bitly.pw Open in urlscan Pro
172.67.214.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bitly.pw/QWCFo
Submission: On May 08 via manual (May 8th 2024, 3:09:34 pm UTC) from ES — Scanned from ES

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 172.67.214.217, located in United States and belongs to CLOUDFLARENET, US. The main domain is bitly.pw.
TLS certificate: Issued by GTS CA 1P5 on May 4th 2024. Valid for: 3 months.

This is the only time bitly.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	172.67.214.217 172.67.214.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
15	4

8 172.67.214.217 (United States)

ASN13335 (CLOUDFLARENET, US)

bitly.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bitly.pw bitly.pw	93 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	210 KB
15	2

	Domain	Requested by
8	bitly.pw	bitly.pw
5	pagead2.googlesyndication.com	bitly.pw pagead2.googlesyndication.com
1	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
bitly.pw GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bitly.pw/QWCFo
Frame ID: 0E735A12B4FB3FDFA485083EA5236B30
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240506/r20110914/zrt_lookup_fy2021.html
Frame ID: B8C5A3BC9D91116BB81CC1C5D595E9EE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9728342598508890&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715180972&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fbitly.pw%2FQWCFo&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715180971031&bpp=4&bdt=871&idt=968&shv=r20240506&mjsv=m202405070201&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2545768094414&frm=20&pv=2&ga_vid=1472703357.1715180972&ga_sid=1715180972&ga_hid=250982909&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083304%2C31083360%2C42532523%2C95329724%2C95331983%2C31083474%2C95329830%2C95331042%2C95331712%2C95332403%2C95332416&oid=2&pvsid=3892936276687529&tmod=258672115&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=995
Frame ID: A466CB2CF337BF7E88FBE47A0BEA4D6C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A55CF2C25C9A186067946D7195D258E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inactive Link - Bitly - URL Shortener

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

303 kB
Transfer

950 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request QWCFo Show response
bitly.pw/ 3 KB
1 KB 664ms
178ms Document
text/html 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/QWCFo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.28
Resource Hash: 62b5d5f6159265285dcb84dc492cc9a58ad78314dc5a12df2500c9b0f64facd0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 880a5f06ace1998c-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 15:09:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvQJXXcdlQmJ5ZdJHN2Jyxuzx7CxgFCycP7o%2B6zXc81EopzkQ7r4dbhGLA65Cf%2BbgjHHjWM5xg8T1dJ905wAauQkV4Y5YkuvgLqViRhk9oC3cWRZXZ9eZiiLaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
bitly.pw/static/ 187 KB
28 KB 83ms
81ms Stylesheet
text/css 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/static/bootstrap.min.css
Requested by: Host: bitly.pw
URL: https://bitly.pw/QWCFo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667244226d2cae230d34813312d2b962e94b8454fac7bd98606e67c41929f44a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/QWCFo
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 10:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 112825
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKbYGaQY26NTlYTye1QYFbDZYirPnoNChAsGKbtBW2IOmZ%2BRP3TyfNj50E33e24iw4KMWJkA5Mjg1Ut34bfajnKMh95Pfk9ws5zhWadRODqVVj2ZX9OFIhho3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 880a5f07bd79998c-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 07:49:05 GMT

GET
H2 200 all.min.css
bitly.pw/static/frontend/libs/fontawesome/ 100 KB
23 KB 88ms
87ms Stylesheet
text/css 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/static/frontend/libs/fontawesome/all.min.css
Requested by: Host: bitly.pw
URL: https://bitly.pw/QWCFo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/QWCFo
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 03:21:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 582272
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lk3DaLUZsnSWxAWT8gJsxACaZbY1xYkNRLVl%2Bj67KUSGbu6AuoYtGRMJxcZLu7PNCBDfgOp%2F%2FMtB65SYTiLitXERac4ysr03qfJ42MDhvcDX7DfBB7fS7whYmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 880a5f07bd7a998c-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 May 2024 21:24:58 GMT

GET
H2 200 style.min.css
bitly.pw/static/ 19 KB
4 KB 81ms
80ms Stylesheet
text/css 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/static/style.min.css
Requested by: Host: bitly.pw
URL: https://bitly.pw/QWCFo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7422e71a27b73e1feb5671d213c1320033b84187cd56fc78c1c709c0ec2d9b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/QWCFo
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 05:32:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123500
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6xDHiJ75nQo1%2BFM5I8pMCnOsFlYnLtVx3YS%2Fmle%2Fh7P5W8L6EubpgFn8H35LyNshyRIZRnf6cQMwuLMHTVnV9v6gPrHQPFpkDa5ZBNTnpquZtVNZ1VpX6%2BXBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 880a5f07bd7c998c-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 04:51:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 701ms
178ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9728342598508890

Requested by

Host: bitly.pw
URL: https://bitly.pw/QWCFo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ced049978eea91b24114056b23f5213a6d3b1fc29b88e1a39df219d08a8a2a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/
Origin: https://bitly.pw
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51851
x-xss-protection: 0
server: cafe
etag: 14135659524087177714
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 08 May 2024 15:09:30 GMT

GET
H2 200 variables.css
bitly.pw/content/ 340 B
484 B 76ms
74ms Stylesheet
text/css 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/content/variables.css
Requested by: Host: bitly.pw
URL: https://bitly.pw/static/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8421ce710d08abd1a864be559c405844af2b96965a8c4e341ba1b47b8c0f233

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/static/style.min.css
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123500
cf-polished: origSize=341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 10:50:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzhoG7f6DsrmvkQdzuccqGC9tWkC2CEP9%2FC0tBeIqx3NhKe3PPN4XUuOgbEy6n1u3rrLhBJABNFdNO8NhXh5Spf6yMzZ1M1Bc4uKPWRsFHDt4pd4G5%2FlSig0aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 880a5f084de3998c-CDG
expires: Tue, 14 May 2024 04:51:10 GMT

GET
H2 200 nunito-sans-v12-latin-700.woff2
bitly.pw/static/frontend/fonts/ 17 KB
17 KB 84ms
83ms Font
font/woff2 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/static/frontend/fonts/nunito-sans-v12-latin-700.woff2
Requested by: Host: bitly.pw
URL: https://bitly.pw/static/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/static/style.min.css
Origin: https://bitly.pw
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112825
alt-svc: h3=":443"; ma=86400
content-length: 17116
last-modified: Sun, 06 Nov 2022 12:55:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPyaMyx6ChdcBaAN0utrywRD94FHDeVhLnSD%2B%2Fnu1V2%2FUmEjAhcRdft7KQY8a2ttP9AASnoKVi2LPzEJzHMDVuPQwM1StIduczsjDZAMLgbqbURPkZXWyKVHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 880a5f08ce4d998c-CDG
expires: Tue, 14 May 2024 07:49:05 GMT

GET
H2 200 nunito-sans-v12-latin-regular.woff2
bitly.pw/static/frontend/fonts/ 17 KB
17 KB 85ms
84ms Font
font/woff2 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2
Requested by: Host: bitly.pw
URL: https://bitly.pw/static/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/static/style.min.css
Origin: https://bitly.pw
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101109
alt-svc: h3=":443"; ma=86400
content-length: 16980
last-modified: Sun, 06 Nov 2022 12:55:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOdE0%2Bp%2FswPsg%2BvWiVdmh5Ffb%2BUBb22OFxubr2MdawN6nM47YxjBclZFqdIq0ufMltz05L7duRxb%2FVNCXWNSowcMRCUt0Rkg0I1HHM61c6IxUaW8OvM9ZeaCgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 880a5f08ce50998c-CDG
expires: Tue, 14 May 2024 11:04:21 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070201/ 412 KB
140 KB 704ms
212ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9728342598508890&plah=bitly.pw&aplac=true&bust=31083474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9728342598508890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6ad168cd78e8c85e8dc79e37d74a01127a0cbd379f3e9876f61203afa396fef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142547
x-xss-protection: 0
server: cafe
etag: 7458374464916301147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 May 2024 15:09:31 GMT

GET
H2 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240506/r20110914/ Frame B8C5 0
0 1009ms
115ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240506/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9728342598508890&plah=bitly.pw&aplac=true&bust=31083474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://bitly.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 50600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 01:06:12 GMT
etag: 5035419970550746386
expires: Wed, 22 May 2024 01:06:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads
pagead2.googlesyndication.com/pagead/ Frame A466 0
0 1077ms
204ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9728342598508890&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715180972&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fbitly.pw%2FQWCFo&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715180971031&bpp=4&bdt=871&idt=968&shv=r20240506&mjsv=m202405070201&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2545768094414&frm=20&pv=2&ga_vid=1472703357.1715180972&ga_sid=1715180972&ga_hid=250982909&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083304%2C31083360%2C42532523%2C95329724%2C95331983%2C31083474%2C95329830%2C95331042%2C95331712%2C95332403%2C95332416&oid=2&pvsid=3892936276687529&tmod=258672115&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=995

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://bitly.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 15:09:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 137ms
136ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240506&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b6fdf44a9bd0ccf0fd78e6e52e9f10e30ed669a24b55129a0d510e6c48328418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12306
x-xss-protection: 0

GET
H2 200 favicon.ico
bitly.pw/ 15 KB
2 KB 75ms
75ms Other
image/x-icon 172.67.214.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.pw/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6668e0b78f5c65698c0a3a3e48d447f4d703609a774cacabda1ef7ad143a529b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/QWCFo
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Mar 2022 06:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101807
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgE12YWgIfkzs7o%2F8FoB5Pwq%2BJ9mpGtiMSs0oiBGaeSTJc%2Bl3KXAXn6hGogksCZmcTJiZ8uOkKLJ4fyLp08O2PeL8xS5mYWez6eZQkt0b30XwKXeKTDwMMlZeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 880a5f1a2b2f998c-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 May 2024 10:52:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 667ms
142ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bitly.pw/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:09:33 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A55 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bitly.pw/	1969-12-31 23:59:59	Name: PHPSESSID Value: d2hlti09g47aeffpcilr4hfo7s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitly.pw
pagead2.googlesyndication.com
tpc.googlesyndication.com
tpc.googlesyndication.com
142.250.186.66
172.217.16.193
172.67.214.217
1e7422e71a27b73e1feb5671d213c1320033b84187cd56fc78c1c709c0ec2d9b
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b5d5f6159265285dcb84dc492cc9a58ad78314dc5a12df2500c9b0f64facd0
6668e0b78f5c65698c0a3a3e48d447f4d703609a774cacabda1ef7ad143a529b
667244226d2cae230d34813312d2b962e94b8454fac7bd98606e67c41929f44a
6ad168cd78e8c85e8dc79e37d74a01127a0cbd379f3e9876f61203afa396fef7
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
b6fdf44a9bd0ccf0fd78e6e52e9f10e30ed669a24b55129a0d510e6c48328418
b8421ce710d08abd1a864be559c405844af2b96965a8c4e341ba1b47b8c0f233
ced049978eea91b24114056b23f5213a6d3b1fc29b88e1a39df219d08a8a2a82

bitly.pw Open in urlscan Pro 172.67.214.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

4 IPs

1 Countries

303 kBTransfer

950 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

1 Cookies

Indicators

bitly.pw Open in urlscan Pro
172.67.214.217 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

303 kB
Transfer

950 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions