bestonlinecasinosaustralia.gr.com Open in urlscan Pro
104.21.70.233 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/
Submission Tags: @ecarlesi threat phishing Search All
Submission: On January 14 via api (January 14th 2026, 12:33:21 pm UTC) from IT — Scanned from DE

Summary HTTP 59 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 11 countries across 39 domains to perform 59 HTTP transactions. The main IP is 104.21.70.233, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is bestonlinecasinosaustralia.gr.com.
TLS certificate: Issued by WE1 on January 14th 2026. Valid for: 3 months.

This is the only time bestonlinecasinosaustralia.gr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.21.70.233 104.21.70.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.19.229.21 104.19.229.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.245 37.157.6.245	198622 (ADFORM Ad...) (ADFORM Adform A/S)
8	104.19.230.21 104.19.230.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.157.5.132 37.157.5.132	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2	104.18.13.205 104.18.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	37.157.5.86 37.157.5.86	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.6.254 37.157.6.254	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	54.72.83.44 54.72.83.44	16509 (AMAZON-02) (AMAZON-02)
1	23.52.180.113 23.52.180.113	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.28.24.86 52.28.24.86	16509 (AMAZON-02) (AMAZON-02)
1	217.182.178.233 217.182.178.233	16276 (OVH OVH SAS) (OVH OVH SAS)
1	3.69.181.164 3.69.181.164	16509 (AMAZON-02) (AMAZON-02)
1	35.214.136.108 35.214.136.108	15169 (GOOGLE) (GOOGLE)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.243.51.122 77.243.51.122	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.34.36.31 63.34.36.31	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	139.162.172.148 139.162.172.148	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	193.135.9.124 193.135.9.124	48314 (IP-PROJEC...) (IP-PROJECTS Michael Sebastian Schinzel trading as IP-Projects GmbH & Co. KG)
4 4	142.251.208.2 142.251.208.2	15169 (GOOGLE) (GOOGLE)
1	103.231.98.109 103.231.98.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.173.205.12 18.173.205.12	16509 (AMAZON-02) (AMAZON-02)
2 3	34.102.136.131 34.102.136.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.16.105.228 52.16.105.228	16509 (AMAZON-02) (AMAZON-02)
1	35.156.185.159 35.156.185.159	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
2 2	35.210.130.15 35.210.130.15	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH OVH SAS) (OVH OVH SAS)
2 2	35.190.24.218 35.190.24.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	34.1.242.226 34.1.242.226	15169 (GOOGLE) (GOOGLE)
1	91.185.218.28 91.185.218.28	51859 (MNSHA-AS ...) (MNSHA-AS Mainstream doo Beograd)
1	54.36.150.186 54.36.150.186	16276 (OVH OVH SAS) (OVH OVH SAS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	51.38.30.15 51.38.30.15	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.89.9.252 51.89.9.252	16276 (OVH OVH SAS) (OVH OVH SAS)
59	36

2 104.21.70.233 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

bestonlinecasinosaustralia.gr.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 104.19.229.21 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 104.19.230.21 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
imgs3.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 37.157.5.132 (Denmark) 1 redirects

ASN198622 (ADFORM Adform A/S, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.18.13.205 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

92eb858b6171.w.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
c22ef922ccb3.w.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 37.157.5.86 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.72.83.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-83-44.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 23.52.180.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-180-113.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 69.173.144.138 (Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.28.24.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-24-86.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 217.182.178.233 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip233.ip-217-182-178.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.69.181.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-164.eu-central-1.compute.amazonaws.com

user-sync.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.18.26.193 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 77.243.51.122 (Aalborg, Denmark)

ASN42697 (NETIC-AS Netic A/S, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 63.34.36.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-36-31.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 139.162.172.148 (Frankfurt am Main, Germany) 3 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-162-172-148.ip.linodeusercontent.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 193.135.9.124 (Germany) 1 redirects

ASN48314 (IP-PROJECTS Michael Sebastian Schinzel trading as IP-Projects GmbH & Co. KG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 142.251.208.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-bp-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.173.205.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-12.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 34.102.136.131 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.136.102.34.bc.googleusercontent.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 52.16.105.228 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-105-228.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.156.185.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-185-159.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.210.130.15 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 15.130.210.35.bc.googleusercontent.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.190.24.218 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.1.242.226 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 226.242.1.34.bc.googleusercontent.com

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 91.185.218.28 (Slovenia)

ASN51859 (MNSHA-AS Mainstream doo Beograd, RS)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.36.150.186 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip186.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.38.30.15 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31790662.ip-51-38-30.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
13	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 8076 a1.adform.net — Cisco Umbrella Rank: 16861 c1.adform.net — Cisco Umbrella Rank: 732	40 KB
13	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 6963 newassets.hcaptcha.com — Cisco Umbrella Rank: 4466 92eb858b6171.w.hcaptcha.com api.hcaptcha.com — Cisco Umbrella Rank: 4237 c22ef922ccb3.w.hcaptcha.com imgs3.hcaptcha.com — Cisco Umbrella Rank: 44585 Failed	670 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 307	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 14243	1 KB
3	adsafety.net 3 redirects cm.adsafety.net — Cisco Umbrella Rank: 55482	4 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2075 load77.exelator.com — Cisco Umbrella Rank: 8120	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14690	627 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1776	753 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 281	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 640	1 KB
2	gr.com bestonlinecasinosaustralia.gr.com	3 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 760	232 B
1	onaudience.com pixel.onaudience.com — Cisco Umbrella Rank: 2354	99 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 505	140 B
1	mediarithmics.com cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 3787	180 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 33570	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 766	66 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1252	281 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 422	149 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 9551	446 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 585	307 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 25367	445 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1009	252 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 61682	849 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2165	279 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 991	268 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 550	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1011	354 B
1	semasio.net uipglob.semasio.net — Cisco Umbrella Rank: 1529	239 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 424	183 B
1	fwmrm.net user-sync.fwmrm.net — Cisco Umbrella Rank: 923	504 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 773	114 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 3647	59 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 576	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 8234	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 779	199 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 58788	604 B
0	adnxs.com Failed secure.adnxs.com Failed
59	39

	Domain	Requested by
10	c1.adform.net	a1.adform.net c1.adform.net
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
4	cm.g.doubleclick.net	4 redirects
4	api.hcaptcha.com	newassets.hcaptcha.com
3	a.audrte.com	2 redirects c1.adform.net
3	cm.adsafety.net	3 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	loadm.exelator.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	a1.adform.net	1 redirects bestonlinecasinosaustralia.gr.com
2	bestonlinecasinosaustralia.gr.com
1	imgs3.hcaptcha.com
1	onetag-sys.com	c1.adform.net
1	pixel.onaudience.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	cookie-matching.mediarithmics.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	c1.adform.net
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	uipglob.semasio.net	c1.adform.net
1	x.bidswitch.net	c1.adform.net
1	user-sync.fwmrm.net	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	server.seadform.net	bestonlinecasinosaustralia.gr.com
1	c22ef922ccb3.w.hcaptcha.com	newassets.hcaptcha.com
1	92eb858b6171.w.hcaptcha.com	newassets.hcaptcha.com
1	s2.adform.net	bestonlinecasinosaustralia.gr.com
1	js.hcaptcha.com	bestonlinecasinosaustralia.gr.com
0	secure.adnxs.com Failed	c1.adform.net
59	47

This site contains links to these domains. Also see Links.

Domain
www.hcaptcha.com
hcaptcha.com

Subject Issuer	Validity	Valid
bestonlinecasinosaustralia.gr.com WE1	`2026-01-14` - `2026-04-14`	3 months	crt.sh
hcaptcha.com WE1	`2025-12-23` - `2026-03-23`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-05` - `2026-10-06`	a year	crt.sh
w.hcaptcha.com E8	`2025-12-25` - `2026-03-25`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-27` - `2026-11-12`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M03	`2025-03-29` - `2026-04-27`	a year	crt.sh
*.yieldlab.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-06-12` - `2026-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M04	`2025-05-19` - `2026-06-17`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
*.fwmrm.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-29` - `2026-11-29`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-12-19` - `2026-03-14`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2025-05-09` - `2026-06-09`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2025-04-01` - `2026-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-05`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M04	`2025-08-10` - `2026-09-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2025-08-12` - `2026-08-19`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M01	`2025-09-18` - `2026-10-16`	a year	crt.sh
*.agkn.com RapidSSL TLS RSA CA G1	`2025-09-18` - `2026-09-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
id5-sync.com E7	`2026-01-01` - `2026-04-01`	3 months	crt.sh
*.teads.tv Thawte TLS RSA CA G1	`2025-05-18` - `2026-05-17`	a year	crt.sh
smaato.net Sectigo Public Server Authentication CA DV E36	`2025-09-01` - `2026-09-01`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2025-05-22` - `2026-06-05`	a year	crt.sh
*.mediarithmics.com GandiCert	`2025-02-24` - `2026-02-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M04	`2026-01-12` - `2027-02-09`	a year	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2025-05-05` - `2026-05-27`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-12-23` - `2027-01-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/
Frame ID: D7537A5D3B55733821C5DEC1D13EC562
Requests: 7 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Frame ID: 5A7E56399F06E29D8EFA0036A62C2DA3
Requests: 12 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Frame ID: 8A506039DDD31A1F6933785DC596EB19
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Frame ID: 046F8F147D21FF756882C7B1F358D0B3
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bot Verification

Detected technologies

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

59
Requests

76 %
HTTPS

0 %
IPv6

39
Domains

47
Subdomains

36
IPs

11
Countries

719 kB
Transfer

2398 kB
Size

33
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=bestonlinecasinosaustralia.gr.com&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=challenge&hl=de

Search URL Search Domain Scan URL

URL: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=bestonlinecasinosaustralia.gr.com&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=checkbox&hl=de

Search URL Search Domain Scan URL

URL: https://hcaptcha.com/privacy?ref=bestonlinecasinosaustralia.gr.com&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=checkbox&hl=de
Title: Privatsphäre

Search URL Search Domain Scan URL

URL: https://hcaptcha.com/terms?ref=bestonlinecasinosaustralia.gr.com&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=checkbox&hl=de
Title: Bedingungen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisit%2Fskycrown-au%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisit%2Fskycrown-au%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Request Chain 23

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=747235630873291140&expiration=1769603603 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=747235630873291140&expiration=1769603603&C=1

Request Chain 26

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=747235630873291140 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=747235630873291140&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 30

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=747235630873291140 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120260114121f82447bdfc4bf5a513&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=676cce06837057f69b225237dbb03b56&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNjAxMTQxMjFmODI0NDdiZGZjNGJmNWE1MTM&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEHrv63fMqjfEoWGbUsL2l1w&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120260114121f82447bdfc4bf5a513&gdpr_consent=&gdpr=1

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzQ3MjM1NjMwODczMjkxMTQw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_error=3

Request Chain 36

https://a.audrte.com/a?adform_uid=747235630873291140 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMDRxa3EtYzQwd2JTVDBTNVNIRzk3UTFWVmlXQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26aruid%3Dmke04qkq-c40wbST0S5SHG97Q1VViWA-ad HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMDRxa3EtYzQwd2JTVDBTNVNIRzk3UTFWVmlXQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26aruid%3Dmke04qkq-c40wbST0S5SHG97Q1VViWA-ad&google_tc= HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&aruid=mke04qkq-c40wbST0S5SHG97Q1VViWA-ad&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 37

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=747235630873291140&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=747235630873291140&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=58565023588557972972355397009692070623&noredirect=1

Request Chain 39

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595194413660043629

Request Chain 40

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=hxViyDb61VG03W5

Request Chain 43

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=774342068 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1145&cid=xCnv.4NKm28QHmsPLc3xWO

59 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bestonlinecasinosaustralia.gr.com/visit/skycrown-au/ 2 KB
1 KB 327ms
276ms Document
text/html 104.21.70.233
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.233 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c865700b5d84da26eaa5f0236e1d8af8997da75574a3cdb26d725818119f6d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9bdd29527989dc4b-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Wed, 14 Jan 2026 12:33:22 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=0,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SheVx6jvpxs4mDEkgontQzULu5eb0myJ4%2BvMvmy4yBFG5AASJgDWEm2hKW2z89rH7fYmCXNeeLs65rtMc2pE%2FYDzyeqbgh6wOnCtMCu%2B7CMYqeqgxj75ox4aIzALKoEZzg%3D%3D"}]}
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding

GET
H3 200 api.js Show response
js.hcaptcha.com/1/ 270 KB
80 KB 41ms
28ms Script
application/javascript 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Requested by

Host: bestonlinecasinosaustralia.gr.com
URL: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8001d90f55d669cb67244e608a2ef77f01f77fc6a6561278002c7899f4b973f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestonlinecasinosaustralia.gr.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"cb0ca4239ef752290a3170ad6a1851b9"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:22 GMT
content-type: application/javascript
vary: Origin, Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=300
cross-origin-resource-policy: cross-origin
cf-ray: 9bdd29544ab8e7bc-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
32 KB 106ms
34ms Script
application/javascript 37.157.6.245
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: bestonlinecasinosaustralia.gr.com
URL: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.6.245 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestonlinecasinosaustralia.gr.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"cbd67ec72136561be113efd03055f4f4"
x-amz-request-id: tx00000f71d5d7b755707cf-00685bc63e-32aa13db-default
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:22 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 25 Jun 2025 09:36:45 GMT

GET
H3 200 de.json Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/i18n/ 16 KB
6 KB 385ms
363ms XHR
application/json 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/i18n/de.json

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fcc0bf8a0c7269ee02f3ce330f47dd898ea6fea37f4a1744d470da86007ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestonlinecasinosaustralia.gr.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: MISS
etag: "427d230e7d857729020e849de2135542"
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Wed, 14 Jan 2026 13:33:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: application/json
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
cf-ray: 9bdd2955390303d8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5219
server: cloudflare

GET
H3 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/ Frame 5A7E 529 KB
158 KB 48ms
34ms Document
text/html 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bestonlinecasinosaustralia.gr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 9bdd29552e58913a-FRA
content-encoding: br
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jan 2026 12:33:22 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding Origin
x-content-type-options: nosniff

GET
H3 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/ Frame 8A50 529 KB
0 48ms
47ms Document
text/html 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options	nosniff

Request headers

Referer: https://bestonlinecasinosaustralia.gr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 9bdd29552e58913a-FRA
content-encoding: br
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jan 2026 12:33:22 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding Origin
x-content-type-options: nosniff

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisit%2Fs...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisi...

823 B
1 KB

20ms
19ms

Script
text/javascript

37.157.5.132
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisit%2Fskycrown-au%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Requested by

Host: bestonlinecasinosaustralia.gr.com
URL: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

2b82ef4c2f24d251173eac888f3102634e2b91ebdb5c2f618fa8ed6fb92393bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestonlinecasinosaustralia.gr.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisit%2Fskycrown-au%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 14 Jan 2026 12:33:22 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK logo.png Show response
92eb858b6171.w.hcaptcha.com/ Frame 5A7E 1 KB
2 KB 110ms
68ms Fetch
image/png 104.18.13.205
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://92eb858b6171.w.hcaptcha.com/logo.png
Requested by: Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/

Response headers

Cache-Control: public, max-age=86400
Timing-Allow-Origin: *
Connection: keep-alive
CF-RAY: 9bdd29570bd64d91-FRA
Access-Control-Allow-Origin: *
Content-Length: 1412
Date: Wed, 14 Jan 2026 12:33:23 GMT
Content-Type: image/png
Last-Modified: Tue, 22 Oct 2020 18:30:00 GMT
Vary: Host, Accept-Encoding
Server: cloudflare

GET
DATA 200
OK truncated
/ Frame 5A7E 19 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

POST
H3 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 5A7E 817 B
912 B 64ms
54ms XHR
application/json 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=6e937500c6861f1c062311c9544857646f7e58aa&host=bestonlinecasinosaustralia.gr.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af8d13f61ca277812f161a25c8066bb6aab00e0a5115e2e3f53b5258cdac9733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: application/json
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
cf-ray: 9bdd29570fff913a-FRA
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=1,i
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent

GET
DATA 200
OK truncated
/ Frame 8A50 19 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK logo.png Show response
c22ef922ccb3.w.hcaptcha.com/ Frame 8A50 1 KB
2 KB 96ms
59ms Fetch
image/png 104.18.13.205
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://c22ef922ccb3.w.hcaptcha.com/logo.png
Requested by: Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/

Response headers

Cache-Control: public, max-age=86400
Timing-Allow-Origin: *
Connection: keep-alive
CF-RAY: 9bdd29583d3b909a-FRA
Access-Control-Allow-Origin: *
Content-Length: 1412
Date: Wed, 14 Jan 2026 12:33:23 GMT
Content-Type: image/png
Last-Modified: Tue, 22 Oct 2020 18:30:00 GMT
Vary: Host, Accept-Encoding
Server: cloudflare

GET
DATA 200
OK truncated
/ Frame 8A50 798 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/b96f4cf1ef78e89652fe21210f98391d826924916bef54bd20587031678a1ddb/ Frame 5A7E 813 KB
350 KB 22ms
21ms Script
application/javascript 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/c/b96f4cf1ef78e89652fe21210f98391d826924916bef54bd20587031678a1ddb/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c008b109645c3f1c3dbbc611197d3ae3477bcaf0d5ab5c27156a42a54f77067b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3024000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6f3e8eee72a5229792b117a43aaeef2c"
x-content-type-options: nosniff
cf-ray: 9bdd2958590a913a-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: application/javascript
vary: accept-encoding, Origin
server: cloudflare
priority: u=3,i=?0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 046F 4 KB
2 KB 89ms
33ms Document
text/html 37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=903895063343&ADFtpmode=2&loc=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com%2Fvisit%2Fskycrown-au%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

bc12ddaa8ab1267ccb635de405144565dcc978f2101f171dac6b22765f68100e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bestonlinecasinosaustralia.gr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Jan 2026 12:33:23 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
604 B 113ms
38ms Image
image/gif 37.157.6.254
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=747235630873291140&stamp=hkFDAqW7HggDvP-67D9Y4w2

Requested by

Host: bestonlinecasinosaustralia.gr.com
URL: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestonlinecasinosaustralia.gr.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 plf
c1.adform.net/imatch/ Frame 046F 0
384 B 19ms
18ms Image
text/plain 37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 046F 43 B
199 B 161ms
61ms Image
image/gif 54.72.83.44
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=747235630873291140&Expiration=1769603603
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.83.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-83-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 046F 0
235 B 93ms
31ms Image
text/plain 23.52.180.113
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.180.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-180-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: Tue, 13 Jan 2026 12:33:24 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Wed, 14 Jan 2026 12:33:24 GMT
Connection: keep-alive

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 046F 0
214 B 94ms
11ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 , Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 68fdc1d12782ccf989788e7517f929bd
Pragma: no-cache

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 046F 0
59 B 50ms
13ms Image
text/plain 52.28.24.86
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=747235630873291140&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.24.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-24-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: text/plain; charset=UTF-8
content-length: 0

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 046F 43 B
114 B 104ms
21ms Image
image/gif 217.182.178.233
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=747235630873291140&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.233 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip233.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif

GET
H/1.1 200
OK u
user-sync.fwmrm.net/ad/ Frame 046F 43 B
504 B 97ms
11ms Image
image/gif 3.69.181.164
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://user-sync.fwmrm.net/ad/u?mode=user-register&dspid=55&dspuid=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.181.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-164.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Cache-Control: no-store
Pragma: no-cache
Connection: keep-alive
Expires: 0
X-Fw-Request-Id: umv1515_1768394004610492607
Content-Length: 43
Keep-Alive: timeout=300
Date: Wed, 14 Jan 2026 12:33:24 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 046F 43 B
183 B 96ms
26ms Image
image/gif 35.214.136.108
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 046F
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=747235630873291140&expiration=1769603603
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=747235630873291140&expiration=1769603603&C=1

43 B
303 B

60ms
57ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=747235630873291140&expiration=1769603603&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Server: 104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zCoQDBrDONSV9qpafH7j3RcgGE5UGfUgGFV%2FZiHZogM45uZopUjNpVk1c1y%2BfHfY6R3HQL7ewrYrhP6soDNGxgrI58HIlL7H8g%2Fw5JSSQiYXPRgJjC55"}]}
cf-ray: 9bdd295ec9bcde1c-AMS
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
vary: accept-encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=111&external_user_id=747235630873291140&expiration=1769603603&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fmtFkCYi9YB53%2F8a565dmk4d3QAM8RTQmZp%2FxBdiBCPwCpKpzh959rysifF0XFKgmJmPe4NuyzDXimFlSwnovMl5cFW4Kd%2FNBdaEGVLMTC%2BwmCGCm06c"}]}
cf-ray: 9bdd295e88ebde1c-AMS
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 14 Jan 2026 12:33:24 GMT
vary: accept-encoding
server: cloudflare

GET
H/1.1 200
OK info
uipglob.semasio.net/adform/1/ Frame 046F 42 B
239 B 118ms
35ms Image
image/gif 77.243.51.122
NETIC-AS Netic A/S

General

Check archive.org

Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=747235630873291140&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
routing-server-id: -1
uip-response-status: Ok
frontend-id: 2
date: Wed, 14 Jan 2026 12:33:24 GMT
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 046F 0
354 B 78ms
20ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=747235630873291140&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Content-Length: 0
Date: Wed, 14 Jan 2026 12:33:24 GMT
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

pixel.gif
load77.exelator.com/ Frame 046F
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=747235630873291140
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=747235630873291140&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

0
93 B

383ms
182ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

server-timing: total;dur=0.000
date: Wed, 14 Jan 2026 12:33:24 GMT
etag: "604f3ce1-0"
server: nginx

Redirect headers

cache-control: no-cache
location: https://load77.exelator.com/pixel.gif
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 046F 0
98 B 63ms
17ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Jan 2026 12:33:24 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 046F 49 B
268 B 140ms
43ms Image
image/gif 63.34.36.31
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=747235630873291140

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.36.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-36-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 046F 43 B
279 B 74ms
34ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 217.138.216.119
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 14 Jan 2026 12:33:23 GMT
content-type: image/gif
vary: Accept

GET
H2

403

match
c1.adform.net/serving/cookie/ Frame 046F
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=747235630873291140
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120260114121f82447bdfc4bf5a513&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=676cce06837057f69b225237dbb03b56&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNjAxMTQxMjFmODI0NDdiZGZjNGJmNWE1MTM&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEHrv63fMqjfEoWGbUsL2l1w&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120260114121f82447bdfc4bf5a513&gdpr_consent=&gdpr=1

0
453 B

58ms
58ms

Image
text/plain

37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=28&cid=CM120260114121f82447bdfc4bf5a513&gdpr_consent=&gdpr=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Wed, 14 Jan 2026 12:33:24 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

Transfer-Encoding: chunked
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Location: https://c1.adform.net/serving/cookie/match?party=28&cid=CM120260114121f82447bdfc4bf5a513&gdpr_consent=&gdpr=1
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Date: Wed, 14 Jan 2026 12:33:24 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 14 Jan 2026 12:33:24 GMT
Server: nginx

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 046F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzQ3MjM1NjMwODczMjkxMTQw
https://c1.adform.net/serving/cookie/match/?party=1&google_error=3

35 B
590 B

20ms
18ms

Image
image/gif

37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_error=3

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match/?party=1&google_error=3
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
date: Wed, 14 Jan 2026 12:33:24 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET getuid
secure.adnxs.com/ Frame 046F 0
0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 046F 0
384 B 23ms
20ms Image
text/plain 37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 046F 0
252 B 77ms
8ms Image
text/html 103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=747235630873291140

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 046F 43 B
445 B 90ms
16ms Image
image/gif 18.173.205.12
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-12.fra56.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Age: 80643
Connection: keep-alive
Via: 1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
Content-Length: 43
X-Amz-Cf-Id: J0nUg5pJHbWqrlzD6ZoFisMhcC4QQwaAY_fz4yKVh6G-va5mo6Gj2A==
Date: Tue, 13 Jan 2026 14:09:21 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: FRA56-P12

GET
H3

200

p
a.audrte.com/ Frame 046F
Redirect Chain

https://a.audrte.com/a?adform_uid=747235630873291140
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMDRxa3EtYzQwd2JTVDBTNVNIRzk3UTFWVmlXQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMDRxa3EtYzQwd2JTVDBTNVNIRzk3UTFWVmlXQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&aruid=mke04qkq-c40wbST0S5SHG97Q1VViWA-ad&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
89 B

31ms
30ms

Image
image/png

34.102.136.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H3
Server: 34.102.136.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.136.102.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
date: Wed, 14 Jan 2026 12:33:24 GMT
x-cloud-trace-context: 28026d31a7e9e7ef5724a9ad1c08e27e
content-type: image/png
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Google Frontend

Redirect headers

location: https://a.audrte.com:443/p
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: text/html
x-cloud-trace-context: c3737066bffd07000acc98dc76b5ebc3
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Google Frontend

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 046F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=747235630873291140&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=747235630873291140&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=58565023588557972972355397009692070623&noredirect=1

35 B
590 B

21ms
20ms

Image
image/gif

37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=58565023588557972972355397009692070623&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=58565023588557972972355397009692070623&noredirect=1
dcs: dcs-prod-irl1-1-v083-08363e044.edge-irl1.demdex.com 2 ms
pragma: no-cache
x-tid: iBW7ROrbRxM=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 14 Jan 2026 12:33:24 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 046F 0
307 B 73ms
11ms Image
text/plain 35.156.185.159
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.185.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-185-159.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS
expires: 0
access-control-allow-origin: *
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date: Wed, 14 Jan 2026 12:33:24 GMT
server: AAWebServer
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 046F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595194413660043629

35 B
599 B

19ms
18ms

Image
image/gif

37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595194413660043629

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

Location: https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595194413660043629
Content-Length: 0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Date: Wed, 14 Jan 2026 12:33:24 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 046F
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=hxViyDb61VG03W5

35 B
599 B

24ms
22ms

Image
image/gif

37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=hxViyDb61VG03W5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match?party=1084&cid=hxViyDb61VG03W5
pragma: no-cache
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Jan 2026 12:33:24 GMT
server: PingMatch/v2.0.30-837-g97d465c#main edge-prod-euw1-7l2h@europe-west1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 046F 70 B
149 B 102ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-length: 70
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 046F 43 B
1 KB 47ms
13ms Image
image/gif 162.19.138.82
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=747235630873291140

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 046F
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=774342068
https://c1.adform.net/serving/cookie/match/?party=1145&cid=xCnv.4NKm28QHmsPLc3xWO

35 B
590 B

19ms
17ms

Image
image/gif

37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1145&cid=xCnv.4NKm28QHmsPLc3xWO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://c1.adform.net/serving/cookie/match/?party=1145&cid=xCnv.4NKm28QHmsPLc3xWO
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Wed, 14 Jan 2026 12:33:23 GMT
last-modified: Wed, 14 Jan 2026 12:33:24 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H2 200 um
sync.teads.tv/ Frame 046F 23 B
281 B 76ms
32ms Image
image/gif 151.101.2.132
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: pekko-http/1.1.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

x-user-geo: EU-WEST-1
cache-control: max-age=0, no-cache, no-store
x-timer: S1768394004.468697,VS0,VE23
x-check-cacheable: NO
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS
content-length: 23
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230123-FRA
server: pekko-http/1.1.0
x-cache-hits: 0
traffic-path: DUBDC2, FRA, Europe

GET
H2 204 /
s.ad.smaato.net/c/ Frame 046F 0
66 B 113ms
42ms Image
text/plain 34.1.242.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1067&dspCookie=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.242.226 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 226.242.1.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
date: Wed, 14 Jan 2026 12:33:24 GMT
cache-control: no-cache, must-revalidate

GET
H2 200 747235630873291140
match.contentexchange.me/adform/ Frame 046F 0
49 B 144ms
63ms Image
text/plain 91.185.218.28
MNSHA-AS Mainstre...

General

Check archive.org

Download Go to Show image

Full URL: https://match.contentexchange.me/adform/747235630873291140?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.185.218.28 , Slovenia, ASN51859 (MNSHA-AS Mainstream doo Beograd, RS),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 14 Jan 2026 12:33:24 GMT
server: nginx/1.24.0
content-length: 0

GET
H2 200 set_user_agent_id_mapping
cookie-matching.mediarithmics.com/v1/ Frame 046F 70 B
180 B 86ms
26ms Image
image/png 54.36.150.186
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://cookie-matching.mediarithmics.com/v1/set_user_agent_id_mapping?dom_token=adform25&identifier=747235630873291140

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.36.150.186 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip186.ip-54-36-150.eu

Software

Resource Hash

f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 70
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/png

GET
H2 200 xuid
eb2.3lift.com/ Frame 046F 37 B
140 B 48ms
18ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=747235630873291140&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Wed, 14 Jan 2026 12:33:24 GMT
content-type: image/gif

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 046F 35 B
99 B 120ms
72ms Image
image/gif 51.38.30.15
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=290&mapped=747235630873291140
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.38.30.15 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31790662.ip-51-38-30.eu
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-type: image/gif
content-length: 35

GET
H2 200 /
onetag-sys.com/match/ Frame 046F 0
232 B 55ms
11ms Image
text/plain 51.89.9.252
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=220&uid=747235630873291140

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
date: Wed, 14 Jan 2026 12:33:24 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 046F 0
384 B 26ms
25ms Image
text/plain 37.157.5.86
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.5.86 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=747235630873291140&agencyId=8619&advertiserId=2210830&src=tp&rnd=443339

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:33:24 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET 0faecce7-dacb-4b07-89cd-4839254ca7d5
https://newassets.hcaptcha.com/ Frame 5A7E 0
0

GET a7a17019-abd2-485b-baca-5e2788c13c06
https://newassets.hcaptcha.com/ Frame 5A7E 0
0

GET
H3 404 favicon.ico
bestonlinecasinosaustralia.gr.com/ 3 KB
2 KB 150ms
149ms Other
text/html 104.21.70.233
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bestonlinecasinosaustralia.gr.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.233 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4380dccef55f2333d94d3418ab8cf6f3bd33089c1b76b3fab6833984cd515881

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestonlinecasinosaustralia.gr.com/visit/skycrown-au/

Response headers

cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hfLn347pBtz0xx%2FqW7uwks17HvxZIZjLGCb4xIisX5O3qlxgXTS%2BUHlSicKVs%2FcPWEPomFP9jxTUDfdqnf19NRg6qKKrxgovKQmTqDvGJDohJlFloXEueN%2FkdgiO7RYPKw%3D%3D"}]}
cf-ray: 9bdd29626b6edc4b-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:25 GMT
content-type: text/html; charset=UTF-8
vary: accept-encoding
server: cloudflare
priority: u=1,i

POST
H3 200 882c28f2-cdfe-448c-a570-71d8bf425374 Show response
api.hcaptcha.com/getcaptcha/ Frame 5A7E 2 KB
3 KB 251ms
245ms XHR
application/octet-stream 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5725c8b3919540b9bf4aaf54b5b9e26fbae0c6e7d56774ad1d9f08031fddb6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
accept: application/json, application/octet-stream
content-type: application/octet-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 9bdd29644c17913a-FRA
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:25 GMT
content-type: application/octet-stream
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=1,i

OPTIONS
H3 200 882c28f2-cdfe-448c-a570-71d8bf425374
api.hcaptcha.com/getcaptcha/ Frame 0
0 45ms
33ms Preflight 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://newassets.hcaptcha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
cf-ray: 9bdd29641b2d37e6-FRA
content-length: 0
date: Wed, 14 Jan 2026 12:33:25 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 challenge.js Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/challenge/image_label_area_select/ Frame 5A7E 45 KB
11 KB 26ms
25ms Script
text/javascript 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/challenge/image_label_area_select/challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d319700d0f8e2c415c0ef58ff918634016494372cf458a93cc37e1a554dd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1d383c55b9ec95f1e2ff83d2ea5722fa"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:25 GMT
content-type: text/javascript
vary: Origin, accept-encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
cf-ray: 9bdd2965ed8c913a-FRA
accept-ranges: bytes
content-length: 10992
server: cloudflare

GET 7079ba6a500f6d5e0bb7c64df208f742b57ff7e5cf7f3d2d777665b1f6d17035.webm
imgs3.hcaptcha.com/tip/a3c0f7d6261fb8df04570c2591759af560a21eea30f0e51df948960b23199f8a/ Frame 5A7E 0
0

POST
H3 200 882c28f2-cdfe-448c-a570-71d8bf425374 Show response
api.hcaptcha.com/getcaptcha/ Frame 5A7E 3 KB
2 KB 161ms
154ms XHR
application/json 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a6e2b687e45cf6e797fd4e7b8a7489e2a5c978bb8d21cff5355db5c067fae91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
accept: application/json, application/octet-stream
content-type: application/octet-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 9bdd296d6bb2913a-FRA
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:26 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 561fce298b80e9886ffc6d24672f0caea8fd48806dee4472756b67ea4ea5eb07.jpeg
imgs3.hcaptcha.com/tip/6c3411ae3e86f9f80859c0cad38fead5fcc7573756815f8991ccb2de9952b3d1/ Frame 5A7E 56 KB
56 KB 349ms
349ms Image
image/jpeg 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://imgs3.hcaptcha.com/tip/6c3411ae3e86f9f80859c0cad38fead5fcc7573756815f8991ccb2de9952b3d1/561fce298b80e9886ffc6d24672f0caea8fd48806dee4472756b67ea4ea5eb07.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df13a22a3898356c90576755ff50a03999096daf19e6286332ae9d639a59c4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://newassets.hcaptcha.com
Referer: https://newassets.hcaptcha.com/

Response headers

access-control-max-age: 3000
cf-cache-status: MISS
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Thu, 15 Jan 2026 12:33:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:33:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cf-ray: 9bdd296e6a359b69-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57006
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1

Domain: newassets.hcaptcha.com
URL: blob:https://newassets.hcaptcha.com/0faecce7-dacb-4b07-89cd-4839254ca7d5

Domain: newassets.hcaptcha.com
URL: blob:https://newassets.hcaptcha.com/a7a17019-abd2-485b-baca-5e2788c13c06

Domain: imgs3.hcaptcha.com
URL: https://imgs3.hcaptcha.com/tip/a3c0f7d6261fb8df04570c2591759af560a21eea30f0e51df948960b23199f8a/7079ba6a500f6d5e0bb7c64df208f742b57ff7e5cf7f3d2d777665b1f6d17035.webm

Verdicts & Comments Add Verdict or Comment

13 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bestonlinecasinosaustralia.gr.com/	1970-01-21 11:56:26	Name: ts Value: d
.hcaptcha.com/	1970-01-21 11:13:15	Name: __cf_bm Value: e571nAFZ.qxngNSR9PWJ1GLG4jIPc2xgpJfjOAzScZM-1768394002-1.0.1.1-ssNWI58KLxe_8xWRoF8tQb1D5hEqcZNVqy2.nnctzFYPG8CIcz_pkRfqJR2PV8BkaK5ZI8967ojT0bN.VFZMRQVVwapdolTD9y.GK4a8Sj8
.adform.net/	1970-01-21 11:57:52	Name: C Value: 1
.adform.net/	1970-01-21 12:39:38	Name: uid Value: 747235630873291140
.adform.net/	1970-01-21 11:14:40	Name: CM Value: 1%7C1
.adform.net/	1970-01-21 11:33:23	Name: CM14 Value: 1768480403_1768394003_1768394003_1_Hu7u4e4e4R4eAeAREREeEREREA
.seadform.net/	1970-01-21 12:39:38	Name: uid Value: 747235630873291140
.eyeota.net/	1970-01-21 11:13:14	Name: SERVERID Value: 22810~DM
.fwmrm.net/	1970-01-21 15:32:26	Name: _uid Value: umv1515_7595265092953995888
.casalemedia.com/	1970-01-21 19:58:50	Name: CMID Value: aWeNFLmqPGoAL9wgBBL1QgAA
.casalemedia.com/	1970-01-21 13:22:50	Name: CMPS Value: 1175
.casalemedia.com/	1970-01-21 13:22:50	Name: CMPRO Value: 1175
cm.adsafety.net/	1970-01-21 19:58:50	Name: UID Value: CM120260114121f82447bdfc4bf5a513
.adsafety.net/	1970-01-21 19:58:50	Name: cm_uid Value: CM120260114121f82447bdfc4bf5a513
.exelator.com/	1970-01-21 14:06:02	Name: EE Value: "41e82a58eb92baac72cc6c8a58ab2810"
.audrte.com/	1970-01-21 11:34:50	Name: arcki2 Value: mke04qkq-c40wbST0S5SHG97Q1VViWA-ad!20210107!1768394004362!ip#217.138.216.119
.audrte.com/	1970-01-21 11:34:50	Name: arcki2_adform Value: 747235630873291140!20210107!1768394004362
ads.smartstream.tv/	1970-01-21 19:58:50	Name: DID Value: 676cce06837057f69b225237dbb03b56
ads.smartstream.tv/	1970-01-21 19:58:50	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 19:58:50	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-21 11:56:26	Name: cm_uid Value: CM120260114121f82447bdfc4bf5a513
cm.adsafety.net/	1970-01-21 19:58:50	Name: permanent Value: 1
.adfarm1.adition.com/	1970-01-21 13:22:50	Name: UserID1 Value: 7595194413660043629
.doubleclick.net/	1970-01-21 20:34:50	Name: IDE Value: AHWqTUlPIJqDdxfMtT0xNjVNvgn1oxxWgcqRB7gmwuZUkSpiTf33gfe3DmAAFG098Pk
.audrte.com/	1970-01-21 11:34:50	Name: arcki2_ddp2 Value: mke04qkq-c40wbST0S5SHG97Q1VViWA-ad!20210107!1768394004441
.exelator.com/	1970-01-21 14:06:02	Name: ud Value: "eJxrXxzq6XKLQcHEMNXCKNHUIjXJ0igpMTHZ3Cg52SzZAiiSmGRkYWiwuCy1aMHS0uLUlKRDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpsaGK8JL8oM32Ri%252BviopQ0hkUlxaeCz95zAADBgCrX"
cm.adsafety.net/	1970-01-21 19:58:50	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaeGcxRXJvVDRlMHkvbHY2ckJNY0p2bS9tU2ZyTllEWHBxQUx6akdUbFBKQllUejdraTFDRU9NazZXalFJSk9ySXdKSCtBUndjTEI2MnRnZnZnWFhYNzB6UkVqNXFUbWJBZlpqWmFyTUVQMkpWNk9Ob0wwS1R2S1VCZ0o3ZjNQSkRBaWVBNWlpU3ZMcU5NZnVLaTlNSjVGQU1zL09DM1lUakYzV0pJUllaRlZGTkptc1ljRXBhMUlndExvS3J1SXRCRWdvbDJ2Q2RkaGtDaFEycHNlRUZVOVg0a2JRdzFLTDROK3RnTDRMalVZSDhGMmxBRmZvNU1ETVFra0trd0YwMDhmTU1Vb3VsdVhpTkpsSXpPRGVtaU52V1o3SGd5SVA2WjNmajUzRTRHQUF3SWErOEtOODZPckVEaFZLUyt3TkZuSnB1ODhaV0JqQXhOblZMc0R5WWdqNkthc0dyWE1pRkJsRElsZWFDbElzKzNwTGlMZlRZZ0tRd3luaTN0VUVBZkVOdlR2ZVNSYmdZRmpjbVU5VkVsRU5Qc1Vka2EvYzlFSEFhdWtHQnBEamVJR2RweGZyTFdPd3M2REF2bVQ3VHFPU1prUmZrN1h2aGQ3cGozUU1MdHY2TkZ1NXBIZlhUdXM2cjV6djJoRmQ%3D
.w55c.net/	1970-01-21 20:43:28	Name: wfivefivec Value: hxViyDb61VG03W5
.demdex.net/	1970-01-21 15:32:26	Name: demdex Value: 58565023588557972972355397009692070623
.w55c.net/	1970-01-21 11:56:26	Name: matchadform Value: 5
.weborama.fr/	1970-01-21 20:39:09	Name: AFFICHE_W Value: 6rlOaR@a33zq52
.dpm.demdex.net/	1970-01-21 15:32:26	Name: dpm Value: 58565023588557972972355397009692070623
api.hcaptcha.com/	1970-01-21 11:56:26	Name: hmt_id Value: 595d7aa2-f0d8-4ac4-bfa5-b226b69a8840

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html#frame=challenge&id=0zrzgicrql5p&host=bestonlinecasinosaustralia.gr.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=de&tplinks=on&andint=off&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&theme=light&origin=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D01800940E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html#frame=challenge&id=0zrzgicrql5p&host=bestonlinecasinosaustralia.gr.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=de&tplinks=on&andint=off&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&theme=light&origin=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com Message: [GroupMarkerNotSet(crbug.com/242999)!:A0801B1A940E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=747235630873291140 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=747235630873291140 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=28&cid=CM120260114121f82447bdfc4bf5a513&gdpr_consent=&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bestonlinecasinosaustralia.gr.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html#frame=challenge&id=0zrzgicrql5p&host=bestonlinecasinosaustralia.gr.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=de&tplinks=on&andint=off&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&theme=light&origin=https%3A%2F%2Fbestonlinecasinosaustralia.gr.com Message: Access to video at 'https://imgs3.hcaptcha.com/tip/a3c0f7d6261fb8df04570c2591759af560a21eea30f0e51df948960b23199f8a/7079ba6a500f6d5e0bb7c64df208f742b57ff7e5cf7f3d2d777665b1f6d17035.webm' from origin 'https://newassets.hcaptcha.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://imgs3.hcaptcha.com/tip/a3c0f7d6261fb8df04570c2591759af560a21eea30f0e51df948960b23199f8a/7079ba6a500f6d5e0bb7c64df208f742b57ff7e5cf7f3d2d777665b1f6d17035.webm Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92eb858b6171.w.hcaptcha.com
a.audrte.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
api.hcaptcha.com
bestonlinecasinosaustralia.gr.com
c1.adform.net
c22ef922ccb3.w.hcaptcha.com
cm.adsafety.net
cm.g.doubleclick.net
cookie-matching.mediarithmics.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
imgs3.hcaptcha.com
js.hcaptcha.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
newassets.hcaptcha.com
onetag-sys.com
pdw-adf.userreport.com
pixel.onaudience.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
sync.crwdcntrl.net
sync.teads.tv
token.rubiconproject.com
uipglob.semasio.net
user-sync.fwmrm.net
x.bidswitch.net
imgs3.hcaptcha.com
newassets.hcaptcha.com
secure.adnxs.com
103.231.98.109
104.18.13.205
104.18.26.193
104.19.229.21
104.19.230.21
104.21.70.233
139.162.172.148
142.251.208.2
151.101.2.132
162.19.138.82
18.173.205.12
18.184.216.10
193.135.9.124
217.182.178.233
23.52.180.113
3.69.181.164
34.1.242.226
34.102.136.131
35.156.185.159
35.190.24.218
35.210.130.15
35.214.136.108
35.244.159.8
35.244.174.68
35.71.131.137
37.157.5.132
37.157.5.86
37.157.6.245
37.157.6.254
50.16.197.56
51.38.30.15
51.89.9.252
52.16.105.228
52.28.24.86
54.36.150.186
54.72.83.44
54.78.254.47
63.34.36.31
69.173.144.138
76.223.111.18
77.243.51.122
85.114.159.118
91.185.218.28
0c865700b5d84da26eaa5f0236e1d8af8997da75574a3cdb26d725818119f6d3
22d319700d0f8e2c415c0ef58ff918634016494372cf458a93cc37e1a554dd5e
2a6e2b687e45cf6e797fd4e7b8a7489e2a5c978bb8d21cff5355db5c067fae91
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b82ef4c2f24d251173eac888f3102634e2b91ebdb5c2f618fa8ed6fb92393bc
2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d
4380dccef55f2333d94d3418ab8cf6f3bd33089c1b76b3fab6833984cd515881
4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5725c8b3919540b9bf4aaf54b5b9e26fbae0c6e7d56774ad1d9f08031fddb6e1
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8001d90f55d669cb67244e608a2ef77f01f77fc6a6561278002c7899f4b973f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87fcc0bf8a0c7269ee02f3ce330f47dd898ea6fea37f4a1744d470da86007ac5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
af8d13f61ca277812f161a25c8066bb6aab00e0a5115e2e3f53b5258cdac9733
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12ddaa8ab1267ccb635de405144565dcc978f2101f171dac6b22765f68100e
c008b109645c3f1c3dbbc611197d3ae3477bcaf0d5ab5c27156a42a54f77067b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df13a22a3898356c90576755ff50a03999096daf19e6286332ae9d639a59c4f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

bestonlinecasinosaustralia.gr.com Open in urlscan Pro 104.21.70.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

76 %HTTPS

0 %IPv6

39 Domains

47 Subdomains

36 IPs

11 Countries

719 kBTransfer

2398 kBSize

33 Cookies

4 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

bestonlinecasinosaustralia.gr.com Open in urlscan Pro
104.21.70.233 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

76 %
HTTPS

0 %
IPv6

39
Domains

47
Subdomains

36
IPs

11
Countries

719 kB
Transfer

2398 kB
Size

33
Cookies

59 HTTP transactions
3 data transactions