dbc73311d691be21761c188d0
57b72388189c0685454ef43399e4a9345f4c6d0f5c7331deebc4f1a1c1f2a492
5822c1ad5bfd86aa17808a851d6f05e560c2773f61a728f23cebf493dc9a4ec6
627aa0304083575d6786a99eb3ea83319a27a20c91b408a4b9e79e3ef8c5d675
6a39349df968a2349960f419cdfff35591b3d0ff89e0e0a69831ec30c82d5cb8
6af696c71365d53106e7237146d252513af8ff7d8c11a4af4e482bb85e53a0c7
73ef34ed57b69c5a35720bfc3ac6ebf6da3cf1289824112841d403c0fd169f97
8736a524039140dd3f9e4f14a771b0de65856e6fda9e49df0f5b8169738fc57e
893c7f6aca9aca8c8aded19a9cd8919cbd7a205cff7f6503d1241b8fa2f721ff
9b2ce11036f909146d1276dca44e76c9f73050281320e58d947497125ee54d92
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
b0d9da3f54f24e28236048aaf97c5b0226f0df4f61dd48e42123f652ea4aa9df
b77745f4a57eb621e30714ec9daf54ab1191ea694bca8898a48b5ce75de5843b
bef547e2ac2d3c93de149566b20050c88bfc0dc32ab84f15d288973704544a2e
c40303a7feee3a3fb09af12f68115268a6955e3fc707e148e48d14eed3abbdf7
c51fd35cfbc5051824cd1a683fade7868ec80575227d1446ec833e97727f28b2
cf3a1f5bae496ea0e4aeda4108a132d8f1e48707d083d948ef629aedc33c7fa1
e2186f8814f8290dcfce59b5d8b0463e08af5df34a624a018411b4be9dd63d5b
e25bcc9dee748831827b2a2c85b06654ca507b77a82158a452694fa41623b438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7092eb1e0435cb3e7e16af9c4b94f66e441adcc54e70e765deb5515ca8f6504
eb71d9655491b198debed418404907f06d0482f519f60082d165132471c90715
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

bit.ly 67.199.248.10 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

15 IPs

1 Countries

648 kBTransfer

2236 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bit.ly
67.199.248.10 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

15
IPs

1
Countries

648 kB
Transfer

2236 kB
Size

5
Cookies

42 HTTP transactions
1 data transactions