curl -sI https://bit.ly/carianid3 | grep -i location

To understand the vulnerability, one must understand the mechanism. When a user inputs a long URL into Bitly, the service generates a unique hash (e.g., bit.ly/3xY7zP ). The "free" tier of these services relies on a finite namespace.

: Basic tracking for total clicks and limited data on referrers and locations. How to Identify/Reveal a Bitly Link