bestaustralianonlinecasinos.gb.net Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bestaustralianonlinecasinos.gb.net/
Submission Tags: @ecarlesi threat phishing Search All
Submission: On January 14 via api (January 14th 2026, 12:53:21 pm UTC) from IT — Scanned from UK

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 35 IPs in 12 countries across 40 domains to perform 58 HTTP transactions. The main IP is 188.114.96.3, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is bestaustralianonlinecasinos.gb.net.
TLS certificate: Issued by WE1 on January 14th 2026. Valid for: 3 months.

This is the only time bestaustralianonlinecasinos.gb.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.19.229.21 104.19.229.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.250 37.157.2.250	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1 12	37.157.2.235 37.157.2.235	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	104.18.12.205 104.18.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.13.205 104.18.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.13 37.157.2.13	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2	52.209.249.220 52.209.249.220	16509 (AMAZON-02) (AMAZON-02)
1	88.221.170.40 88.221.170.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.159.138.131 18.159.138.131	16509 (AMAZON-02) (AMAZON-02)
1	178.32.197.56 178.32.197.56	16276 (OVH OVH SAS) (OVH OVH SAS)
1	3.69.181.174 3.69.181.174	16509 (AMAZON-02) (AMAZON-02)
1	35.214.136.108 35.214.136.108	15169 (GOOGLE) (GOOGLE)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	77.243.51.121 77.243.51.121	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
1 1	18.245.46.103 18.245.46.103	16509 (AMAZON-02) (AMAZON-02)
1 2	63.34.36.31 63.34.36.31	16509 (AMAZON-02) (AMAZON-02)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	217.79.178.236 217.79.178.236	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
1 1	193.135.9.114 193.135.9.114	48314 (IP-PROJEC...) (IP-PROJECTS Michael Sebastian Schinzel trading as IP-Projects GmbH & Co. KG)
5 5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	103.231.98.109 103.231.98.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.173.205.12 18.173.205.12	16509 (AMAZON-02) (AMAZON-02)
2 2	34.102.136.131 34.102.136.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.16.129.226 52.16.129.226	16509 (AMAZON-02) (AMAZON-02)
1	63.181.100.46 63.181.100.46	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
2 2	35.210.130.15 35.210.130.15	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
2 2	35.190.24.218 35.190.24.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	34.1.242.226 34.1.242.226	15169 (GOOGLE) (GOOGLE)
1	91.185.218.28 91.185.218.28	51859 (MNSHA-AS ...) (MNSHA-AS Mainstream doo Beograd)
1	54.36.150.184 54.36.150.184	16276 (OVH OVH SAS) (OVH OVH SAS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	148.113.153.93 148.113.153.93	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.89.9.251 51.89.9.251	16276 (OVH OVH SAS) (OVH OVH SAS)
3	104.19.230.21 104.19.230.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
58	35

2 188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

bestaustralianonlinecasinos.gb.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 104.19.229.21 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.2.250 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 37.157.2.235 (Denmark) 1 redirects

ASN198622 (ADFORM Adform A/S, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.12.205 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

bd7a81301987.w.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.13.205 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

1423b96ed942.w.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.2.13 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 52.209.249.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-249-220.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 88.221.170.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-170-40.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 69.173.144.139 (Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.159.138.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-138-131.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 178.32.197.56 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip56.ip-178-32-197.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.69.181.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-174.eu-central-1.compute.amazonaws.com

user-sync.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.18.26.193 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 77.243.51.121 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS Netic A/S, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.245.46.103 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-103.fra56.r.cloudfront.net

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 63.34.36.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-36-31.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 217.79.178.236 (Germany) 3 redirects

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: cm47.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 193.135.9.114 (Germany) 1 redirects

ASN48314 (IP-PROJECTS Michael Sebastian Schinzel trading as IP-Projects GmbH & Co. KG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.250.185.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.173.205.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-12.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.102.136.131 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.136.102.34.bc.googleusercontent.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 52.16.129.226 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-129-226.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 63.181.100.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-181-100-46.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.210.130.15 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 15.130.210.35.bc.googleusercontent.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.190.24.218 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.1.242.226 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 226.242.1.34.bc.googleusercontent.com

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 91.185.218.28 (Slovenia)

ASN51859 (MNSHA-AS Mainstream doo Beograd, RS)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.36.150.184 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip184.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 148.113.153.93 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ns5020948.ip-148-113-153.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 104.19.230.21 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

imgs3.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
13	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 8076 a1.adform.net — Cisco Umbrella Rank: 16861 c1.adform.net — Cisco Umbrella Rank: 732	40 KB
13	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 6963 newassets.hcaptcha.com — Cisco Umbrella Rank: 4466 bd7a81301987.w.hcaptcha.com api.hcaptcha.com — Cisco Umbrella Rank: 4237 1423b96ed942.w.hcaptcha.com imgs3.hcaptcha.com — Cisco Umbrella Rank: 44585	607 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 307	3 KB
5	semasio.net 4 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1529 se.semasio.net — Cisco Umbrella Rank: 23181	3 KB
3	adsafety.net 3 redirects cm.adsafety.net — Cisco Umbrella Rank: 55482	4 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2075 load77.exelator.com — Cisco Umbrella Rank: 8120	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14690	627 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1776	752 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 281	1 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 14243	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 991	497 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 640	2 KB
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 779	397 B
2	gb.net bestaustralianonlinecasinos.gb.net	3 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 760	232 B
1	onaudience.com pixel.onaudience.com — Cisco Umbrella Rank: 2354	99 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 505	140 B
1	mediarithmics.com cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 3787	180 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 33570	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 766	66 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1252	276 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 422	149 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 9551	446 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 585	307 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 25367	434 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1009	252 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 61682	849 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2165	278 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 550	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1011	354 B
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3050	441 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 424	183 B
1	fwmrm.net user-sync.fwmrm.net — Cisco Umbrella Rank: 923	504 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 773	114 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 3647	59 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 576	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 8234	235 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 58788	605 B
0	adnxs.com Failed secure.adnxs.com Failed
58	40

	Domain	Requested by
10	c1.adform.net	a1.adform.net c1.adform.net
5	cm.g.doubleclick.net	5 redirects
4	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
3	imgs3.hcaptcha.com
3	cm.adsafety.net	3 redirects
3	se.semasio.net	2 redirects c1.adform.net
3	api.hcaptcha.com	newassets.hcaptcha.com
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	loadm.exelator.com	2 redirects
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	uipglob.semasio.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ad.360yield.com	c1.adform.net
2	a1.adform.net	1 redirects bestaustralianonlinecasinos.gb.net
2	bestaustralianonlinecasinos.gb.net
1	onetag-sys.com	c1.adform.net
1	pixel.onaudience.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	cookie-matching.mediarithmics.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	c1.adform.net
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	x.bidswitch.net	c1.adform.net
1	user-sync.fwmrm.net	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	bestaustralianonlinecasinos.gb.net
1	1423b96ed942.w.hcaptcha.com	newassets.hcaptcha.com
1	bd7a81301987.w.hcaptcha.com	newassets.hcaptcha.com
1	s2.adform.net	bestaustralianonlinecasinos.gb.net
1	js.hcaptcha.com	bestaustralianonlinecasinos.gb.net
0	secure.adnxs.com Failed	c1.adform.net
58	49

This site contains links to these domains. Also see Links.

Domain
www.hcaptcha.com
hcaptcha.com

Subject Issuer	Validity	Valid
bestaustralianonlinecasinos.gb.net WE1	`2026-01-14` - `2026-04-14`	3 months	crt.sh
hcaptcha.com WE1	`2025-12-23` - `2026-03-23`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-05` - `2026-10-06`	a year	crt.sh
w.hcaptcha.com E8	`2025-12-25` - `2026-03-25`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-27` - `2026-11-12`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M03	`2025-03-29` - `2026-04-27`	a year	crt.sh
*.yieldlab.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-06-12` - `2026-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M04	`2025-05-19` - `2026-06-17`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
*.fwmrm.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-29` - `2026-11-29`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-12-19` - `2026-03-14`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2025-04-01` - `2026-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-05`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M04	`2025-08-10` - `2026-09-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2025-08-12` - `2026-08-19`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M01	`2025-09-18` - `2026-10-16`	a year	crt.sh
*.agkn.com RapidSSL TLS RSA CA G1	`2025-09-18` - `2026-09-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
id5-sync.com E7	`2026-01-01` - `2026-04-01`	3 months	crt.sh
*.teads.tv Thawte TLS RSA CA G1	`2025-05-18` - `2026-05-17`	a year	crt.sh
smaato.net Sectigo Public Server Authentication CA DV E36	`2025-09-01` - `2026-09-01`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2025-05-22` - `2026-06-05`	a year	crt.sh
*.mediarithmics.com GandiCert	`2025-02-24` - `2026-02-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M04	`2026-01-12` - `2027-02-09`	a year	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2025-05-05` - `2026-05-27`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-12-23` - `2027-01-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://bestaustralianonlinecasinos.gb.net/
Frame ID: 04FFA21388068371EC6C918CEA67C19A
Requests: 6 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Frame ID: FCE33AD6933963D34D92AD59ECC154F3
Requests: 12 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Frame ID: 9DBADD92726BBDE5267542516819FB9F
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Frame ID: FD7866CB98457ACB79500CB4F77C0F9F
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bot Verification

Detected technologies

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

58
Requests

76 %
HTTPS

0 %
IPv6

40
Domains

49
Subdomains

35
IPs

12
Countries

657 kB
Transfer

2572 kB
Size

34
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=bestaustralianonlinecasinos.gb.net&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=challenge&hl=en

Search URL Search Domain Scan URL

URL: https://www.hcaptcha.com/what-is-hcaptcha-about?ref=bestaustralianonlinecasinos.gb.net&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=checkbox&hl=en

Search URL Search Domain Scan URL

URL: https://hcaptcha.com/privacy?ref=bestaustralianonlinecasinos.gb.net&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=checkbox&hl=en
Title: Privacy

Search URL Search Domain Scan URL

URL: https://hcaptcha.com/terms?ref=bestaustralianonlinecasinos.gb.net&utm_campaign=882c28f2-cdfe-448c-a570-71d8bf425374&utm_medium=checkbox&hl=en
Title: Terms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24

Request Chain 24

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5223577623818365213&expiration=1769604803 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5223577623818365213&expiration=1769604803&C=1

Request Chain 25

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5223577623818365213&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5223577623818365213&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=5223577623818365213&gdpr=&sInitiator=external HTTP 302
https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F5108661%3FsExtCookieId%3D%24%7BUID%7D%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/5108661?sExtCookieId=86e67c00a5afedc0b24cd8319f8f8aca&sInitiator=internal HTTP 302
https://sync.crwdcntrl.net/qmap?c=12526&lac=y&d=https%3A%2f%2fse.semasio.net%2fsync%2f1%2f8672504%3FsExtCookieId%3D$%7Bprofile_id%7D%26gdpr%3D$%7Bgdpr%7D$%7Bdaisybit%3A%26gdpr_consent%3D%7D%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/8672504?sExtCookieId=&gdpr=1&sInitiator=internal

Request Chain 27

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5223577623818365213 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5223577623818365213&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 31

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5223577623818365213 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12026011412305dc7054889a0e58a5&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=019d5730ed57a8e570959c06e7396380&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNjAxMTQxMjMwNWRjNzA1NDg4OWEwZTU4YTU&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESECiwT6NjTh63MI53dyQE8H4&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12026011412305dc7054889a0e58a5&gdpr_consent=&gdpr=1

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTIyMzU3NzYyMzgxODM2NTIxMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTIyMzU3NzYyMzgxODM2NTIxMw&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBWOKKcARwJD0WYQTIfIhf0&google_cver=1&google_ula=1641347,0

Request Chain 37

https://a.audrte.com/a?adform_uid=5223577623818365213 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMHVmdG0tWGVPR1JrR29TMG05bktLRFM5TTR3dy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%253D%26aruid%3Dmke0uftm-XeOGRkGoS0m9nKKDS9M4ww-ad HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMHVmdG0tWGVPR1JrR29TMG05bktLRFM5TTR3dy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%253D%26aruid%3Dmke0uftm-XeOGRkGoS0m9nKKDS9M4ww-ad&google_tc= HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%3D&aruid=mke0uftm-XeOGRkGoS0m9nKKDS9M4ww-ad&gdpr=0&gdpr_consent= HTTP 302
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091

Request Chain 38

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5223577623818365213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5223577623818365213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=83083109244094583822923911231138847767&noredirect=1

Request Chain 40

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595199563336186222

Request Chain 41

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=z2miTFk91VG0nh5

Request Chain 44

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2552491149 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1145&cid=2euWDud2CTei/RCsbdYNBu

58 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bestaustralianonlinecasinos.gb.net/ 2 KB
1 KB 392ms
316ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bestaustralianonlinecasinos.gb.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c865700b5d84da26eaa5f0236e1d8af8997da75574a3cdb26d725818119f6d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9bdd469cefdff65b-LHR
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Wed, 14 Jan 2026 12:53:22 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wRm7ycPL4sueaSpwF3lSnN017FKZuTlJjeZz4aIRUI2VpAPpJ%2BTNuZn3qFelbRklaR%2B9lNcEs%2FF8y5AsovWcJ5yJwKdiXmyKOhMQXSl9XZrllHzC2HXMMBgEml3O%2F56e"}]}
server: cloudflare
vary: accept-encoding

GET
H3 200 api.js Show response
js.hcaptcha.com/1/ 270 KB
79 KB 85ms
50ms Script
application/javascript 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Requested by

Host: bestaustralianonlinecasinos.gb.net
URL: https://bestaustralianonlinecasinos.gb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8001d90f55d669cb67244e608a2ef77f01f77fc6a6561278002c7899f4b973f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestaustralianonlinecasinos.gb.net/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"cb0ca4239ef752290a3170ad6a1851b9"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:22 GMT
content-type: application/javascript
vary: Origin, Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=300
cross-origin-resource-policy: cross-origin
cf-ray: 9bdd469f3a1516c3-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
32 KB 204ms
66ms Script
application/javascript 37.157.2.250
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: bestaustralianonlinecasinos.gb.net
URL: https://bestaustralianonlinecasinos.gb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestaustralianonlinecasinos.gb.net/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"cbd67ec72136561be113efd03055f4f4"
x-amz-request-id: tx00000124f3f82586877a7-0068e66f78-32adfec2-default
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:22 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 25 Jun 2025 09:36:45 GMT

GET
H3 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/ Frame FCE3 529 KB
158 KB 87ms
55ms Document
text/html 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bestaustralianonlinecasinos.gb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 9bdd46a0493e6395-LHR
content-encoding: br
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jan 2026 12:53:22 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding Origin
x-content-type-options: nosniff

GET
H3 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/ Frame 9DBA 529 KB
0 86ms
86ms Document
text/html 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options	nosniff

Request headers

Referer: https://bestaustralianonlinecasinos.gb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 9bdd46a0493e6395-LHR
content-encoding: br
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jan 2026 12:53:22 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding Origin
x-content-type-options: nosniff

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Set1=en...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Se...

825 B
1 KB

80ms
80ms

Script
text/javascript

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24

Requested by

Host: bestaustralianonlinecasinos.gb.net
URL: https://bestaustralianonlinecasinos.gb.net/

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c129a27bd0bceb20c5ad1eeee0b47874ea5d05f90eaaafadd7b06e7e29be41b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestaustralianonlinecasinos.gb.net/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 14 Jan 2026 12:53:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 14 Jan 2026 12:53:22 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK logo.png Show response
bd7a81301987.w.hcaptcha.com/ Frame FCE3 1 KB
2 KB 167ms
95ms Fetch
image/png 104.18.12.205
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bd7a81301987.w.hcaptcha.com/logo.png
Requested by: Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/

Response headers

Cache-Control: public, max-age=86400
Timing-Allow-Origin: *
Connection: keep-alive
CF-RAY: 9bdd46a22a5c9451-LHR
Access-Control-Allow-Origin: *
Content-Length: 1412
Date: Wed, 14 Jan 2026 12:53:22 GMT
Content-Type: image/png
Last-Modified: Tue, 22 Oct 2020 18:30:00 GMT
Vary: Host, Accept-Encoding
Server: cloudflare

GET
DATA 200
OK truncated
/ Frame FCE3 19 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

POST
H3 200 checksiteconfig Show response
api.hcaptcha.com/ Frame FCE3 817 B
914 B 66ms
56ms XHR
application/json 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=6e937500c6861f1c062311c9544857646f7e58aa&host=bestaustralianonlinecasinos.gb.net&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bafc2fd806f2e21f938455dc7b99f058b809bae0421974fcc5b172b749e0bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: application/json
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
cf-ray: 9bdd46a19a536395-LHR
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:22 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=1,i
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent

GET
DATA 200
OK truncated
/ Frame 9DBA 19 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK logo.png Show response
1423b96ed942.w.hcaptcha.com/ Frame 9DBA 1 KB
2 KB 146ms
75ms Fetch
image/png 104.18.13.205
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://1423b96ed942.w.hcaptcha.com/logo.png
Requested by: Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/

Response headers

Cache-Control: public, max-age=86400
Timing-Allow-Origin: *
Connection: keep-alive
CF-RAY: 9bdd46a2cbbf0b91-LHR
Access-Control-Allow-Origin: *
Content-Length: 1412
Date: Wed, 14 Jan 2026 12:53:23 GMT
Content-Type: image/png
Last-Modified: Tue, 22 Oct 2020 18:30:00 GMT
Vary: Host, Accept-Encoding
Server: cloudflare

GET
DATA 200
OK truncated
/ Frame 9DBA 798 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/b96f4cf1ef78e89652fe21210f98391d826924916bef54bd20587031678a1ddb/ Frame FCE3 813 KB
350 KB 31ms
30ms Script
application/javascript 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/c/b96f4cf1ef78e89652fe21210f98391d826924916bef54bd20587031678a1ddb/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c008b109645c3f1c3dbbc611197d3ae3477bcaf0d5ab5c27156a42a54f77067b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3024000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6f3e8eee72a5229792b117a43aaeef2c"
x-content-type-options: nosniff
cf-ray: 9bdd46a25ae96395-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:22 GMT
content-type: application/javascript
vary: accept-encoding, Origin
server: cloudflare
priority: u=3,i=?0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame FD78 4 KB
2 KB 219ms
87ms Document
text/html 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=3610452&ADFPageName=Legacy%20-%20Retargeting&ADFdivider=%7C&ord=732082018722&ADFtpmode=2&loc=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

b68fcaebef30a80fc8c0616a73fb1da199abc3df706989cc364edd7dc7a7df21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bestaustralianonlinecasinos.gb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Jan 2026 12:53:23 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
605 B 272ms
132ms Image
image/gif 37.157.2.13
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=5223577623818365213&stamp=h5vHDXf2IKMDvP-67D9Y4w2

Requested by

Host: bestaustralianonlinecasinos.gb.net
URL: https://bestaustralianonlinecasinos.gb.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.13 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestaustralianonlinecasinos.gb.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET 528fd244-bb9c-45d9-abff-584c3bfc8223
https://newassets.hcaptcha.com/ Frame FCE3 0
0

GET 38b3267b-7743-4847-9ae4-9c8d36d089fb
https://newassets.hcaptcha.com/ Frame FCE3 0
0

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD78 0
384 B 45ms
45ms Image
text/plain 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame FD78 43 B
199 B 203ms
90ms Image
image/gif 52.209.249.220
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5223577623818365213&Expiration=1769604803
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.209.249.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-249-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FD78 0
235 B 185ms
95ms Image
text/plain 88.221.170.40
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.170.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-170-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: Tue, 13 Jan 2026 12:53:23 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Wed, 14 Jan 2026 12:53:23 GMT
Connection: keep-alive

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame FD78 0
214 B 169ms
37ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 , Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37484d30bdaa9e564e61fc97530dd433
Pragma: no-cache

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame FD78 0
59 B 190ms
100ms Image
text/plain 18.159.138.131
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5223577623818365213&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.138.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-138-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame FD78 43 B
114 B 257ms
100ms Image
image/gif 178.32.197.56
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5223577623818365213&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.197.56 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip56.ip-178-32-197.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 14 Jan 2026 12:53:22 GMT
content-type: image/gif

GET
H/1.1 200
OK u
user-sync.fwmrm.net/ad/ Frame FD78 43 B
504 B 158ms
47ms Image
image/gif 3.69.181.174
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://user-sync.fwmrm.net/ad/u?mode=user-register&dspid=55&dspuid=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.181.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-174.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Cache-Control: no-store
Pragma: no-cache
Connection: keep-alive
Expires: 0
X-Fw-Request-Id: umv1adb_1768395203419636947
Content-Length: 43
Keep-Alive: timeout=300
Date: Wed, 14 Jan 2026 12:53:23 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame FD78 43 B
183 B 121ms
47ms Image
image/gif 35.214.136.108
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD78
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5223577623818365213&expiration=1769604803
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5223577623818365213&expiration=1769604803&C=1

43 B
711 B

49ms
49ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5223577623818365213&expiration=1769604803&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H3
Server: 104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Mc4hYELr7jojYeHZDN3LqsASg8gFAha9W8ph2JpmRV0F2h4lSMfttjU11QphIZzHRWG5SIUNGCRp0s8YE8DfTZVJHJmvxhKeFQpjq3gTRMKqOrDy90qI"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
vary: accept-encoding
priority: u=1,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9bdd46a5be1163e7-LHR
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eg3hfP128Oz4scYbe%2FInfJLfTVmR8fpPgWbZEoIZ9l5x9pO%2Bi7bwSEIO1UYwTdENCQXG9adIYrli9aR64sHFYmc6UYvLnQEE8pw5FhHDffc4GaXqOPSI"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 14 Jan 2026 12:53:23 GMT
vary: accept-encoding
priority: u=1,i
cache-control: no-cache
location: /rum?cm_dsp_id=111&external_user_id=5223577623818365213&expiration=1769604803&C=1
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9bdd46a56dd263e7-LHR
content-length: 0
server: cloudflare

GET
H/1.1

200
OK

8672504
se.semasio.net/sync/1/ Frame FD78
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5223577623818365213&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5223577623818365213&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=5223577623818365213&gdpr=&sInitiator=external
https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F5108661%3FsExtCookieId%3D%24%7BUID%7D%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/5108661?sExtCookieId=86e67c00a5afedc0b24cd8319f8f8aca&sInitiator=internal
https://sync.crwdcntrl.net/qmap?c=12526&lac=y&d=https%3A%2f%2fse.semasio.net%2fsync%2f1%2f8672504%3FsExtCookieId%3D$%7Bprofile_id%7D%26gdpr%3D$%7Bgdpr%7D$%7Bdaisybit%3A%26gdpr_consent%3D%7D%26sInit...
https://se.semasio.net/sync/1/8672504?sExtCookieId=&gdpr=1&sInitiator=internal

0
415 B

45ms
45ms

Image
text/plain

77.243.51.121
NETIC-AS Netic A/S

General

Check archive.org

Download Go to Show image

Full URL: https://se.semasio.net/sync/1/8672504?sExtCookieId=&gdpr=1&sInitiator=internal
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Server: 77.243.51.121 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
frontend-id: 03
pragma: no-cache
expires: Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin: *
content-length: 0
uip-status: Ok
date: Wed, 14 Jan 2026 12:53:23 GMT

Redirect headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
location: https://se.semasio.net/sync/1/8672504?sExtCookieId=&gdpr=1&sInitiator=internal
pragma: no-cache
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 0
date: Wed, 14 Jan 2026 12:53:24 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame FD78 0
354 B 301ms
166ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5223577623818365213&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Content-Length: 0
Date: Wed, 14 Jan 2026 12:53:23 GMT
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

pixel.gif
load77.exelator.com/ Frame FD78
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5223577623818365213
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5223577623818365213&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

0
93 B

410ms
197ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

server-timing: total;dur=0.001
date: Wed, 14 Jan 2026 12:53:24 GMT
etag: "695f24b6-0"
server: nginx

Redirect headers

cache-control: no-cache
location: https://load77.exelator.com/pixel.gif
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame FD78 0
98 B 106ms
38ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Jan 2026 12:53:23 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame FD78 49 B
268 B 130ms
47ms Image
image/gif 63.34.36.31
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=5223577623818365213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.36.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-36-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame FD78 43 B
278 B 87ms
38ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 146.70.179.39
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 14 Jan 2026 12:53:22 GMT
content-type: image/gif
vary: Accept

GET
H2

403

match
c1.adform.net/serving/cookie/ Frame FD78
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5223577623818365213
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12026011412305dc7054889a0e58a5&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=019d5730ed57a8e570959c06e7396380&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNjAxMTQxMjMwNWRjNzA1NDg4OWEwZTU4YTU&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESECiwT6NjTh63MI53dyQE8H4&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12026011412305dc7054889a0e58a5&gdpr_consent=&gdpr=1

0
453 B

45ms
45ms

Image
text/plain

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=28&cid=CM12026011412305dc7054889a0e58a5&gdpr_consent=&gdpr=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Wed, 14 Jan 2026 12:53:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

Transfer-Encoding: chunked
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Location: https://c1.adform.net/serving/cookie/match?party=28&cid=CM12026011412305dc7054889a0e58a5&gdpr_consent=&gdpr=1
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Date: Wed, 14 Jan 2026 12:53:23 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 14 Jan 2026 12:53:23 GMT
Server: nginx

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame FD78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTIyMzU3NzYyMzgxODM2NTIxMw
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTIyMzU3NzYyMzgxODM2NTIxMw&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBWOKKcARwJD0WYQTIfIhf0&google_cver=1&google_ula=1641347,0

35 B
591 B

75ms
75ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBWOKKcARwJD0WYQTIfIhf0&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBWOKKcARwJD0WYQTIfIhf0&google_cver=1&google_ula=1641347,0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 334
date: Wed, 14 Jan 2026 12:53:23 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET getuid
secure.adnxs.com/ Frame FD78 0
0

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD78 0
384 B 81ms
79ms Image
text/plain 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FD78 0
252 B 160ms
51ms Image
text/html 103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5223577623818365213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame FD78 43 B
434 B 218ms
92ms Image
image/gif 18.173.205.12
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-12.fra56.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Connection: keep-alive
Via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
Content-Length: 43
X-Amz-Cf-Id: 1FbcazrUt2NtZ05_AsMWUJeCdJamejD2fd2Po9e5yLlPqeqLcOYG2A==
Date: Wed, 14 Jan 2026 12:53:23 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: FRA56-P12

GET
H2

200

ux
ad.360yield.com/ Frame FD78
Redirect Chain

https://a.audrte.com/a?adform_uid=5223577623818365213
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMHVmdG0tWGVPR1JrR29TMG05bktLRFM5TTR3dy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWtlMHVmdG0tWGVPR1JrR29TMG05bktLRFM5TTR3dy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%3D&aruid=mke0uftm-XeOGRkGoS0m9nKKDS9M4ww-ad&gdpr=0&gdpr_consent=
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091

43 B
198 B

31ms
31ms

Image
image/gif

52.209.249.220
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Server: 52.209.249.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-249-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif

Redirect headers

location: https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: text/html
x-cloud-trace-context: 1e840be9c2a607a1191c675a3a75c8d6
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Google Frontend

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD78
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5223577623818365213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5223577623818365213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=83083109244094583822923911231138847767&noredirect=1

35 B
591 B

80ms
80ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=83083109244094583822923911231138847767&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=83083109244094583822923911231138847767&noredirect=1
dcs: dcs-prod-irl1-2-v083-07be01db6.edge-irl1.demdex.com 3 ms
pragma: no-cache
x-tid: GfZVzQWPQDs=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 14 Jan 2026 12:53:23 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame FD78 0
307 B 147ms
51ms Image
text/plain 63.181.100.46
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.181.100.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-181-100-46.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS
expires: 0
access-control-allow-origin: *
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date: Wed, 14 Jan 2026 12:53:23 GMT
server: AAWebServer
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame FD78
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595199563336186222

35 B
591 B

46ms
45ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595199563336186222

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

Location: https://c1.adform.net/serving/cookie/match/?party=1049&cid=7595199563336186222
Content-Length: 0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Date: Wed, 14 Jan 2026 12:53:23 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD78
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=z2miTFk91VG0nh5

35 B
591 B

74ms
74ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=z2miTFk91VG0nh5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match?party=1084&cid=z2miTFk91VG0nh5
pragma: no-cache
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 14 Jan 2026 12:53:22 GMT
server: PingMatch/v2.0.30-837-g97d465c#main edge-prod-euw1-xg5r@europe-west1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FD78 70 B
149 B 168ms
86ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-length: 70
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame FD78 43 B
1 KB 179ms
91ms Image
image/gif 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=5223577623818365213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame FD78
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2552491149
https://c1.adform.net/serving/cookie/match/?party=1145&cid=2euWDud2CTei/RCsbdYNBu

35 B
600 B

47ms
47ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1145&cid=2euWDud2CTei/RCsbdYNBu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://c1.adform.net/serving/cookie/match/?party=1145&cid=2euWDud2CTei/RCsbdYNBu
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Wed, 14 Jan 2026 12:53:23 GMT
last-modified: Wed, 14 Jan 2026 12:53:23 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H2 200 um
sync.teads.tv/ Frame FD78 23 B
276 B 190ms
79ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: pekko-http/1.1.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

x-user-geo: EU-WEST-1
cache-control: max-age=0, no-cache, no-store
x-timer: S1768395204.527085,VS0,VE18
x-check-cacheable: NO
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS
content-length: 23
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif
x-served-by: cache-lon4273-LON
server: pekko-http/1.1.0
x-cache-hits: 0
traffic-path: DUBDC2, LON, Europe

GET
H2 204 /
s.ad.smaato.net/c/ Frame FD78 0
66 B 144ms
61ms Image
text/plain 34.1.242.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1067&dspCookie=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.242.226 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 226.242.1.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
date: Wed, 14 Jan 2026 12:53:23 GMT
cache-control: no-cache, must-revalidate

GET
H2 200 5223577623818365213
match.contentexchange.me/adform/ Frame FD78 0
49 B 204ms
80ms Image
text/plain 91.185.218.28
MNSHA-AS Mainstre...

General

Check archive.org

Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5223577623818365213?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.185.218.28 , Slovenia, ASN51859 (MNSHA-AS Mainstream doo Beograd, RS),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 14 Jan 2026 12:53:23 GMT
server: nginx/1.24.0
content-length: 0

GET
H2 200 set_user_agent_id_mapping
cookie-matching.mediarithmics.com/v1/ Frame FD78 70 B
180 B 220ms
103ms Image
image/png 54.36.150.184
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://cookie-matching.mediarithmics.com/v1/set_user_agent_id_mapping?dom_token=adform25&identifier=5223577623818365213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.36.150.184 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip184.ip-54-36-150.eu

Software

Resource Hash

f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 70
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/png

GET
H2 200 xuid
eb2.3lift.com/ Frame FD78 37 B
140 B 186ms
97ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=5223577623818365213&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Wed, 14 Jan 2026 12:53:23 GMT
content-type: image/gif

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame FD78 35 B
99 B 559ms
275ms Image
image/gif 148.113.153.93
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=290&mapped=5223577623818365213
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.113.153.93 , Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns5020948.ip-148-113-153.net
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-type: image/gif
content-length: 35

GET
H2 200 /
onetag-sys.com/match/ Frame FD78 0
232 B 161ms
90ms Image
text/plain 51.89.9.251
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=220&uid=5223577623818365213

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
date: Wed, 14 Jan 2026 12:53:23 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD78 0
384 B 62ms
62ms Image
text/plain 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=5223577623818365213&agencyId=8619&advertiserId=2210830&src=tp&rnd=806715

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 14 Jan 2026 12:53:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 404 favicon.ico
bestaustralianonlinecasinos.gb.net/ 3 KB
2 KB 189ms
188ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bestaustralianonlinecasinos.gb.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4380dccef55f2333d94d3418ab8cf6f3bd33089c1b76b3fab6833984cd515881

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://bestaustralianonlinecasinos.gb.net/

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
content-encoding: zstd
cf-cache-status: MISS
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sV4BBP9XST0Xcz5S8JSxj72HRV3qeVfEy8rSh24rnEQ8%2BVWCHrlWbJeJHJqiORUjJKacU2seKj%2BZJqsLtgdkmsI01YVsAHUSYjDnvqHpSsobziawqE8Ujeqn1HzKI5o0"}]}
cf-ray: 9bdd46aa5cc5f65b-LHR
alt-svc: h3=":443"; ma=86400
date: Wed, 14 Jan 2026 12:53:24 GMT
content-type: text/html; charset=UTF-8
vary: accept-encoding
server: cloudflare

POST
H3 200 882c28f2-cdfe-448c-a570-71d8bf425374 Show response
api.hcaptcha.com/getcaptcha/ Frame FCE3 2 KB
3 KB 251ms
243ms XHR
application/octet-stream 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5beeea676064d0fa244af19f84f87f5fa90ebf371f2b47b2b8ad65d3067ecd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
accept: application/json, application/octet-stream
content-type: application/octet-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 9bdd46ab9bd76395-LHR
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:24 GMT
content-type: application/octet-stream
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=1,i

OPTIONS
H3 200 882c28f2-cdfe-448c-a570-71d8bf425374
api.hcaptcha.com/getcaptcha/ Frame 0
0 67ms
39ms Preflight 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/882c28f2-cdfe-448c-a570-71d8bf425374

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://newassets.hcaptcha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
alt-svc: h3=":443"; ma=86400
cf-ray: 9bdd46ab5a9e63b2-LHR
content-length: 0
date: Wed, 14 Jan 2026 12:53:24 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 challenge.js Show response
newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/challenge/image_label_area_select/ Frame FCE3 45 KB
11 KB 33ms
33ms Script
text/javascript 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/challenge/image_label_area_select/challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d319700d0f8e2c415c0ef58ff918634016494372cf458a93cc37e1a554dd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1d383c55b9ec95f1e2ff83d2ea5722fa"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:24 GMT
content-type: text/javascript
vary: Origin, accept-encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
cf-ray: 9bdd46ad3d7b6395-LHR
accept-ranges: bytes
content-length: 10992
server: cloudflare

GET
H3 206 c7ce0f6832cbd1b6b997fb1aab79db74f18cbcffacad93f7ea42dc2ebf81c504.webm
imgs3.hcaptcha.com/tip/265b25b07fba076a1246c1d386b266601ddc188d25b32d0e175dbba5e5be8e68/ Frame FCE3 55 KB
0 79ms
44ms Media
video/webm 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://imgs3.hcaptcha.com/tip/265b25b07fba076a1246c1d386b266601ddc188d25b32d0e175dbba5e5be8e68/c7ce0f6832cbd1b6b997fb1aab79db74f18cbcffacad93f7ea42dc2ebf81c504.webm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Thu, 15 Jan 2026 12:53:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:24 GMT
content-type: video/webm
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
Content-Range: bytes 0-229909/229910
cf-ray: 9bdd46adbe8dcd85-LHR
access-control-allow-origin: *
Content-Length: 229910
server: cloudflare

GET
H3 206 c7ce0f6832cbd1b6b997fb1aab79db74f18cbcffacad93f7ea42dc2ebf81c504.webm
imgs3.hcaptcha.com/tip/265b25b07fba076a1246c1d386b266601ddc188d25b32d0e175dbba5e5be8e68/ Frame FCE3 534 B
1 KB 36ms
36ms Media
video/webm 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://imgs3.hcaptcha.com/tip/265b25b07fba076a1246c1d386b266601ddc188d25b32d0e175dbba5e5be8e68/c7ce0f6832cbd1b6b997fb1aab79db74f18cbcffacad93f7ea42dc2ebf81c504.webm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a858b80891f0b599135571d4ec4b20ff0834ee7e281f3690876bdbea1cb1722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Range: bytes=229376-

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Thu, 15 Jan 2026 12:53:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:24 GMT
content-type: video/webm
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
Content-Range: bytes 229376-229909/229910
cf-ray: 9bdd46ae4eeccd85-LHR
access-control-allow-origin: *
Content-Length: 534
server: cloudflare

GET
H3 206 c7ce0f6832cbd1b6b997fb1aab79db74f18cbcffacad93f7ea42dc2ebf81c504.webm
imgs3.hcaptcha.com/tip/265b25b07fba076a1246c1d386b266601ddc188d25b32d0e175dbba5e5be8e68/ Frame FCE3 193 KB
0 39ms
39ms Media
video/webm 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://imgs3.hcaptcha.com/tip/265b25b07fba076a1246c1d386b266601ddc188d25b32d0e175dbba5e5be8e68/c7ce0f6832cbd1b6b997fb1aab79db74f18cbcffacad93f7ea42dc2ebf81c504.webm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Thu, 15 Jan 2026 12:53:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 14 Jan 2026 12:53:24 GMT
content-type: video/webm
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
Content-Range: bytes 32768-229909/229910
cf-ray: 9bdd46ae7f2bcd85-LHR
access-control-allow-origin: *
Content-Length: 197142
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newassets.hcaptcha.com
URL: blob:https://newassets.hcaptcha.com/528fd244-bb9c-45d9-abff-584c3bfc8223

Domain: newassets.hcaptcha.com
URL: blob:https://newassets.hcaptcha.com/38b3267b-7743-4847-9ae4-9c8d36d089fb

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1

Verdicts & Comments Add Verdict or Comment

13 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bestaustralianonlinecasinos.gb.net/	1970-01-21 11:56:27	Name: ts Value: d
.hcaptcha.com/	1970-01-21 11:13:17	Name: __cf_bm Value: HPx5XcxIcY_u5dDZ72fw_vb2C59U.F2rNMuxbfMo2DY-1768395202-1.0.1.1-WTWsecjtdBLcOkE_6Xh1_zHoiKRP7MULuIXnAjpGKuIRKF5Y0DslzK4xVN4UMvtlrd.w2fXcw90CcNVgMQ_HmCu_g7r0VTGsGur5BKNGVMI
.adform.net/	1970-01-21 11:57:53	Name: C Value: 1
.adform.net/	1970-01-21 12:39:39	Name: uid Value: 5223577623818365213
.adform.net/	1970-01-21 11:14:41	Name: CM Value: 1%7C1
.adform.net/	1970-01-21 11:33:24	Name: CM14 Value: 1768481603_1768395203_1768395203_1_Hu7u4e4e4R4eAeAREREeEREREA
.seadform.net/	1970-01-21 12:39:39	Name: uid Value: 5223577623818365213
.casalemedia.com/	1970-01-21 19:58:51	Name: CMID Value: aWeRw7mqPyEANzBJAw7ncAAA
.casalemedia.com/	1970-01-21 13:22:51	Name: CMPS Value: 4321
.casalemedia.com/	1970-01-21 13:22:51	Name: CMPRO Value: 4321
.weborama.fr/	1970-01-21 20:39:10	Name: AFFICHE_W Value: RhJYzAqRmD5G46
.audrte.com/	1970-01-21 11:34:51	Name: arcki2 Value: mke0uftm-XeOGRkGoS0m9nKKDS9M4ww-ad!20210107!1768395203482!ip#146.70.179.39
.audrte.com/	1970-01-21 11:34:51	Name: arcki2_adform Value: 5223577623818365213!20210107!1768395203482
.fwmrm.net/	1970-01-21 15:32:27	Name: _uid Value: umv1adb_7595278833753633488
cm.adsafety.net/	1970-01-21 19:58:51	Name: UID Value: CM12026011412305dc7054889a0e58a5
.adsafety.net/	1970-01-21 19:58:51	Name: cm_uid Value: CM12026011412305dc7054889a0e58a5
.adfarm1.adition.com/	1970-01-21 13:22:51	Name: UserID1 Value: 7595199563336186222
.demdex.net/	1970-01-21 15:32:27	Name: demdex Value: 83083109244094583822923911231138847767
.exelator.com/	1970-01-21 14:06:03	Name: EE Value: "7bce25f4bf19e676cad88e2745feb44e"
.w55c.net/	1970-01-21 20:43:29	Name: wfivefivec Value: z2miTFk91VG0nh5
.doubleclick.net/	1970-01-21 20:34:51	Name: IDE Value: AHWqTUk3-9NNHJlQE9W10hLOi7fIyKA8h81H2Bw0A-JxnzOgVWKGbSnDhx7Kp_UcKXk
.semasio.net/	1970-01-21 19:58:51	Name: SEUNCY Value: A75F5ED6152F2EFB
.audrte.com/	1970-01-21 11:34:51	Name: arcki2_ddp2 Value: mke0uftm-XeOGRkGoS0m9nKKDS9M4ww-ad!20210107!1768395203631
.dpm.demdex.net/	1970-01-21 15:32:27	Name: dpm Value: 83083109244094583822923911231138847767
.w55c.net/	1970-01-21 11:56:27	Name: matchadform Value: 5
.exelator.com/	1970-01-21 14:06:03	Name: ud Value: "eJxrXxzq6XKLQcE8KTnVyDTNJCnN0DLVzNwsOTHFwiLVyNzENC01ycQkdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDEeEl%252BUWb6InenxUUpaQyLSopPBZ%252B95wkA3DQrLg%253D%253D"
.eyeota.net/	1970-01-21 11:13:15	Name: SERVERID Value: 23670~DM
ads.smartstream.tv/	1970-01-21 19:58:51	Name: DID Value: 019d5730ed57a8e570959c06e7396380
ads.smartstream.tv/	1970-01-21 19:58:51	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 19:58:51	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-21 11:56:27	Name: cm_uid Value: CM12026011412305dc7054889a0e58a5
cm.adsafety.net/	1970-01-21 19:58:51	Name: permanent Value: 1
cm.adsafety.net/	1970-01-21 19:58:51	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaeGcxRXJvVDRlMHkvbHY2ckJNY0p2bXllUzFSc2FSaEpmdFBIV2F6MWZQSHozTlRNNVVnaGRBTzF2dFZQV1E2aTVSY1o2N21xZmtmTkZ5R3l1M21pSmQ2THViS1RxcnhlaVRIUTc1ME9MQVhpemJrYjkzTXJOa3dZOUwzVzM1cmxmc0E5THBaTTVPckE2YVhKZDUyQkxDQ2RDY0tQS2FTRjlralpyY2hSdGRsbkJ1ZnZ0UGZraFNpL2paN3hOdXZxdmpLelpQMmU5bFI0WHVtQkNYQXJnbWdWUTRHN1VTUC9JUm54a3k2aEMwaEl6YjloNklmQXpYT0RMZWdqL29CeVdBOFY2aGtRNlRkeXhVY3pnWm9FNC9BWDhnMk03NEthZllnL21UVWVESk1NeVFFUjgvcUczbFNvZEdFWGtyWFZ0Rnh1VlVvZGhmTHJ0UzZKK0dhWWlOeGpMd1NGWUpnTWM0L0xiWXkrQmlvWmJNWXZITGpLWlhTWlZKUDM3K3ZaVlZtVy93U1hZOHloTUxyWDJnMGVzWWdjeXgwZE5EcUovYnRuQld1OEpEazBBYWh5Um5CcEVHUENYU3kyUlRnOVo0TkpSU2hMK2FpZ1pBdjFveWpVWVVXR3ZHN1FpNDMxMGo1QmI1L1Uxb3A%3D
api.hcaptcha.com/	1970-01-21 11:56:27	Name: hmt_id Value: 3bb21cd2-1852-4e50-ad7c-6368034072ad

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html#frame=challenge&id=0ddsbfyvhgcs&host=bestaustralianonlinecasinos.gb.net&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&andint=off&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&theme=light&origin=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net Message: [GroupMarkerNotSet(crbug.com/242999)!:A0404D0034070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://newassets.hcaptcha.com/captcha/v1/6e937500c6861f1c062311c9544857646f7e58aa/static/hcaptcha.html#frame=challenge&id=0ddsbfyvhgcs&host=bestaustralianonlinecasinos.gb.net&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&andint=off&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=882c28f2-cdfe-448c-a570-71d8bf425374&theme=light&origin=https%3A%2F%2Fbestaustralianonlinecasinos.gb.net Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D04D0034070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5223577623818365213 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=5223577623818365213 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=28&cid=CM12026011412305dc7054889a0e58a5&gdpr_consent=&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bestaustralianonlinecasinos.gb.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1423b96ed942.w.hcaptcha.com
a.audrte.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
api.hcaptcha.com
bd7a81301987.w.hcaptcha.com
bestaustralianonlinecasinos.gb.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cookie-matching.mediarithmics.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
imgs3.hcaptcha.com
js.hcaptcha.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
newassets.hcaptcha.com
onetag-sys.com
pdw-adf.userreport.com
pixel.onaudience.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
sync.crwdcntrl.net
sync.teads.tv
synchroscript.deliveryengine.adswizz.com
token.rubiconproject.com
uipglob.semasio.net
user-sync.fwmrm.net
x.bidswitch.net
newassets.hcaptcha.com
secure.adnxs.com
103.231.98.109
104.18.12.205
104.18.13.205
104.18.26.193
104.19.229.21
104.19.230.21
142.250.185.66
148.113.153.93
15.197.193.217
151.101.130.132
162.19.138.120
178.32.197.56
18.159.138.131
18.173.205.12
18.245.46.103
188.114.96.3
193.135.9.114
217.79.178.236
3.120.214.218
3.69.181.174
34.1.242.226
34.102.136.131
34.98.64.218
35.190.24.218
35.210.130.15
35.214.136.108
35.244.174.68
37.157.2.13
37.157.2.235
37.157.2.250
50.16.197.56
51.89.9.251
52.16.129.226
52.209.249.220
54.36.150.184
54.78.254.47
63.181.100.46
63.34.36.31
69.173.144.139
76.223.111.18
77.243.51.121
85.114.159.93
88.221.170.40
91.185.218.28
0c865700b5d84da26eaa5f0236e1d8af8997da75574a3cdb26d725818119f6d3
22d319700d0f8e2c415c0ef58ff918634016494372cf458a93cc37e1a554dd5e
2bafc2fd806f2e21f938455dc7b99f058b809bae0421974fcc5b172b749e0bcb
2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38dcdaa76e2dace4d5d625e160cfcb30a74d5f5e8bd0715b2d3fcff5eeda531d
4380dccef55f2333d94d3418ab8cf6f3bd33089c1b76b3fab6833984cd515881
4405ccb16c230df808dfbc330e78341e12abac1c6aad61f59eb29592ef5ac6c8
4a858b80891f0b599135571d4ec4b20ff0834ee7e281f3690876bdbea1cb1722
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5304f6304b810992dc8f906fe7e9f98feeb36b8356efd27ea2e871223c5f15e5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34
5beeea676064d0fa244af19f84f87f5fa90ebf371f2b47b2b8ad65d3067ecd88
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7c129a27bd0bceb20c5ad1eeee0b47874ea5d05f90eaaafadd7b06e7e29be41b
8001d90f55d669cb67244e608a2ef77f01f77fc6a6561278002c7899f4b973f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b68fcaebef30a80fc8c0616a73fb1da199abc3df706989cc364edd7dc7a7df21
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c008b109645c3f1c3dbbc611197d3ae3477bcaf0d5ab5c27156a42a54f77067b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

bestaustralianonlinecasinos.gb.net Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

76 %HTTPS

0 %IPv6

40 Domains

49 Subdomains

35 IPs

12 Countries

657 kBTransfer

2572 kBSize

34 Cookies

4 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

bestaustralianonlinecasinos.gb.net Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

76 %
HTTPS

0 %
IPv6

40
Domains

49
Subdomains

35
IPs

12
Countries

657 kB
Transfer

2572 kB
Size

34
Cookies

58 HTTP transactions
3 data transactions