bestaustraliaonlinecasinos.us.com Open in urlscan Pro
104.21.2.230  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://bestaustraliaonlinecasinos.us.com/ HTTP 307
   https://bestaustraliaonlinecasinos.us.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

• https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
• https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 18

• https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4224684815200595716&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
• https://c1.adform.net/serving/cookie/match?party=10&cid=4579646435090638743

Request Chain 20

• https://x.bidswitch.net/sync?dsp_id=70&user_id=4224684815200595716 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4224684815200595716 HTTP 302
• https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=881ea3b1-bf25-43fc-a43f-30aa1e78d18d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 21

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224684815200595716&expiration=1769604908 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224684815200595716&expiration=1769604908&C=1

Request Chain 22

• https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4224684815200595716&sInitiator=external HTTP 302
• https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4224684815200595716&sInitiator=external HTTP 302
• https://sg.semasio.net/sync/1/16266044?sExtCookieId=4224684815200595716&gdpr=&sInitiator=external HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr= HTTP 302
• https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=4f7a6498-b471-4f80-bae0-d8bb7914e5bd HTTP 302
• https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=4f7a6498-b471-4f80-bae0-d8bb7914e5bd HTTP 302
• https://ib.adnxs.com/getuid?https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
• https://su.semasio.net/sync/1/4354957?sExtCookieId=8408700177895381908&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg1MjQ0NjQvdC8w/url/https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F9732522%3FsExtCookieId%3D%24!%7BTURN_UUID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
• https://su.semasio.net/sync/1/9732522?sExtCookieId=3169401497116117844&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
• https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F19129194%3FsExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
• https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F19129194%3FsExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=&_test=aWeSLgAAHR7rBgBV

Request Chain 23

• https://ps.eyeota.net/match?uid=4224684815200595716&bid=9gdtmu1 HTTP 302
• https://ps.eyeota.net/match/bounce/?uid=4224684815200595716&bid=9gdtmu1

Request Chain 24

• https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224684815200595716 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224684815200595716&xl8blockcheck=1 HTTP 302
• https://load77.exelator.com/pixel.gif

Request Chain 25

• https://idsync.rlcdn.com/398366.gif?partner_uid=4224684815200595716 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNDIyNDY4NDgxNTIwMDU5NTcxNhAAGg0IraSeywYSBQjoBxAAQgBKAA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&rand=06897651 HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&rand=06897651&expected_cookie=d469de76-f55f-4bf5-b8ff-7e275909542e

Request Chain 26

• https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=4224684815200595716 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=4224684815200595716&ct=y

Request Chain 27

• https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4224684815200595716 HTTP 302
• https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4224684815200595716

Request Chain 28

• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDIyNDY4NDgxNTIwMDU5NTcxNg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDIyNDY4NDgxNTIwMDU5NTcxNg&google_tc= HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDTybWgPQQKaTd6yUvkuvbI&google_cver=1&google_ula=1641347,0

Request Chain 29

• https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
• https://c1.adform.net/serving/cookie/match?party=3&id=8408700177895381908&redirect=1 HTTP 302
• https://secure.adnxs.com/setuid?entity=91&code=4224684815200595716

Request Chain 33

• https://a.audrte.com/a?adform_uid=4224684815200595716 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMHdwOXEtOUxGRlZzZFJRdWF2T0JnNHJjTEVlZy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26aruid%3Dmke0wp9q-9LFFVsdRQuavOBg4rcLEeg-ad HTTP 302
• https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&aruid=mke0wp9q-9LFFVsdRQuavOBg4rcLEeg-ad&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/p

Request Chain 34

• https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4224684815200595716&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4224684815200595716&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1007&cid=65734048614897596710268796137463533655&noredirect=1

Request Chain 35

• https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4224684815200595716 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213290605492006296601

Request Chain 36

• https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595200018574735726

Request Chain 37

• https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_ HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1084&cid=Epoy3p991VG0oZ5

Request Chain 38

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=4f7a6498-b471-4f80-bae0-d8bb7914e5bd

Request Chain 39

• https://id5-sync.com/s/10/0.gif?puid=4224684815200595716 HTTP 302
• https://id5-sync.com/c/10/10/2/1.gif?puid=4224684815200595716&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://id5-sync.com/c/10/2/1/2.gif?puid=8408700177895381908&gdpr=0&gdpr_consent= HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-e396dGWiMu7Fvup5z5nc2TaS9JkllH3G1HwHoajfBA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Request Chain 40

• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1848183896 HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=1145&cid=pXC7INuWE8KEWnP6Q2igae

Request Chain 42

• https://s.ad.smaato.net/c/?dspInit=1067&dspCookie=4224684815200595716 HTTP 302
• https://www.temu.com/api/adx/cm/pixel-smaato?smaato_uid=f0cf963766&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://s.ad.smaato.net/c/?adExInit=n&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=bc2yu5z&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://s.ad.smaato.net/c/g//1001604/4f7a6498-b471-4f80-bae0-d8bb7914e5bd?expiration=1770987309 HTTP 302
• https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=f0cf963766&gdpr=0&gdpr_consent=

Request Chain 46

• https://eb2.3lift.com/xuid?mid=7354&xuid=4224684815200595716&dongle=AD20 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=4224684815200595716&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

58 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response bestaustraliaonlinecasinos.us.com/ Redirect Chain http://bestaustraliaonlinecasinos.us.com/ https://bestaustraliaonlinecasinos.us.com/	2 KB 1 KB	378ms 331ms	Document text/html	104.21.2.230 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestaustraliaonlinecasinos.us.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.2.230 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c865700b5d84da26eaa5f0236e1d8af8997da75574a3cdb26d725818119f6d3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 9bdd4931ffc10ee6-EWR content-encoding zstd content-type text/html; charset=utf-8 date Wed, 14 Jan 2026 12:55:08 GMT nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} priority u=0,i report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yTOdA1Y7ZSR43YfeMW42R3DrUFTa8y4MFCJpgTW0jjFyEl1koAdRyOFKY%2FnPQ%2F9MI%2B8r3rjAHHsp0%2BuPNM1cQSmm6t7l%2FMw0QZysygh3%2BVtltmVK4JX%2FE2tFKF4b1lHHMg%3D%3D"}]} server cloudflare server-timing cfExtPri vary accept-encoding Redirect headers Location https://bestaustraliaonlinecasinos.us.com/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	api.js Show response js.hcaptcha.com/1/	270 KB 79 KB	25ms 16ms	Script application/javascript	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit Requested by Host: bestaustraliaonlinecasinos.us.com URL: https://bestaustraliaonlinecasinos.us.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8001d90f55d669cb67244e608a2ef77f01f77fc6a6561278002c7899f4b973f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://bestaustraliaonlinecasinos.us.com/ Response headers content-encoding br cf-cache-status HIT etag W/"cb0ca4239ef752290a3170ad6a1851b9" x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:08 GMT content-type application/javascript vary Origin, Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=300 cross-origin-resource-policy cross-origin cf-ray 9bdd49347eb5f799-EWR access-control-allow-origin * server cloudflare
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/	81 KB 32 KB	29ms 6ms	Script application/javascript	185.167.164.44 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: bestaustraliaonlinecasinos.us.com URL: https://bestaustraliaonlinecasinos.us.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.167.164.44 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://bestaustraliaonlinecasinos.us.com/ Response headers x-cache-status HIT, HIT, HIT cache-control public, max-age=604800 content-encoding gzip etag W/"cbd67ec72136561be113efd03055f4f4" x-amz-request-id tx00000ecdc74a9c7703a96-00685bc63e-32aa1361-default access-control-allow-origin * date Wed, 14 Jan 2026 12:55:08 GMT x-rgw-object-type Normal content-type application/javascript vary Accept-Encoding server nginx last-modified Wed, 25 Jun 2025 09:36:45 GMT
GET H3	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/ Frame 9C4E	529 KB 158 KB	28ms 19ms	Document text/html	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Requested by Host: js.hcaptcha.com URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d Security Headers Name Value Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bestaustraliaonlinecasinos.us.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=3600 cf-cache-status HIT cf-ray 9bdd49355f972f65-EWR content-encoding br content-security-policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; content-type text/html cross-origin-resource-policy cross-origin date Wed, 14 Jan 2026 12:55:08 GMT priority u=0,i server cloudflare server-timing cfExtPri strict-transport-security max-age=31536000; includeSubDomains; preload vary accept-encoding Origin x-content-type-options nosniff
GET H3	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/ Frame B704	529 KB 0	27ms 27ms	Document text/html	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Requested by Host: js.hcaptcha.com URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d Security Headers Name Value Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; X-Content-Type-Options nosniff Request headers Referer https://bestaustraliaonlinecasinos.us.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=3600 cf-cache-status HIT cf-ray 9bdd49355f972f65-EWR content-encoding br content-security-policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; content-type text/html cross-origin-resource-policy cross-origin date Wed, 14 Jan 2026 12:55:08 GMT priority u=0,i server cloudflare server-timing cfExtPri vary accept-encoding Origin x-content-type-options nosniff
GET H2	200	/ Show response a1.adform.net/Serving/TrackPoint/ Redirect Chain https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set1=en-... https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set...	819 B 1 KB	7ms 6ms	Script text/javascript	185.167.164.53 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Full URL https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Requested by Host: bestaustraliaonlinecasinos.us.com URL: https://bestaustraliaonlinecasinos.us.com/ Protocol H2 Server 185.167.164.53 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 141ac100ab45d7e0d17d7eb69b7f04616ad55fc36e73f54d8bc354799bb47391 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://bestaustraliaonlinecasinos.us.com/ Response headers access-control-max-age 86400 content-encoding gzip access-control-allow-methods GET,POST expires -1 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" date Wed, 14 Jan 2026 12:55:08 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-origin * server nginx Redirect headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform location https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET,POST expires -1 access-control-allow-origin * content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" date Wed, 14 Jan 2026 12:55:08 GMT server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H/1.1	200 OK	logo.png Show response af4451b0bc69.w.hcaptcha.com/ Frame B704	1 KB 2 KB	105ms 38ms	Fetch image/png	104.18.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://af4451b0bc69.w.hcaptcha.com/logo.png Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://newassets.hcaptcha.com/ Response headers Cache-Control public, max-age=86400 Timing-Allow-Origin * Connection keep-alive CF-RAY 9bdd4936fa4e434b-EWR Access-Control-Allow-Origin * Content-Length 1412 Date Wed, 14 Jan 2026 12:55:08 GMT Content-Type image/png Last-Modified Tue, 22 Oct 2020 18:30:00 GMT Vary Host, Accept-Encoding Server cloudflare
GET DATA	200 OK	truncated / Frame B704	19 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/gif
GET DATA	200 OK	truncated / Frame B704	798 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 9C4E	19 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/gif
GET H/1.1	200 OK	logo.png Show response a65b775b8106.w.hcaptcha.com/ Frame 9C4E	1 KB 2 KB	99ms 56ms	Fetch image/png	104.18.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a65b775b8106.w.hcaptcha.com/logo.png Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://newassets.hcaptcha.com/ Response headers Cache-Control public, max-age=86400 Timing-Allow-Origin * Connection keep-alive CF-RAY 9bdd4937cc83ee23-EWR Access-Control-Allow-Origin * Content-Length 1412 Date Wed, 14 Jan 2026 12:55:08 GMT Content-Type image/png Last-Modified Tue, 22 Oct 2020 18:30:00 GMT Vary Host, Accept-Encoding Server cloudflare
POST H2	200	checksiteconfig Show response api.hcaptcha.com/ Frame 9C4E	817 B 1013 B	75ms 47ms	XHR application/json	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/checksiteconfig?v=6e937500c6861f1c062311c9544857646f7e58aa&host=bestaustraliaonlinecasinos.us.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&sc=1&swa=1&spst=1 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 773d52f1def1ac9067364ef01d22a987fe182a32ddf1ce03e38212a1a9bec798 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Accept application/json Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS x-content-type-options nosniff cf-ray 9bdd493869da4379-EWR access-control-allow-origin https://newassets.hcaptcha.com alt-svc h3=":443"; ma=86400 date Wed, 14 Jan 2026 12:55:08 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Cache-Control, Content-Type, DNT, Referer, User-Agent
GET H2	200	pixels Show response c1.adform.net/imatch/ Frame 9C15	4 KB 2 KB	35ms 9ms	Document text/html	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Requested by Host: a1.adform.net URL: https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=319359657808&ADFtpmode=2&loc=https%3A%2F%2Fbestaustraliaonlinecasinos.us.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 11db0154fe9b79ddd9229bdb72440c20e04e59f6f2cf285786096a596e1bff9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bestaustraliaonlinecasinos.us.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 14 Jan 2026 12:55:08 GMT expires -1 pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	/ a1.seadform.net/serving/cookie/sync/	35 B 605 B	86ms 58ms	Image image/gif	185.167.164.53 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://a1.seadform.net/serving/cookie/sync/?uid=4224684815200595716&stamp=KqYA2CYHn-ADvP-67D9Y4w2 Requested by Host: bestaustraliaonlinecasinos.us.com URL: https://bestaustraliaonlinecasinos.us.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.167.164.53 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://bestaustraliaonlinecasinos.us.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control private accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" date Wed, 14 Jan 2026 12:55:08 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H2	200	plf c1.adform.net/imatch/ Frame 9C15	0 384 B	33ms 32ms	Image text/plain	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/imatch/plf?name=plff Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin * date Wed, 14 Jan 2026 12:55:08 GMT server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H2	200	match ad.360yield.com/ Frame 9C15	43 B 199 B	164ms 56ms	Image image/gif	54.80.188.67 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4224684815200595716&Expiration=1769604908 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.80.188.67 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-80-188-67.compute-1.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers access-control-allow-origin * content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame 9C15	0 399 B	135ms 90ms	Image text/plain	23.59.144.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=4879&ext_id=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.59.144.111 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-59-144-111.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers Expires Tue, 13 Jan 2026 12:55:08 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Pragma no-cache Date Wed, 14 Jan 2026 12:55:09 GMT Connection keep-alive
GET H/1.1	204 No Content	token token.rubiconproject.com/ Frame 9C15	0 1 KB	112ms 48ms	Image text/plain	216.19.192.2 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=5232&puid=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.19.192.2 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost d74f8e139a78e4487e58718cf0c51081 Pragma no-cache
GET H2	200	tpui ih.adscale.de/adscale-ih/ Frame 9C15	0 59 B	402ms 207ms	Image text/plain	52.58.96.70 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4224684815200595716&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.96.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-96-70.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers date Wed, 14 Jan 2026 12:55:09 GMT content-type text/plain; charset=UTF-8 content-length 0
GET H2	200	match c1.adform.net/serving/cookie/ Frame 9C15 Redirect Chain https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4224684815200595716&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID https://c1.adform.net/serving/cookie/match?party=10&cid=4579646435090638743	35 B 591 B	12ms 11ms	Image image/gif	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=10&cid=4579646435090638743 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers cache-control no-cache,no-store location https://c1.adform.net/serving/cookie/match?party=10&cid=4579646435090638743 content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" date Wed, 14 Jan 2026 12:55:08 GMT pragma no-cache
GET H/1.1	200 OK	u user-sync.fwmrm.net/ad/ Frame 9C15	43 B 504 B	141ms 42ms	Image image/gif	3.144.50.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://user-sync.fwmrm.net/ad/u?mode=user-register&dspid=55&dspuid=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.144.50.153 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-144-50-153.us-east-2.compute.amazonaws.com Software / Resource Hash 2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers Cache-Control no-store Pragma no-cache Connection keep-alive Expires 0 X-Fw-Request-Id umo14bd_1768395309191834971 Content-Length 43 Keep-Alive timeout=300 Date Wed, 14 Jan 2026 12:55:09 GMT P3P policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID" Content-Type image/gif
GET H2	200	rtb-h sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9C15 Redirect Chain https://x.bidswitch.net/sync?dsp_id=70&user_id=4224684815200595716 https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4224684815200595716 https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=881ea3b1-bf25-43fc-a43f-30aa1e78d18d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=	0 387 B	73ms 46ms	Image text/plain	141.226.224.48 TABOOLA-AS Tabool...
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=881ea3b1-bf25-43fc-a43f-30aa1e78d18d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 141.226.224.48 Newark, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers x-fastly-to-nlb-rtt 2299 date Wed, 14 Jan 2026 12:55:09 GMT server nginx access-control-allow-credentials true Redirect headers via 1.1 google cache-control no-cache, no-store, must-revalidate location //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=881ea3b1-bf25-43fc-a43f-30aa1e78d18d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 14 Jan 2026 12:55:09 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 9C15 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224684815200595716&expiration=1769604908 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224684815200595716&expiration=1769604908&C=1	43 B 716 B	19ms 18ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224684815200595716&expiration=1769604908&C=1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H3 Server 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers cf-cache-status DYNAMIC report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xG9q0zqMxQGtBsjV%2BR8yEIyXCYa4Hho7w0Bz7IdHk2AnCCo2A4%2FwLFIO4Ml7bqNSQWAo5D1y8KU%2BBwzHAmz1jdxvUWdW4OK83U28furWpB484W3v63Jy"}]} expires 0 alt-svc h3=":443"; ma=86400 server-timing cfExtPri p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" date Wed, 14 Jan 2026 12:55:08 GMT content-type image/gif vary accept-encoding priority u=1,i cache-control no-cache nel {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800} pragma no-cache cf-ray 9bdd49392e563e9d-EWR content-length 43 server cloudflare Redirect headers cf-cache-status DYNAMIC report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EWoUBNpwI9xxE8a0HdcJcg%2BTs7jdnAEfUAztkPngzUPEkHM3sqjLSU268Kg0dlUpiab2YN2g%2FjBjLt%2B4q4Qooza0UMzY2adUPGLhg0p4ztkY37Tp2Yqt"}]} expires 0 alt-svc h3=":443"; ma=86400 server-timing cfExtPri p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" date Wed, 14 Jan 2026 12:55:08 GMT vary accept-encoding priority u=1,i cache-control no-cache location /rum?cm_dsp_id=111&external_user_id=4224684815200595716&expiration=1769604908&C=1 nel {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800} pragma no-cache cf-ray 9bdd4938ddb83e9d-EWR content-length 0 server cloudflare
GET H2	200	dm4ha19W rtd-tm.everesttech.net/ct/upi/pid/ Frame 9C15 Redirect Chain https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4224684815200595716&sInitiator=external https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4224684815200595716&sInitiator=external https://sg.semasio.net/sync/1/16266044?sExtCookieId=4224684815200595716&gdpr=&sInitiator=external https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr= https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=4f7a6498-b471-4f80-bae0-d8bb7914e5bd https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=4f7a6498-b471-4f80-bae0-d8bb7914e5bd https://ib.adnxs.com/getuid?https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= https://su.semasio.net/sync/1/4354957?sExtCookieId=8408700177895381908&sInitiator=internal&gdpr=0&gdpr_consent= https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg1MjQ0NjQvdC8w/url/https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F9732522%3FsExtCookieId%3D%24!%7BTURN_UUID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= https://su.semasio.net/sync/1/9732522?sExtCookieId=3169401497116117844&sInitiator=internal&gdpr=0&gdpr_consent= https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F19129194%3FsExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F19129194%3FsExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=&_test=a...	85 B 170 B	3ms 3ms	Image image/png	151.101.130.49 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F19129194%3FsExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=&_test=aWeSLgAAHR7rBgBV Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 151.101.130.49 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Jetty(9.4.35.v20201120) / Resource Hash acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers x-robots-tag noindex cache-control no-cache x-timer S1768395310.375537,VS0,VE0 age 369 pragma no-cache via 1.1 varnish accept-ranges bytes x-cache HIT content-length 85 date Wed, 14 Jan 2026 12:55:10 GMT content-type image/png x-served-by cache-lga21950-LGA server Jetty(9.4.35.v20201120) x-cache-hits 36 Redirect headers x-robots-tag noindex cache-control no-cache location https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fsu.semasio.net%2Fsync%2F1%2F19129194%3FsExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=&_test=aWeSLgAAHR7rBgBV x-timer S1768395310.362136,VS0,VE8 pragma no-cache via 1.1 varnish accept-ranges bytes access-control-allow-origin * x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" content-length 0 date Wed, 14 Jan 2026 12:55:10 GMT x-served-by cache-lga21950-LGA server Jetty(9.4.35.v20201120) x-cache-hits 0
GET H/1.1	200 OK	/ ps.eyeota.net/match/bounce/ Frame 9C15 Redirect Chain https://ps.eyeota.net/match?uid=4224684815200595716&bid=9gdtmu1 https://ps.eyeota.net/match/bounce/?uid=4224684815200595716&bid=9gdtmu1	70 B 450 B	15ms 14ms	Image image/gif	3.230.62.22 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match/bounce/?uid=4224684815200595716&bid=9gdtmu1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Server 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-62-22.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 14 Jan 2026 12:55:09 GMT Content-Type image/gif Redirect headers Location /match/bounce/?uid=4224684815200595716&bid=9gdtmu1 Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Wed, 14 Jan 2026 12:55:09 GMT
GET H2	204	pixel.gif load77.exelator.com/ Frame 9C15 Redirect Chain https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224684815200595716 https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224684815200595716&xl8blockcheck=1 https://load77.exelator.com/pixel.gif	0 93 B	86ms 53ms	Image text/plain	50.16.197.56 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://load77.exelator.com/pixel.gif Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-197-56.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers server-timing total;dur=0.000 date Wed, 14 Jan 2026 12:55:09 GMT etag "696396c0-0" server nginx Redirect headers cache-control no-cache location https://load77.exelator.com/pixel.gif access-control-allow-credentials true content-length 0 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif x-powered-by Undertow/1 server nginx
GET H2	200	db_sync px.ads.linkedin.com/ Frame 9C15 Redirect Chain https://idsync.rlcdn.com/398366.gif?partner_uid=4224684815200595716 https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNDIyNDY4NDgxNTIwMDU5NTcxNhAAGg0IraSeywYSBQjoBxAAQgBKAA https://pippio.com/api/sync?pid=5324&it=1&iv=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&rand=06897651 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&rand=06897651&expected_cookie=d469de76-f55f-4bf5-b8ff-7e275909542e	0 359 B	99ms 98ms	Image text/plain	150.171.22.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&rand=06897651&expected_cookie=d469de76-f55f-4bf5-b8ff-7e275909542e Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers linkedin-action 1 x-li-pop afd-prod-lor1-x nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-msedge-ref Ref A: 89981DA51C164034B47DBD3841F42388 Ref B: NYCEDGE1313 Ref C: 2026-01-14T12:55:09Z x-li-fabric prod-lor1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-uuid AAZIWJ5FM5TqyYM7kakM1g== x-li-proto http/2 alt-svc h3=":443"; ma=86400 x-cache CONFIG_NOCACHE content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT Redirect headers linkedin-action 1 x-li-pop afd-prod-lor1-x location /db_sync?pid=10339&puuid=7dacbd6e932cea6c99a7334a3f5e7f0bc4b8af8b93c1c895123d00fad70b9b56791426b5417dce21&rand=06897651&expected_cookie=d469de76-f55f-4bf5-b8ff-7e275909542e x-msedge-ref Ref A: D991927C9AEA4B409536009634D05757 Ref B: NYCEDGE1313 Ref C: 2026-01-14T12:55:09Z x-li-fabric prod-lor1 x-li-uuid AAZIWJ48qJXV+qO7Vjx0cQ== x-li-proto http/2 alt-svc h3=":443"; ma=86400 x-cache CONFIG_NOCACHE content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT
GET H2	200	qmap sync.crwdcntrl.net/ Frame 9C15 Redirect Chain https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=4224684815200595716 https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=4224684815200595716&ct=y	49 B 545 B	80ms 76ms	Image image/gif	44.218.162.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=4224684815200595716&ct=y Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 44.218.162.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-218-162-235.compute-1.amazonaws.com Software / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000 ; includeSubDomains cache-control no-cache pragma no-cache expires 0 access-control-allow-origin * p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 49 date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains cache-control no-cache location https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=4224684815200595716&ct=y pragma no-cache expires 0 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 9C15 Redirect Chain https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4224684815200595716 https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4224684815200595716	43 B 171 B	27ms 25ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers cache-control private, max-age=0, no-cache pragma no-cache x-forwarded-for 146.70.84.31 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 p3p CP="CUR ADM OUR NOR STA NID" date Wed, 14 Jan 2026 12:55:08 GMT content-type image/gif vary Accept Redirect headers location https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4224684815200595716 x-forwarded-for 146.70.84.31 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID" date Wed, 14 Jan 2026 12:55:08 GMT content-type text/plain; charset=utf-8 vary Origin
GET H2	200	/ c1.adform.net/serving/cookie/match/ Frame 9C15 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDIyNDY4NDgxNTIwMDU5NTcxNg https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDIyNDY4NDgxNTIwMDU5NTcxNg&google_tc= https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDTybWgPQQKaTd6yUvkuvbI&google_cver=1&google_ula=1641347,0	35 B 591 B	9ms 3ms	Image image/gif	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDTybWgPQQKaTd6yUvkuvbI&google_cver=1&google_ula=1641347,0 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers cache-control no-cache, must-revalidate location https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDTybWgPQQKaTd6yUvkuvbI&google_cver=1&google_ula=1641347,0 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 334 date Wed, 14 Jan 2026 12:55:09 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H2	200	setuid secure.adnxs.com/ Frame 9C15 Redirect Chain https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 https://c1.adform.net/serving/cookie/match?party=3&id=8408700177895381908&redirect=1 https://secure.adnxs.com/setuid?entity=91&code=4224684815200595716	43 B 1 KB	7ms 5ms	Image image/gif	68.67.179.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/setuid?entity=91&code=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 68.67.179.89 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.25.5 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 146.70.84.31; 146.70.84.31; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid 1f36248e-0f2c-42dc-9a5c-8d43052d2dad content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 14 Jan 2026 12:55:09 GMT x-xss-protection 0 content-type image/gif server nginx/1.25.5 Redirect headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform location https://secure.adnxs.com/setuid?entity=91&code=4224684815200595716 pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H2	200	plf c1.adform.net/imatch/ Frame 9C15	0 384 B	24ms 15ms	Image text/plain	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/imatch/plf?name=plfm Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin * date Wed, 14 Jan 2026 12:55:08 GMT server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 9C15	42 B 521 B	133ms 48ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=16070400; includeSubDomains cache-control no-store, no-cache, private content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif; charset=utf-8 server nginx
GET H/1.1	200 OK	cs pdw-adf.userreport.com/ Frame 9C15	43 B 444 B	113ms 46ms	Image image/gif	18.238.55.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pdw-adf.userreport.com/cs Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.238.55.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-14.jfk52.r.cloudfront.net Software nginx/1.24.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers Age 28275 Connection keep-alive Via 1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront) X-Cache Hit from cloudfront Content-Length 43 X-Amz-Cf-Id Z69G9gtwwQKpNcWsSkxyr3-7IPqrQHTBiZdKjsR-NGJATQOq6bp3fw== Date Wed, 14 Jan 2026 05:03:53 GMT Content-Type image/gif Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx/1.24.0 X-Amz-Cf-Pop JFK52-P4
GET H3	200	p a.audrte.com/ Frame 9C15 Redirect Chain https://a.audrte.com/a?adform_uid=4224684815200595716 https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMHdwOXEtOUxGRlZzZFJRdWF2T0JnNHJjTEVlZy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1... https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&aruid=mke0wp9q-9LFFVsdRQuavOBg4rcLEeg-ad&gdpr=0&gdpr_consent= https://a.audrte.com/p	68 B 89 B	86ms 84ms	Image image/png	34.102.136.131 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H3 Server 34.102.136.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 131.136.102.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68 date Wed, 14 Jan 2026 12:55:09 GMT x-cloud-trace-context a92fe9064b47c5aca2a169c62f551389 content-type image/png vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers server Google Frontend Redirect headers location https://a.audrte.com:443/p access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT content-type text/html x-cloud-trace-context 2b0b588ef043f818ac5f9cd994cc441e vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers server Google Frontend
GET H2	200	match c1.adform.net/serving/cookie/ Frame 9C15 Redirect Chain https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4224684815200595716&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4224684815200595716&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire... https://c1.adform.net/serving/cookie/match?party=1007&cid=65734048614897596710268796137463533655&noredirect=1	35 B 591 B	5ms 4ms	Image image/gif	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=1007&cid=65734048614897596710268796137463533655&noredirect=1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private location https://c1.adform.net/serving/cookie/match?party=1007&cid=65734048614897596710268796137463533655&noredirect=1 dcs dcs-prod-usw2-1-v079-0eb62311b.edge-usw2.demdex.com 2 ms pragma no-cache x-tid hUS6se7EQSY= expires Thu, 01 Jan 1970 00:00:00 UTC content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" date Wed, 14 Jan 2026 12:55:09 GMT
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Frame 9C15 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4224684815200595716 https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213290605492006296601	35 B 592 B	45ms 5ms	Image image/gif	185.167.164.52 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213290605492006296601 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.52 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers cache-control no-cache, no-store, must-revalidate location https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213290605492006296601 pragma no-cache access-control-allow-methods GET, OPTIONS via 1.1 e96ed109dde78412c6b4651755281804.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" x-amz-cf-id _JCDIWwe79DEixAoK3VtdJTOJ6jfy49NcBZnWDcC15d-3UuXV8-59A== date Wed, 14 Jan 2026 12:55:09 GMT x-amz-cf-pop IAD55-P8 server AAWebServer access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type
GET H2	200	/ c1.adform.net/serving/cookie/match/ Frame 9C15 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595200018574735726	35 B 591 B	13ms 12ms	Image image/gif	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595200018574735726 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers Location https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595200018574735726 Content-Length 0 p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI" Date Wed, 14 Jan 2026 12:55:09 GMT Server nginx Connection keep-alive
GET H2	200	match c1.adform.net/serving/cookie/ Frame 9C15 Redirect Chain https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_ https://c1.adform.net/serving/cookie/match?party=1084&cid=Epoy3p991VG0oZ5	35 B 591 B	10ms 9ms	Image image/gif	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=1084&cid=Epoy3p991VG0oZ5 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers strict-transport-security max-age=2592000; includeSubDomains cache-control no-cache, must-revalidate location https://c1.adform.net/serving/cookie/match?party=1084&cid=Epoy3p991VG0oZ5 pragma no-cache via 1.1 google expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT server PingMatch/v2.0.30-837-g97d465c#main edge-prod-use4-jl1h@us-east4
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Frame 9C15 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=4f7a6498-b471-4f80-bae0-d8bb7914e5bd	35 B 591 B	21ms 5ms	Image image/gif	185.167.164.52 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=4f7a6498-b471-4f80-bae0-d8bb7914e5bd Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.52 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers location https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=4f7a6498-b471-4f80-bae0-d8bb7914e5bd content-length 225 date Wed, 14 Jan 2026 12:55:09 GMT server Kestrel
GET H2	200	match ice.360yield.com/ Frame 9C15 Redirect Chain https://id5-sync.com/s/10/0.gif?puid=4224684815200595716 https://id5-sync.com/c/10/10/2/1.gif?puid=4224684815200595716&gdpr=0&gdpr_consent=&us_privacy= https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= https://id5-sync.com/c/10/2/1/2.gif?puid=8408700177895381908&gdpr=0&gdpr_consent= https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-e396dGWiMu7Fvup5z5nc2TaS9JkllH3G1HwHoajfBA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D...	43 B 199 B	78ms 51ms	Image image/gif	23.21.58.173 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-e396dGWiMu7Fvup5z5nc2TaS9JkllH3G1HwHoajfBA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 23.21.58.173 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-58-173.compute-1.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers access-control-allow-origin * content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" date Wed, 14 Jan 2026 12:55:10 GMT content-type image/gif Redirect headers strict-transport-security max-age=63072000; includeSubDomains; preload location https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-e396dGWiMu7Fvup5z5nc2TaS9JkllH3G1HwHoajfBA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= p3p CP="CAO PSA OUR" date Wed, 14 Jan 2026 12:55:09 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	/ c1.adform.net/serving/cookie/match/ Frame 9C15 Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1848183896 https://c1.adform.net/serving/cookie/match/?party=1145&cid=pXC7INuWE8KEWnP6Q2igae	35 B 591 B	6ms 5ms	Image image/gif	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match/?party=1145&cid=pXC7INuWE8KEWnP6Q2igae Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET expires -1 access-control-allow-origin * date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With Redirect headers cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 location https://c1.adform.net/serving/cookie/match/?party=1145&cid=pXC7INuWE8KEWnP6Q2igae pragma no-cache via 1.1 google expires Tue, 03 Jul 2001 06:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" date Wed, 14 Jan 2026 12:55:08 GMT last-modified Wed, 14 Jan 2026 12:55:09 GMT vary Origin server Weborama Collect Frontend
GET H2	200	um sync.teads.tv/ Frame 9C15	23 B 388 B	61ms 11ms	Image image/gif	151.101.194.132 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=119&uid=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software pekko-http/1.1.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers x-user-geo US-EAST-1 cache-control max-age=0, no-cache, no-store x-timer S1768395309.975580,VS0,VE8 x-check-cacheable NO via 1.1 varnish accept-ranges bytes x-cache MISS content-length 23 date Wed, 14 Jan 2026 12:55:08 GMT content-type image/gif x-served-by cache-lga21930-LGA server pekko-http/1.1.0 x-cache-hits 0 traffic-path NVADC2, LGA, USA
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame 9C15 Redirect Chain https://s.ad.smaato.net/c/?dspInit=1067&dspCookie=4224684815200595716 https://www.temu.com/api/adx/cm/pixel-smaato?smaato_uid=f0cf963766&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dn%26gdpr%3D0%26gdpr_consent%3D https://s.ad.smaato.net/c/?adExInit=n&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=bc2yu5z&ttd_tpi=1&gdpr=0&gdpr_consent= https://s.ad.smaato.net/c/g//1001604/4f7a6498-b471-4f80-bae0-d8bb7914e5bd?expiration=1770987309 https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=f0cf963766&gdpr=0&gdpr_consent=	0 360 B	80ms 45ms	Image text/plain	70.42.32.223 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=f0cf963766&gdpr=0&gdpr_consent= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Server 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache content-length 0 date Wed, 14 Jan 2026 12:55:09 GMT x-traceid bbbc8516e891690b186a083f78d32374 Redirect headers via 1.1 google cache-control no-cache, must-revalidate location https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=f0cf963766&gdpr=0&gdpr_consent= content-length 5 date Wed, 14 Jan 2026 12:55:09 GMT content-type text/plain; charset=utf-8
GET H2	200	4224684815200595716 match.contentexchange.me/adform/ Frame 9C15	0 49 B	472ms 242ms	Image text/plain	91.185.218.28 MNSHA-AS Mainstre...
General Check archive.org Show headers Download Go to Show image Full URL https://match.contentexchange.me/adform/4224684815200595716?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.185.218.28 , Slovenia, ASN51859 (MNSHA-AS Mainstream doo Beograd, RS), Reverse DNS Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers date Wed, 14 Jan 2026 12:55:09 GMT server nginx/1.24.0 content-length 0
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 9C15	43 B 109 B	164ms 81ms	Image image/gif	204.236.237.49 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=16974&user_id=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 204.236.237.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-204-236-237-49.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers content-length 43 date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif server awselb/2.0
GET H2	200	set_user_agent_id_mapping cookie-matching.mediarithmics.com/v1/ Frame 9C15	70 B 180 B	320ms 143ms	Image image/png	54.36.150.187 OVH OVH SAS
General Check archive.org Show headers Download Go to Show image Full URL https://cookie-matching.mediarithmics.com/v1/set_user_agent_id_mapping?dom_token=adform25&identifier=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.36.150.187 , France, ASN16276 (OVH OVH SAS, FR), Reverse DNS ip187.ip-54-36-150.eu Software / Resource Hash f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9 Security Headers Name Value Strict-Transport-Security max-age=63072000;includeSubDomains;preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=63072000;includeSubDomains;preload content-length 70 date Wed, 14 Jan 2026 12:55:09 GMT content-type image/png
GET H2	200	xuid eb2.3lift.com/ Frame 9C15 Redirect Chain https://eb2.3lift.com/xuid?mid=7354&xuid=4224684815200595716&dongle=AD20 https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=4224684815200595716&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=	37 B 475 B	54ms 52ms	Image image/gif	52.223.22.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=4224684815200595716&dongle=AD20&gdpr=0&cmp_cs=&us_privacy= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Server 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" date Wed, 14 Jan 2026 12:55:09 GMT content-type image/gif Redirect headers cache-control no-cache, no-store, must-revalidate location /xuid?ld=1&mid=7354&xuid=4224684815200595716&dongle=AD20&gdpr=0&cmp_cs=&us_privacy= content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" date Wed, 14 Jan 2026 12:55:09 GMT
GET H/1.1	200 OK	/ pixel.onaudience.com/ Frame 9C15	35 B 99 B	380ms 194ms	Image image/gif	37.187.82.222 OVH OVH SAS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.onaudience.com/?partner=290&mapped=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 37.187.82.222 , France, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns3254119.ip-37-187-82.eu Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers content-type image/gif content-length 35
GET H2	200	/ onetag-sys.com/match/ Frame 9C15	0 232 B	125ms 45ms	Image text/plain	51.222.39.186 OVH OVH SAS
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=220&uid=4224684815200595716 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.222.39.186 , Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ip186.ip-51-222-39.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/ Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' date Wed, 14 Jan 2026 12:55:09 GMT
GET H2	200	plf c1.adform.net/imatch/ Frame 9C15	0 384 B	18ms 12ms	Image text/plain	185.167.164.48 ADFORM Adform A/S
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/imatch/plf?name=plfl Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://c1.adform.net/imatch/pixels?bt=0&uid=4224684815200595716&agencyId=8619&advertiserId=2210830&src=tp&rnd=3881 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-methods GET access-control-allow-origin * date Wed, 14 Jan 2026 12:55:08 GMT server nginx access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H3	200	hsw.js Show response newassets.hcaptcha.com/c/b96f4cf1ef78e89652fe21210f98391d826924916bef54bd20587031678a1ddb/ Frame 9C4E	813 KB 350 KB	27ms 19ms	Script application/javascript	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/c/b96f4cf1ef78e89652fe21210f98391d826924916bef54bd20587031678a1ddb/hsw.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c008b109645c3f1c3dbbc611197d3ae3477bcaf0d5ab5c27156a42a54f77067b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=3024000 content-encoding gzip cf-cache-status HIT etag W/"6f3e8eee72a5229792b117a43aaeef2c" x-content-type-options nosniff cf-ray 9bdd49391ead2f65-EWR alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:08 GMT content-type application/javascript vary accept-encoding, Origin server cloudflare priority u=3,i=?0
GET		7aa19737-7033-4396-b670-1881c815819a https://newassets.hcaptcha.com/ Frame 9C4E	0 0
GET		02623c4c-b818-4ac2-90f1-52fd779f1b0c https://newassets.hcaptcha.com/ Frame 9C4E	0 0
GET H3	404	favicon.ico bestaustraliaonlinecasinos.us.com/	3 KB 2 KB	300ms 300ms	Other text/html	104.21.2.230 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestaustraliaonlinecasinos.us.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.2.230 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4380dccef55f2333d94d3418ab8cf6f3bd33089c1b76b3fab6833984cd515881 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://bestaustraliaonlinecasinos.us.com/ Response headers cache-control max-age=14400 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=g%2Bp9dcpRj8j1cEWrLifEwa4KIbS0HLdbxC%2FD8EBimeVxh7T3gPHafjopT5QQ6%2FhvfwcEAZn10qAfgMuOoMcb7E4a9A3Pl43b7IvUn%2Fb%2F1vO7JRbA1RVxoeIgUI%2FKPv0maA%3D%3D"}]} cf-ray 9bdd4941e85c0ee6-EWR alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:10 GMT content-type text/html; charset=UTF-8 vary accept-encoding server cloudflare priority u=1,i
POST H3	200	882c28f2-cdfe-448c-a570-71d8bf425374 Show response api.hcaptcha.com/getcaptcha/ Frame 9C4E	2 KB 3 KB	167ms 154ms	XHR application/octet-stream	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1beb5294f12e80f5ba3df441600bbd074c5ddf7257a1e84e070e23794164f86a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 accept application/json, application/octet-stream content-type application/octet-stream Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status DYNAMIC access-control-allow-credentials true x-content-type-options nosniff cf-ray 9bdd49452d506dc6-EWR access-control-allow-origin https://newassets.hcaptcha.com alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:11 GMT content-type application/octet-stream vary Origin, Accept-Encoding server cloudflare priority u=1,i
OPTIONS H3	200	882c28f2-cdfe-448c-a570-71d8bf425374 api.hcaptcha.com/getcaptcha/ Frame	0 0	21ms 12ms	Preflight	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374 Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://newassets.hcaptcha.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Cache-Control, Content-Type, DNT, Referer, User-Agent access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://newassets.hcaptcha.com alt-svc h3=":443"; ma=86400 cf-ray 9bdd49450c734e4d-EWR content-length 0 date Wed, 14 Jan 2026 12:55:10 GMT priority u=1,i server cloudflare server-timing cfExtPri strict-transport-security max-age=31536000; includeSubDomains; preload vary Origin, Accept-Encoding x-content-type-options nosniff
GET H3	200	challenge.js Show response newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/challenge/image_label_area_select/ Frame 9C4E	45 KB 11 KB	18ms 18ms	Script text/javascript	104.19.230.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/challenge/image_label_area_select/challenge.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22d319700d0f8e2c415c0ef58ff918634016494372cf458a93cc37e1a554dd5e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html Response headers content-encoding gzip cf-cache-status HIT etag "1d383c55b9ec95f1e2ff83d2ea5722fa" x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:11 GMT content-type text/javascript vary Origin, accept-encoding priority u=3,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=3600 cf-ray 9bdd494628fc2f65-EWR accept-ranges bytes content-length 10992 server cloudflare
GET H3	206	a5eb61972ad6378c1324e831a790f7baeaed62c1cd622f9f92d170f843c3f2b6.webm imgs3.hcaptcha.com/tip/b748575b6fb2c713ff26f83d37e104187432ec992163b62d2c7e40d089ce15e3/ Frame 9C4E	63 KB 0	53ms 28ms	Media video/webm	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imgs3.hcaptcha.com/tip/b748575b6fb2c713ff26f83d37e104187432ec992163b62d2c7e40d089ce15e3/a5eb61972ad6378c1324e831a790f7baeaed62c1cd622f9f92d170f843c3f2b6.webm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Range bytes=0- Response headers access-control-max-age 3000 cf-cache-status HIT access-control-allow-methods GET, HEAD x-content-type-options nosniff expires Thu, 15 Jan 2026 12:55:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:11 GMT content-type video/webm vary Accept-Encoding priority u=3,i strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 Content-Range bytes 0-230110/230111 cf-ray 9bdd4946ba2f4361-EWR access-control-allow-origin * Content-Length 230111 server cloudflare
GET H3	206	a5eb61972ad6378c1324e831a790f7baeaed62c1cd622f9f92d170f843c3f2b6.webm imgs3.hcaptcha.com/tip/b748575b6fb2c713ff26f83d37e104187432ec992163b62d2c7e40d089ce15e3/ Frame 9C4E	735 B 1 KB	20ms 20ms	Media video/webm	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imgs3.hcaptcha.com/tip/b748575b6fb2c713ff26f83d37e104187432ec992163b62d2c7e40d089ce15e3/a5eb61972ad6378c1324e831a790f7baeaed62c1cd622f9f92d170f843c3f2b6.webm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d89078f10b340d5d4aa5f2588f21bb41819f9ff461cf1497b35d45e9194f8714 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Range bytes=229376- Response headers access-control-max-age 3000 cf-cache-status HIT access-control-allow-methods GET, HEAD x-content-type-options nosniff expires Thu, 15 Jan 2026 12:55:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:11 GMT content-type video/webm vary Accept-Encoding priority u=3,i strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 Content-Range bytes 229376-230110/230111 cf-ray 9bdd4946fa534361-EWR access-control-allow-origin * Content-Length 735 server cloudflare
GET H3	206	a5eb61972ad6378c1324e831a790f7baeaed62c1cd622f9f92d170f843c3f2b6.webm imgs3.hcaptcha.com/tip/b748575b6fb2c713ff26f83d37e104187432ec992163b62d2c7e40d089ce15e3/ Frame 9C4E	193 KB 0	16ms 16ms	Media video/webm	104.19.229.21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imgs3.hcaptcha.com/tip/b748575b6fb2c713ff26f83d37e104187432ec992163b62d2c7e40d089ce15e3/a5eb61972ad6378c1324e831a790f7baeaed62c1cd622f9f92d170f843c3f2b6.webm Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Range bytes=32768- Response headers access-control-max-age 3000 cf-cache-status HIT access-control-allow-methods GET, HEAD x-content-type-options nosniff expires Thu, 15 Jan 2026 12:55:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 14 Jan 2026 12:55:11 GMT content-type video/webm vary Accept-Encoding priority u=3,i strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 Content-Range bytes 32768-230110/230111 cf-ray 9bdd49471a654361-EWR access-control-allow-origin * Content-Length 197343 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

newassets.hcaptcha.com

URL

blob:https://newassets.hcaptcha.com/7aa19737-7033-4396-b670-1881c815819a

Domain

newassets.hcaptcha.com

URL

blob:https://newassets.hcaptcha.com/02623c4c-b818-4ac2-90f1-52fd779f1b0c