Submitted URL: http://offshorereviews.com/
Effective URL: https://www.offshorereviews.com/
Submission: On December 21 via api from US — Scanned from DE

Summary

This website contacted 22 IPs in 7 countries across 24 domains to perform 100 HTTP transactions. The main IP is 2606:4700:20::ac43:47c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.offshorereviews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 17th 2022. Valid for: a year.
This is the only time www.offshorereviews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
2 32 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 12 142.251.208.98 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 72.251.249.13 32475 (SINGLEHOP...)
1 2 51.89.9.254 16276 (OVH)
1 2 142.250.180.198 15169 (GOOGLE)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 18.158.238.72 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
1 1 69.173.144.165 26667 (RUBICONPR...)
3 3 213.19.147.44 26120 (RHYTHMONE)
1 2a00:1450:400... 15169 (GOOGLE)
100 22
Apex Domain
Subdomains
Transfer
32 offshorereviews.com
offshorereviews.com
www.offshorereviews.com
755 KB
26 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
ad.doubleclick.net — Cisco Umbrella Rank: 161
69 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
308 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
205 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
490 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2338
207 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
94 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6041
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
partner.googleadservices.com — Cisco Umbrella Rank: 830
18 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
576 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
459 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1546
350 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
711 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
863 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12945
555 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 29316
609 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
713 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
463 B
100 24
Domain Requested by
31 www.offshorereviews.com 1 redirects www.offshorereviews.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
11 googleads.g.doubleclick.net www.googleadservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com www.offshorereviews.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 www.google.com 2 redirects www.offshorereviews.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2 sync.1rx.io 2 redirects
2 x.bidswitch.net 2 redirects
2 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 onetag-sys.com 1 redirects www.offshorereviews.com
2 ap.lijit.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.gstatic.com www.google.com
googleads.g.doubleclick.net
2 www.google-analytics.com www.offshorereviews.com
www.google-analytics.com
2 fonts.googleapis.com www.offshorereviews.com
googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.google.de www.offshorereviews.com
1 www.googleadservices.com www.offshorereviews.com
1 offshorereviews.com 1 redirects
100 33

This site contains links to these domains. Also see Links.

Domain
www.cryptoreviews.biz
www.facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-17 -
2023-05-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh

This page contains 12 frames:

Primary Page: https://www.offshorereviews.com/
Frame ID: 5D81A38F99A2A8919C7B5369F7A31A25
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 223C5CDC5EEED6EB93AADDEE129239A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Frame ID: 40981C3D2E17E72B674BB50F77B64A68
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Frame ID: B81A06D8CA2D510975FB7B1A5D12396E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&adk=1812271804&adf=3025194257&lmt=1671636261&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.offshorereviews.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261379&bpp=1&bdt=522&idt=321&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&nras=1&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=336
Frame ID: 41D807BA589EC29820656002B5D1B571
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C15D0D556A76122A105BC5CA8204AAE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D00AA6C1625B907F4110181398843923
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: A3055797FC2E5DA477F629A72232DDD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCB7EC3C51DEDF08EEA8946D239ADF74
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 541C0C104BA55CC8B62E5B4D194A6C7F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B22E1643ABCEBD4FD09D8563948F2FEE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B29631DC1F17A16F3C7034DC6FB8EDF
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Reviews of Businesses in the Offshore Banking Industry

Page URL History Show full URLs

  1. http://offshorereviews.com/ HTTP 301
    http://www.offshorereviews.com/ HTTP 301
    https://www.offshorereviews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

100
Requests

89 %
HTTPS

57 %
IPv6

24
Domains

33
Subdomains

22
IPs

7
Countries

1475 kB
Transfer

3237 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offshorereviews.com/ HTTP 301
    http://www.offshorereviews.com/ HTTP 301
    https://www.offshorereviews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://um.simpli.fi/gp_match?google_gid=CAESEDwM0C83gI0qYFwoYBH-FP0&google_cver=1&google_push=AavPq0Mrcerng1_KbB7Fe54IGACa66r1rXqTuKNUpRPJ2pH_b7a9o9YtbSqVObOWOvMN8sSL6JnnfPrCQfu3ZbCy_CqeKQQpgRcf9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3D2F7730C1C049C8810EEA83F6AC90D6&google_push=AavPq0Mrcerng1_KbB7Fe54IGACa66r1rXqTuKNUpRPJ2pH_b7a9o9YtbSqVObOWOvMN8sSL6JnnfPrCQfu3ZbCy_CqeKQQpgRcf9A
Request Chain 62
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDebUoInwImYQM45IpZd78o&google_cver=1&google_push=AavPq0NI80qgWMw78I2WHElxM4dh6lcWMPv_pW7xkYSZ-Fjp8UHL8A4F5IT28FxBStjOp3tNzBsDh3g4jd3PKeRyrl9Hs2j5S26-RA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NI80qgWMw78I2WHElxM4dh6lcWMPv_pW7xkYSZ-Fjp8UHL8A4F5IT28FxBStjOp3tNzBsDh3g4jd3PKeRyrl9Hs2j5S26-RA&google_hm=Yi5OUQSATR6Vpg6NbZLt9qY
Request Chain 63
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEETYL6_JQxrsvkOlMAGgBwQ&google_cver=1&google_push=AavPq0OELAnWUaWjhbPR3IAVTnMa9aqSMvZFLQXsIvXcBfBJsk1qmTPiXMyatPTJbPKwpQaM_HOM4Ls0GARNF1I4CpmWW6GNiuFgkA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jvufbPWBQjy4feCsIoYi0A2&google_push=AavPq0OELAnWUaWjhbPR3IAVTnMa9aqSMvZFLQXsIvXcBfBJsk1qmTPiXMyatPTJbPKwpQaM_HOM4Ls0GARNF1I4CpmWW6GNiuFgkA
Request Chain 64
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL2TG7yXrEZuPh96h_ODW3g&google_cver=1&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDMun9LVfCRxkL0Q HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL2TG7yXrEZuPh96h_ODW3g&google_cver=1&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDMun9LVfCRxkL0Q&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDMun9LVfCRxkL0Q&google_hm=F2o8qGZH55wzGzdXTXmspMb4
Request Chain 65
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKLrUzXeihBqLnCD3z-K3jY&google_cver=1&google_push=AavPq0P1NABi8NwMYJqQDUeelAt4VjmRbg9VFdC5eQ0PZMDU_BtLqp4Gupo5MUoZJnpfVge_La2t32evyMxvlIop4tiENaeBwHhWLAc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0P1NABi8NwMYJqQDUeelAt4VjmRbg9VFdC5eQ0PZMDU_BtLqp4Gupo5MUoZJnpfVge_La2t32evyMxvlIop4tiENaeBwHhWLAc HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 76
  • https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK_jnq2Ci_wCFVm4ewodLO4HXA;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
Request Chain 83
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAbVt1P3ogsJgsHAAd1SvMw&google_cver=1&google_push=AavPq0MAtGVo-ppYtiyhxCJUvGEch0LWLN7CbHf3rrpWAQ1MBNCjR6mAAsuHHILOsGQCvCmnnQnet-0eQv7xlHSyzCNFinN2HnnrvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MAtGVo-ppYtiyhxCJUvGEch0LWLN7CbHf3rrpWAQ1MBNCjR6mAAsuHHILOsGQCvCmnnQnet-0eQv7xlHSyzCNFinN2HnnrvQ
Request Chain 84
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK5nRuMexI6bG0jHjAm0FLs&google_cver=1&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEK5nRuMexI6bG0jHjAm0FLs&google_cver=1&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw&google_hm=ix5nS0OhTkmBoYV3m21I7Q==
Request Chain 85
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAIZzGR7_Dt8wh0p8-FobzA&google_cver=1&google_push=AavPq0ORYgoJAE8nYLuteqjgVufQC6HaX30aNc-pQqDxvwVl4RUPpf-TFi_DsbNhhUBOzqYje05umBftavXSR01kMz85ol3dLF9_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0ORYgoJAE8nYLuteqjgVufQC6HaX30aNc-pQqDxvwVl4RUPpf-TFi_DsbNhhUBOzqYje05umBftavXSR01kMz85ol3dLF9_&google_hm=eS00NG1kWHJSRTJwRWpua052eWt0OEN6T0xmLkJxNFJKNn5B
Request Chain 87
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENWSdimGYjg8II-0tMzlI1o&google_cver=1&google_push=AavPq0M57MYGvwW-6gdjpOY2K6RxK3JlCS5mtxrwm-rFnfaDUSQsa3lIESaoKV-_UL4ytsk0CRJ88RUB7Q7uIjGTUtkEj1FRSbdRxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYVDJKTlctUC04RjVS&google_push=AavPq0M57MYGvwW-6gdjpOY2K6RxK3JlCS5mtxrwm-rFnfaDUSQsa3lIESaoKV-_UL4ytsk0CRJ88RUB7Q7uIjGTUtkEj1FRSbdRxg
Request Chain 88
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJwa3h2zdTsfZPwNz64ctfI&google_cver=1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671636263195 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-afb8a4e3-c662-4d5f-9851-1e6549cf91f7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ%26google_hm%3DA6-4pOPGYk1fmFEeZUnPkfc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ&google_hm=A6-4pOPGYk1fmFEeZUnPkfc
Request Chain 90
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

100 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.offshorereviews.com/
Redirect Chain
  • http://offshorereviews.com/
  • http://www.offshorereviews.com/
  • https://www.offshorereviews.com/
44 KB
7 KB
Document
General
Full URL
https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
426af2feeed66fca859c7d81943b16d35ea83a3e418185c74cc4e669dea65bb0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
77d19fc4ba6a918e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 21 Dec 2022 15:24:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHAQ2aCELg2ji3sg09wcsbclN%2FgOX0IwfI72E%2BSOTx297%2FLAhhLpQxrAmy092U1Bj6HBNRewc8ZjFbKQ0Z0HEAFWc0hMjv9GRFDZ0R9cjqzzAbKELQKhKO%2BsiRrJ%2FdwkaUjOEVE%2FFyCpR%2FqkxUTHJwz9zdRl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
77d19fc38c369963-FRA
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Dec 2022 15:24:20 GMT
Location
https://www.offshorereviews.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaN8%2BWf8SjGyYQzg1SQqojnhrcwsCKHzF%2FUolePehkLpWua7AIXg3e4za%2B2Z6R%2FkFhihEvES7nCm9EmKtwD1fV2AKp4KCjQaVi5qZsf8MrwNKgqsby5Aim3bX8ribZd6%2FwQUkmxCT%2FgcAgyMZ6wOhcEJTdO1"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
ASP.NET
css
www.offshorereviews.com/site/
455 KB
72 KB
Stylesheet
General
Full URL
https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90c26c64e380876c218d8d6730fb3fa2250502cc1f844fe0026077f13ee97abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Dec 2022 15:24:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sJOmRi1Zr72YQTE2oSzOragQl%2Figg8uBpTLUHNB5nQ63PDaXWq8BdQDFMcLE1xbJ28%2BVXM%2B%2BWUfxHEGw6Z4M2NCt4rLVoJmrWgm%2BBkWplWWcL4X0fCj2FRHV0lxWzA4Vnhv%2FujxnxKYeYasNgeZmzBJkgHO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public
cf-ray
77d19fc65e73918e-FRA
expires
Thu, 21 Dec 2023 15:24:20 GMT
select2.css
www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/select2/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/select2/select2.css
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
142f7e1fabfef01648ecc9c5bc2f3fb5fd4519f95f2e1ac5b156ae8b5a7885b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:17:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
W/"803cbc3496ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGIdbHni%2FSLYK3eHkCAKSkMynZlTRPfw97mbkckPoAMQSIohUPgP0BrGwxKKUJFByGeAtkJ8eD2k1T3NY9EVEQnxJp9ML%2B1SEqk9h0GgLQ7R468gkFffpXWBjM8e53gr1XnS3YEr%2BAOHu6RyJqtqaG6NnPWu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77d19fc65e7e918e-FRA
plugins.css
www.offshorereviews.com/Areas/Admin/Content/assets/global/css/
51 KB
9 KB
Stylesheet
General
Full URL
https://www.offshorereviews.com/Areas/Admin/Content/assets/global/css/plugins.css
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d7b0ea0f449ddf3513752a72a7760cd2c6ee71d86b0ba85d069821ed9b18be82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:13:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
W/"015aaa895ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E8GYvSt04zLN45R78%2B8bQLfOUreFZSv4piI%2FvuMBhPgatbPDE9IlMH7PLbVgIshko40vSWpyPeYNW%2BLbr%2BmO0zWp1BXWYK5NH0BpI96TF6at7CNFRZYX6GP4FA75e5inhft68PRcKm2DAQj6hv6XMckgwA7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77d19fc65e80918e-FRA
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9d2bd2d90cbbedd8ea3df2e4245824c56ed26823c9abe4b1062af79f853b6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 15:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 14:28:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Dec 2022 15:24:20 GMT
conversion.js
www.googleadservices.com/pagead/
45 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 15:24:20 GMT
api.js
www.google.com/recaptcha/
850 B
965 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Wed, 21 Dec 2022 15:24:20 GMT
logo.png
www.offshorereviews.com/Content/images/
4 KB
4 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/logo.png
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
83987c9b57335cce8880ced16dbc8e4702991297d74a10d49d986c89d1879e44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:18:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
"74373a5896ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xz2pXgp%2BYBDzm8YrkoiJwFiRo5Mf5gRT4zenTXiTukbBT6tYXYXUdIxe4a9OGwJUVSBI8NB6ZD4rDcpxh8V%2F3dEiBY77kfC5YjsRQoTYT2AsATPcCqWTug3GPctwl8ecCA6XEkS7Ijgj%2Buzco%2FoJ4aierL9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7898d918e-FRA
content-length
4145
bitcoin.png
www.offshorereviews.com/Content/images/
4 KB
4 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/bitcoin.png
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66f91d4c4cc871cf19f98e5e01102b2d60f9bbea9c68a434905e14981b4eaab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2017 09:36:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
"568acaf9770d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2BmTrMD%2BLYa32fTlNskBnYFld93evOe%2B1TrY1x3qz12U1X03kUvG2ztYfp%2B9Cp5d5TxHuZIdk0gZBH5P5f7pG9Rz5nM0VliuqpqW5jD7RYkkXIDErcFViyyTth4Ci%2BZ6wVX%2F%2BEKZcI2%2FSlqumVmXq%2BPEPi9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7898e918e-FRA
content-length
3743
307af4c56c7649ea8fef4ca1eeb50780.jpg
www.offshorereviews.com/Content/images/CategoryImage/
16 KB
17 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/307af4c56c7649ea8fef4ca1eeb50780.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4166bc7d5a8728c40319d4e43416ac32bcd8fe79222583f405097041c48371aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
16565
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"8c528d5b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpNg%2Brdhs%2Ffuodp4w31G7RVrO%2FHscvf510N50bTL8Y7S8vV%2Btg10edVdYQ2aLZMG0rNbtLIL8UtAD%2BYCkWKOFKPvZyuJO4hO28WqD2ufv%2BghZTfaPWQYpCqaWVpDSftGnIVaQh5vE1GulQc0z5GkCA%2F0pO8r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc789c9918e-FRA
94ee04fabc104abe9e97f14c3b874351.jpg
www.offshorereviews.com/Content/images/CategoryImage/
12 KB
13 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/94ee04fabc104abe9e97f14c3b874351.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
112d44be760a177a894750a0a768d93420fdbbee4128ecc04bb7600412acc187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
12725
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"3618b15b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ykdeQZAkviGNsSjAQt8WhDDJkJ9M0nQPqEy1XQfeSX62eB0gnSXTaR6%2BhdXrub9BgJl%2BSZppoo%2FM03V7OXeMx%2FCPJ%2FI6kh%2FZ0x%2BqhTng1Bh%2FcVW2p8zVQf6kjshAi%2Bgz8yqdriFUDDz%2FpfePnQJbGEuoX45"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc789cd918e-FRA
835a0052125a4ee0b2db298c8edb4afb.jpg
www.offshorereviews.com/Content/images/CategoryImage/
11 KB
11 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/835a0052125a4ee0b2db298c8edb4afb.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a90243140a0a5cb3d97bc8c11b46cd28b4f178bb7e921f0a0cbfa614e3ff9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
11028
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"cf279e5b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRufIlpDItc%2FrzrPPcXy9l9L9BSj%2FvdWC3w0yY%2BViLhIukq7uCCVB2GdD0HSUh0Lza5tMtTTTfEsuRltTK6vlI2QuxROYZitViJqB5xhTRn%2BmnF15ctJGaog7%2BpZZBCse%2Fc8KRmCCtouDJODhPoU96AWiFyL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc789ce918e-FRA
713f457543f143b29c3c5ce8ecd45426.jpg
www.offshorereviews.com/Content/images/CategoryImage/
13 KB
13 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/713f457543f143b29c3c5ce8ecd45426.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1ec1bc15ec8debe4d3102160cf90918c7ae8b36765ffd742590532d171941f93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
12898
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"9fdb965b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iij2VJs4lvLP%2FcIACwtXohvIercTb%2FQZqj9g%2FuJBW5C1VgWOwCZKadi2Alw8nhmqK0%2FkwZUlb%2FHKqpA86V93Lia9ohiknMpNGJfvPKTFG%2BVf6N0%2FsPRNeH6xf1HyZbFqW5XtXsjBoUIMDPZrfgUk1bZO3eDj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc789d2918e-FRA
9eb4bb73002b429ca3adbebedf00b1ca.jpg
www.offshorereviews.com/Content/images/CategoryImage/
7 KB
8 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/9eb4bb73002b429ca3adbebedf00b1ca.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f220c054c4e19e5ebcf03bd1e85b8505792f1af753ce7701c5e26e384506b9bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
7651
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"a3ab85b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EFgMvVaWEgk6wWGoj6Jf8NU1tt10b7Bp9D3SDUECtEQk%2BPEjY56qACWPzUlYM0G2vcP%2BPre3PKYeC%2BLwStHgsBFiB9%2BenJB8SYcujr1Eefnoq%2FVI606b3MFYDBo9vKeWWAYEzAvUbUm02XBbC891t2wZ6Ue"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9e9918e-FRA
3c68df8c45c446d6b24555e8375e6ddc.jpg
www.offshorereviews.com/Content/images/CategoryImage/
11 KB
11 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/3c68df8c45c446d6b24555e8375e6ddc.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1cc38d1457ac75f0feb505e5eb39e34478743b3e32a9966b4bd22f2e842687df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
11229
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"6817925b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k67%2FM90N7jVITOK5x9A%2B21dfbaewH5Exg1Y7kQznJnxwUfY7vC9wc7h6ti%2B6%2Fg1uA46K3youKjFj%2F%2F3qTFRhs3c4Z3iJG7Aje0IArxS6avgQxrA%2BseHShE9WGTTfW9zv7uvKfMs6Bct%2FGkBrofiiOkSVmxmi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9ec918e-FRA
2342905a06504b2c8f48f582bc944480.jpg
www.offshorereviews.com/Content/images/CategoryImage/
9 KB
9 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/2342905a06504b2c8f48f582bc944480.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d9265171c1f0b31caa0caf55f5a676bffd46dff14661b8982783ad2fe14b4742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
8918
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"d497885b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTf7jO8GqHTN82IjPiLUVeU7mhAKcPBeGf8kc1gKFy7nqzklIFFjtE6Vc87i080idnSdSehtaIWjBRdAf5pbJhqBm7PHLbykulEUcymRZhPXtecyVWZKluFUSoQcAT2VM8x%2FPYgiDACIbFAVyrjtNHrqYGrc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9ef918e-FRA
39ff355215e549debb0a6d42f48d17a5.jpg
www.offshorereviews.com/Content/images/CategoryImage/
6 KB
6 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/39ff355215e549debb0a6d42f48d17a5.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
79d331a9d423a3654a83509e0a5b3deb9f6a05e2974308229ef402073d2ab78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
6009
cf-bgj
h2pri
last-modified
Mon, 11 Sep 2017 22:28:55 GMT
server
cloudflare
etag
"6eeb675a4d2bd31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B4QQ51NYlrwI4v8OCkO6eZ%2BWAeoaYeFTo0uB7XOybwby3QXsJk6C1A4jwlmvAVzkblpgCLtYwPnxRcevuGWKnM1pfe3Q%2F2Nc6DWI27IMPklxPt0SvNxbBaR13Y69PMrPWEVxo9EcjALpvoR4xXQBGEjzUnQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9f2918e-FRA
f84007f4fee84685a078d38cc9fa7362.jpg
www.offshorereviews.com/Content/images/CategoryImage/
12 KB
12 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/f84007f4fee84685a078d38cc9fa7362.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
375e898ce4999dfd221595a0ec737273e247cbfa4b114e378388d55964e95e0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
11924
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:22 GMT
server
cloudflare
etag
"11c3c15b96ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydtHvrhO4mJdejr672D2t1CcUFmI0bJPr184J0QmdP%2BrI9W9feAMxlvd45XVGMDBY39dO7Q0JWCsT66tAemwKIoexmEtY4ULUnMksicg%2Be5D0iwBUTDL7rEnyyITaqD0G7f1hcH3vMI%2BtWnl97fIlF6reBQI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9f5918e-FRA
24cb8c8833ba41c68929c47632cc0e40.jpg
www.offshorereviews.com/Content/images/CategoryImage/
19 KB
19 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/24cb8c8833ba41c68929c47632cc0e40.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7f71bbf7e36c6b93b11435c47acaec92443c23f272e77d9d178e391aa9589c8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
19070
cf-bgj
h2pri
last-modified
Wed, 14 Aug 2019 22:04:04 GMT
server
cloudflare
etag
"f3b5f42fec52d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXTlAsQHQ7krNukAe2IWO2mdJtE%2F%2FSLv7vSoQ8dOjvx6I8IACQ6PmhUe33pzx%2BhqixjzSn9nTLWEdtoWAiBQo7Kco5tODpjTJDjk0OB06GkQahVqriHW7M0jheHWfvsMDKFBc4oIjiNeVTsJ1jOZl2nRMBaR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9f7918e-FRA
6cad9720094b467dbb29041f9e45c5e9.jpg
www.offshorereviews.com/Content/images/CategoryImage/
227 KB
228 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/CategoryImage/6cad9720094b467dbb29041f9e45c5e9.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
12359b1692009ec38028c13a6584cdfbcaa09bc53c0710746fa3956b5a097e03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
232367
cf-bgj
h2pri
last-modified
Wed, 14 Aug 2019 22:37:28 GMT
server
cloudflare
etag
"8e8918daf052d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6R4G0KO0Ug57ksgqxgMGYkZFNByII84cRkWPeYFFAFRd6cLb7bqj00AQ6afAw3jh1sqbDHkDamYGQmL3ahNCXX2f0uXZ0Osba8PVaDdWHcpiSNtj27r0TKEqKgyJ0Ku60f%2B0sz1sgyGOrCx8pjfzQmprZ%2Bak"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7a9fb918e-FRA
rating1.png
www.offshorereviews.com/Content/images/
1 KB
2 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/rating1.png
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4fcb83fd2efdf1d7d069f9a681ba10569dd05f2117b99ed0972714aaa2cc6872

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
"414c25896ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjJhizba9Yp6eQN4QBq7P%2BEB59haV1NpGKznXOXgzBMvh5wD668vS7U7inkVkaAx9Zh9CAiepc8UvhCLti5e01SubtnAg%2F0LzAewj6%2BJGT0sNuvGk%2FSa2ofS3BwbNAARbhaagtKJdjKCGH0Xiz6dGG%2FMQn1j"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7aa00918e-FRA
content-length
1219
js
www.offshorereviews.com/Scripts/
140 KB
47 KB
Script
General
Full URL
https://www.offshorereviews.com/Scripts/js?v=Jb58g4lgTvC-Y6KdF_NLFS_wsF9-XbYLil4TC6iInKQ1
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6e0c4b8663cb161b157cbe54f2356a115ce93c63be8929af156f7cb4899385e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Dec 2022 15:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxhlX%2FZTmZArydX1jYvV%2BLiFB7Bqtvb1CvX1WOAgcbcnx%2FoJmTttOuww85CX%2B5AqntsIF%2FnTHl%2B2X8Adqj1uGTqoBFZox8flCXWOnwh6a6fZn6NCEb2XKMBBfC39eyRy8JN06mk63WXJvxXUxXqo0D3hyaY9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public
cf-ray
77d19fc748b9918e-FRA
expires
Thu, 21 Dec 2023 15:24:21 GMT
select2.min.js
www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/select2/
64 KB
19 KB
Script
General
Full URL
https://www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/select2/select2.min.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8b54c7c7b788a31d600674d86decd7f27b5a7503c08ada71724ac82b0ab5a988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:17:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
W/"0d3543596ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQD8ewITfnoBi0bTBshi56sq%2BxxOfAENDGQUMRc0n7EPq4y4tVT1qi8iEV2v51N62GYceL7SAdaQbJuraME3aDNYE7b36M%2BOfDDPJu656wRTkNCeH%2BNwNVWcJb8JkhMi0x7qfPxRsjU45duAyZRiXNVOYuZC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77d19fc7792e918e-FRA
jquery.validate.min.js
www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/jquery-validation/js/
21 KB
7 KB
Script
General
Full URL
https://www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/jquery-validation/js/jquery.validate.min.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:16:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
W/"0d6102196ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5UVUztm56Jnm%2BbIQ6A8mOdlZMrrzEuycKD89UFkcDtIsVOReOq9s9TYCr%2BkwEpgYJOLTNgl%2F6UrLNCC7gRhj%2F6y7XIS61vw%2BoeB2t9fo3ipx4EaspW%2FfztJo12nwrU1qiGwGZpRI7MtApnvHrZh3z7JmgBE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77d19fc78984918e-FRA
additional-methods.min.js
www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/jquery-validation/js/
17 KB
5 KB
Script
General
Full URL
https://www.offshorereviews.com/Areas/Admin/Content/assets/global/plugins/jquery-validation/js/additional-methods.min.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:16:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
W/"0d6102196ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMNId9D3Y%2FNINc%2BhyAHHD7cbQ7ERyHX%2Bysxa7LIW7utWH2rx07FTzi1xdtyheFQBPh%2FiyHWoPDs9%2FDV9aV6HStGrle5YrSHEGI9e%2FGyG94%2FTfxwzsW77rD8lueCEnWm%2FVuZxUi8WGVIC%2Bbs81ciaVwPHw9x0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77d19fc78987918e-FRA
form-validation.js
www.offshorereviews.com/Scripts/
3 KB
1 KB
Script
General
Full URL
https://www.offshorereviews.com/Scripts/form-validation.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9b02f1085eeccf91c6876551661f3b42ed251a64d5591216364a35964861a27b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
W/"0e3b29496ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI8ia97KSItXyVp68xXXpLAEtVcTlp%2F3i1J2u1dGOb4ZOh3OKizYrIpmsSH2KfOj4IrUpWx8lopToxTS4zD2UdzhfNWpF4cVd0tncqzNHexVEFybQZL%2FIXEMNX562KDQVnJCYSyxF4mm8PwmaeyHOayxwgil"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77d19fc78989918e-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52fb734365969c9611601d2510dca9e7032b3c0196c99a7344d6cb9b8d486e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49348
x-xss-protection
0
server
cafe
etag
8820372997168748798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 15:24:21 GMT
jquery.newsTicker.js
www.offshorereviews.com/Scripts/
13 KB
3 KB
Script
General
Full URL
https://www.offshorereviews.com/Scripts/jquery.newsTicker.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
467677b04db9bf365425a8022b211f84d0f265af3fa7cdbc98090e49b07b0ccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2017 06:40:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
W/"077e74a266fd31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Fk8ygKAIUEDmQpaOHkW5%2BP0B20QPVcIn6gVVQvNsjc79AqlTZiw%2Fj2mDoy8rsjEFRWRWuST7tacLmsJ4H1gH0Sw%2Byx6%2FfuTMAzVB1PVs5WjLXZV7XAmPAychOHNusZaFLF66U8qrJZLn35O2lmR8lQAMh4n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77d19fc7898a918e-FRA
fancybox_loading@2x.gif
www.offshorereviews.com/Content/images/
14 KB
14 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/fancybox_loading@2x.gif
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
73b27f9aeb7bc6ee3c4bd20742382f015efd89981a3706d2a29a50867849629c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:18:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
"745abe5796ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMCV%2F3Nn5%2Bf4H4oGzqarVUs98uJ0F7kCcl7pg%2FauKoq8IgcS3hIVGW%2B80EcCyWczFvfr4HFsuE6FNvL6PMO8n7UCU4bbVellbMKvvP8dDIoxENq5Jk0Dl9H2OeSmQioNPWpX7g0qQJ8RZ1KwsJfehGx2SF1f"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7aa04918e-FRA
content-length
13984
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 14:27:21 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3420
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 21 Dec 2022 16:27:21 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/872399373/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/872399373/?random=1671636261038&cv=9&fst=1671636261038&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.offshorereviews.com%2F&tiba=Reviews%20of%20Businesses%20in%20the%20Offshore%20Banking%20Industry&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce9e485c8a9f619263c2a97498fe42204b0024c8bd44b30d06a124940a6ed74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
943
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/
407 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.offshorereviews.com/
Origin
https://www.offshorereviews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 15:32:05 GMT
search-bg.png
www.offshorereviews.com/content/images/
967 B
1 KB
Image
General
Full URL
https://www.offshorereviews.com/content/images/search-bg.png
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0495a0cf06be69868e25582dab934bf5e5634e43edc1b96e437fb3ee14c571ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
"b8e8d95896ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F9WEzZ%2FD4iTIWxf5Sj3A0X%2BmhDW1voc42zTAlNq15ooFQzNcN0TKhjxFEpRSr1tQO9gJ9hYb9lYBoGdbTI3GteeuwcpL5Q8%2BT6uU26VevmqVNEtmw8Tc54WrhPE6ZMMvzCmTFDQrn3AT57FgdG0tteKzEGz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7aa07918e-FRA
content-length
967
fontawesome-webfont.woff
www.offshorereviews.com/fonts/
82 KB
82 KB
Font
General
Full URL
https://www.offshorereviews.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer
https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Origin
https://www.offshorereviews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:18:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
W/"126d3b6496ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJZCMwkVkDPq%2ByX9YR9S2DnNaBfhe2ti5DxGn70dD0VNyqwUBzVqLvkH6iVwf96LwMS6KIn78JPegA70QKdwNqIfv%2FAJ9KIVF%2FKhcsQ76mSXr1apMPXGxlKImHa8TWXgSRS%2BXKYrRkgw0PntkHDi84rMlb4S"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
cache-control
max-age=14400
cf-ray
77d19fc7aa08918e-FRA
border.jpg
www.offshorereviews.com/content/images/
1 KB
2 KB
Image
General
Full URL
https://www.offshorereviews.com/content/images/border.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
641293bbdbc3baaf6ff8b210425bd7dd26209668708b5323c83bfc974aa3d784

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
1247
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:15 GMT
server
cloudflare
etag
"e95a875796ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWXKK9bQu4%2BQ%2Bj4LDaBBTlc6FkijrOPMUpiRlbBCZTrMZjHQrBq0DcPVKrPa0HijUskThqTkIlr8wmS2pX3Z22N9k81OzhwpgoDAjfESrDILnxizIAsZX8RlCOsym8z1OgnYU6xPgzQlMdcKHsJr0mxWU2YW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7aa2a918e-FRA
rating.png
www.offshorereviews.com/Content/images/
1 KB
2 KB
Image
General
Full URL
https://www.offshorereviews.com/Content/images/rating.png
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a655bb3bca3c61d6566496c565bf8872aed17eca41a10747803212c37d786c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2017 07:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
116
etag
"154cbd5896ad31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA7cU3%2BJQOgAbQ7ooRsyTGFs0ZXjqt03OiR3Kk%2FlVtlet6dW8w07F0Ql0mhoQsH9LEbWjnKTxJqlx8kngXgzysgwlMI%2BEwT0ptWficfqxUxTYbkAXDfxgfP%2FxSiK6JJJrGB4%2BExFeaGX%2Bg44HDe8mJN%2BjEvU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7ca55918e-FRA
content-length
1267
newsletter_bg.jpg
www.offshorereviews.com/content/images/
121 KB
122 KB
Image
General
Full URL
https://www.offshorereviews.com/content/images/newsletter_bg.jpg
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23d06f67febf173f359ef1db72c8511305490ac417e134e8bbd005c6b35c561b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/site/css?v=3kKGzDZqajTAok-TM7DKN3LPse4M4ju3EaoJNZX-k601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116
x-powered-by
ASP.NET
content-length
124029
cf-bgj
h2pri
last-modified
Tue, 01 Aug 2017 07:18:16 GMT
server
cloudflare
etag
"4879485896ad31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Du7JT4tIL0k%2Fd%2FSKonlHQwEYAtc1JQqnjVYeVzpX0f6poLfFx3ODgX9XjG9FOPqZaHi8GEupsHMhgxaoWBiRcW1Diy1CM91wX1Zl3Pg7u9NA1DqaIZwb6nQNN43zJw38v0Bh2hpBPoIF9bY1rG3rkepK8e%2Fa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77d19fc7ca57918e-FRA
collect
www.google-analytics.com/j/
4 B
215 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=401665651&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offshorereviews.com%2F&ul=en-us&de=UTF-8&dt=Reviews%20of%20Businesses%20in%20the%20Offshore%20Banking%20Industry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1168371144&gjid=736263667&cid=469923382.1671636261&tid=UA-71257035-1&_gid=844994700.1671636261&_r=1&_slc=1&z=582230056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.offshorereviews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.offshorereviews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/872399373/
42 B
327 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/872399373/?random=1671636261038&cv=9&fst=1671634800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.offshorereviews.com%2F&tiba=Reviews%20of%20Businesses%20in%20the%20Offshore%20Banking%20Industry&fmt=3&is_vtc=1&random=1574513272&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/872399373/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/872399373/?random=1671636261038&cv=9&fst=1671634800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.offshorereviews.com%2F&tiba=Reviews%20of%20Businesses%20in%20the%20Offshore%20Banking%20Industry&fmt=3&is_vtc=1&random=1574513272&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71257035-1&cid=469923382.1671636261&jid=1168371144&gjid=736263667&_gid=844994700.1671636261&_u=IEBAAEAAAAAAACAAI~&z=1305921095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.offshorereviews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 21 Dec 2022 15:24:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.offshorereviews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 223C
10 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.offshorereviews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-length
9772
content-type
text/html; charset=ISO-8859-1
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:49:39 GMT
etag
10353107486223812946
expires
Wed, 04 Jan 2023 07:49:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/
356 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
926277a34899cd4c8f87e0f9f1c24f14a42d1ccb45c75bca0da764c32573dbfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119959
x-xss-protection
0
server
cafe
etag
126126194237215957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 15:24:21 GMT
cookie.js
partner.googleadservices.com/gampad/
405 B
703 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.offshorereviews.com&callback=_gfp_s_&client=ca-pub-1750301943075978&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfc0df4076e845f5705184bebb515861b53113ad071d52466c5fad392ffe4d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.offshorereviews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.offshorereviews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4098
83 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e81040f1ee073da82fe508a52b4760ff6a1a223f2055ccfffb0e75d95159f89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.offshorereviews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
24863
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:22 GMT
expires
Wed, 21 Dec 2022 15:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B81A
74 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d5bb2c595da8b8781bbce38467b8e4ecb4c301ee9e1163b3aa0e982c94e7f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.offshorereviews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30917
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:22 GMT
expires
Wed, 21 Dec 2022 15:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 41D8
0
20 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&adk=1812271804&adf=3025194257&lmt=1671636261&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.offshorereviews.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261379&bpp=1&bdt=522&idt=321&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&nras=1&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.offshorereviews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:21 GMT
expires
Wed, 21 Dec 2022 15:24:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
18299460882403644152
tpc.googlesyndication.com/simgad/ Frame B81A
34 KB
35 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18299460882403644152?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmo3EN4DJZ_BFWM3S6NWg4O38mGMg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3143981b0975bcc0e3b7663ffc1c661bbed7f53083d6aef28335f94403e568e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:22 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35063
x-xss-protection
0
last-modified
Wed, 26 May 2021 10:26:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 15:24:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B81A
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B81A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B81A
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:31 GMT
l
www.google.com/ads/measurement/ Frame B81A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHYURVyH8VmJO5ORJSG7C5zUuhr7utSw5TsFAnbBuiqIfrw1OVggaGh5Qiptq-lFPuGreRjLuDu2ay2l2pu4obLQk6xg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B81A
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:24:22 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B81A
34 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 08:23:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
25270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13740
x-xss-protection
0
server
cafe
etag
2612990788289469886
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:23:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B81A
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLtqXJSWjY-WwLMLZtweD_7ywB-r-mPtii__U95IO29keEAEg7auROWCV4pCCoAegAZXQo7YCyAECqQKuL8_2r86xPqgDAcgDyQSqBNoBT9CB_9taH7QmOsiBMfQRrWVE1qUl0zK-ZHSGJv3UMpxoGT_UQd64ObcfPs5jHIQDLdGVew4v3EtPdlHqkRjE7czl_vVDtV0YyUnKQWZ-EeTP-vNdnygxU3VXTm-UXOk8dR5eCEP3vkqKYiY0Z-W7_5vx2uk0FGwuEKqlR2QQwCPDwBMpQ4Of5pvUPNEexpAogyYV6VMRK5sebusBPVtwBaB2y-LI7NFKqq6RLoDgVK-9EHXw13SErIqzRTE9iPBOusj7w7FIQMjythxoxVoGX21YjsQLkA-4szrABNiNhaHLA5IFBAgEGAGSBQQIBRgEoAYCgAfTr9zJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP75BtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTE3NTAzMDE5NDMwNzU5NzgYAA&sigh=BqQsOEyxwdU&uach_m=[UACH]&cid=CAQSKQDq26N9lA77ItaPtg-ZK7jVq9z-lN_OD1l_Oetq6KgiI1sm1T5esvb5GAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 21 Dec 2022 15:24:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3C15
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1015
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D00A
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:49:12 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:49:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B81A
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaea90106a5983c20339a373a3c2ffd49e3c6f41e7be910e19dfa86265057b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame D00A
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELsZAOAMcFQvmGNvPPMvNZo&google_cver=1&google_push=AavPq0MhXYdp4bqIF7AkrpIuNQIY_RBj949ilslqLgfpuEi-760AVK5KI1TR48xuYNp0JnGGUUKVuXoiiQbCk1jzP5zoK5upE3Rq9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame D00A
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIDeS71cpb0uazxLXAvquoA&google_cver=1&google_push=AavPq0NQzfd628H6ryZT1EhJGy0tyh0Ot1L1zNnM9qBqdcQf5_2BdiIPoPhkatHF6n6beeWwGhsGGzLDX6VO2qX9-f8lQ0dQNBqo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D00A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDwM0C83gI0qYFwoYBH-FP0&google_cver=1&google_push=AavPq0Mrcerng1_KbB7Fe54IGACa66r1rXqTuKNUpRPJ2pH_b7a9o9YtbSqVObOWOvMN8sSL6JnnfPrCQfu3ZbCy_CqeKQQpgRcf9A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3D2F7730C1C049C8810EEA83F6AC90D6&google_push=AavPq0Mrcerng1_KbB7Fe54IGACa66r1rXqTuKNUpRPJ2pH_b7a9o9YtbSqVObOWOvMN8sSL6JnnfPrCQfu3ZbC...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3D2F7730C1C049C8810EEA83F6AC90D6&google_push=AavPq0Mrcerng1_KbB7Fe54IGACa66r1rXqTuKNUpRPJ2pH_b7a9o9YtbSqVObOWOvMN8sSL6JnnfPrCQfu3ZbCy_CqeKQQpgRcf9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Dec 2022 15:24:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3D2F7730C1C049C8810EEA83F6AC90D6&google_push=AavPq0Mrcerng1_KbB7Fe54IGACa66r1rXqTuKNUpRPJ2pH_b7a9o9YtbSqVObOWOvMN8sSL6JnnfPrCQfu3ZbCy_CqeKQQpgRcf9A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 20 Dec 2022 15:24:22 GMT
pixel
cm.g.doubleclick.net/ Frame D00A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDebUoInwImYQM45IpZd78o&google_cver=1&google_push=AavPq0NI80qgWMw78I2WHElxM4dh6lcWMPv_pW7xkYSZ-Fjp8UHL8A4F5IT28FxBStjOp3tNzBsDh3g4jd3...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NI80qgWMw78I2WHElxM4dh6lcWMPv_pW7xkYSZ-Fjp8UHL8A4F5IT28FxBStjOp3tNzBsDh3g4jd3PKeRyrl9Hs2j5S26-RA&google_hm=Yi5OUQSATR6Vpg6NbZ...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NI80qgWMw78I2WHElxM4dh6lcWMPv_pW7xkYSZ-Fjp8UHL8A4F5IT28FxBStjOp3tNzBsDh3g4jd3PKeRyrl9Hs2j5S26-RA&google_hm=Yi5OUQSATR6Vpg6NbZLt9qY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NI80qgWMw78I2WHElxM4dh6lcWMPv_pW7xkYSZ-Fjp8UHL8A4F5IT28FxBStjOp3tNzBsDh3g4jd3PKeRyrl9Hs2j5S26-RA&google_hm=Yi5OUQSATR6Vpg6NbZLt9qY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D00A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEETYL6_JQxrsvkOlMAGgBwQ&google_cver=1&google_push=AavPq0OELAnWUaWjhbPR3IAVTnMa9aqSMvZFLQXsIvXcBfBJsk1qmTPiXMyatPTJbPKwpQaM_HOM4Ls0GARNF1I4...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jvufbPWBQjy4feCsIoYi0A2&google_push=AavPq0OELAnWUaWjhbPR3IAVTnMa9aqSMvZFLQXsIvXcBfBJsk1qmTPiXMyatPTJbPKwpQaM_HOM4Ls0GARNF1I4CpmWW6GNiuFgkA
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jvufbPWBQjy4feCsIoYi0A2&google_push=AavPq0OELAnWUaWjhbPR3IAVTnMa9aqSMvZFLQXsIvXcBfBJsk1qmTPiXMyatPTJbPKwpQaM_HOM4Ls0GARNF1I4CpmWW6GNiuFgkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Dec 2022 15:24:22 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=jvufbPWBQjy4feCsIoYi0A2&google_push=AavPq0OELAnWUaWjhbPR3IAVTnMa9aqSMvZFLQXsIvXcBfBJsk1qmTPiXMyatPTJbPKwpQaM_HOM4Ls0GARNF1I4CpmWW6GNiuFgkA
x-host
tde-deliveryengine-production-769c9db745-slnsm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D00A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL2TG7yXrEZuPh96h_ODW3g&google_cver=1&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDM...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL2TG7yXrEZuPh96h_ODW3g&google_cver=1&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDMun9LVfCRxkL0Q&google_hm=F2o8qGZH55wzGzdXTXms...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDMun9LVfCRxkL0Q&google_hm=F2o8qGZH55wzGzdXTXmspMb4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 21 Dec 2022 15:24:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0O_UdfcCDH8NkAylGppLIonqsf6yrkcJJfk1NkgBONGUgm2rIKYT2SbvUejIRINRooS_s09JlU3eDpQtHlDMun9LVfCRxkL0Q&google_hm=F2o8qGZH55wzGzdXTXmspMb4
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame D00A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKLrUzXeihBqLnCD3z-K3jY&google_cver=1&google_push=AavPq0P1NABi8NwMYJqQDUeelAt4VjmRbg9VFdC5eQ0PZMDU_BtLqp4Gupo5MUoZJnpfVge_La2t32evyMx...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0P1NABi8NwMYJqQDUeelAt4VjmRbg9VFdC5eQ0PZMDU_BtLqp4Gupo5MUoZJnpfVge_La2t32evyMxvlIop4tiENaeBwHhWLAc
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.offshorereviews.com
URL: https://www.offshorereviews.com/
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D00A
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDmbuEiAKAmm1tj9sz0on4ThLz7KzIY7bdYyPqkg97XobPuzDJ9KPWrtOt77JIycG1G0YmZg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C15
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:22 GMT
expires
Wed, 21 Dec 2022 15:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:22 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame A305
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=6031745646&adk=1081403803&adf=1165513757&pi=t.ma~as.6031745646&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261378&bpp=1&bdt=522&idt=315&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=446992551879&frm=20&pv=1&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9vyD4Bd9Re&p=https%3A//www.offshorereviews.com&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 15:36:17 GMT
css
fonts.googleapis.com/ Frame 4098
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 15:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 14:44:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Dec 2022 15:24:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4098
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4098
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4098
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4098
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
49552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:38:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4098
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:24:23 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 4098
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 01:38:32 GMT
B25164142.293005005;dc_pre=CK_jnq2Ci_wCFVm4ewodLO4HXA;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/ Frame 4098
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK_jnq2Ci_wCFVm4ewodLO4HXA;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid...
43 B
64 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK_jnq2Ci_wCFVm4ewodLO4HXA;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CK_jnq2Ci_wCFVm4ewodLO4HXA;dc_trk_aid=486104933;dc_trk_cid=142452121;ord=999993405;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4098
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpX9YJSWjY9jYK5qitwe-8ZTIBNvvl4VumdCpltgM29keEAEg7auROWCV4pCCoAegAZTW7tUDyAEBqAMBqgTUAU_Q8Ahs5q85CgB9mkHkY0sLbsTPsLR3QfWYgMQg5-SLr4hl2ELImTtxPB0Lel3kPl9MbFojxI4UtT7voLMEvRrwNU7qMdlVc5Bk5ebzz7eixxhZtGpZzh1nd1QI2VZhmZq0ynXjHUt2yg1gqY0Fj3cDO-gltEYiaMfRKD68WHXeiiyet0emuHcOvwrl7Kdg7RWdm7x7O0EExgyj-XbnKDvT3y6ufLDW4NcZqVgmmreUlHFh2q6JnpX-FeVJgxM3oj4uy-k_UiBIhPD8LhrQ8hyvul0FwASEnOC7ugOSBQQIBBgBkgUECAUYBIAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEP_N3gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNzUwMzAxOTQzMDc1OTc4GAA&sigh=8kCCLiFO7o4&uach_m=[UACH]&cid=CAQSKQDq26N9BsXEhTxhLoPrirBia1SBK-xoknnf2fv-Sgy_Ucn-p-SloaeNGAEgEw&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 21 Dec 2022 15:24:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/13949630039595074571/ Frame 4098
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13949630039595074571/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8cdb3d5483b3e94c0ec7a37ad6d0c2efe5985ec59d4ac70768f5f6bab94b3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:11:26 GMT
x-content-type-options
nosniff
age
202377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2096
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 15:27:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 07:11:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BCB7
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 541C
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:49:12 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:49:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4098
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
416d357726417254c48fb1dce5add1db72a63724f4c10ddc3558d17032298c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 541C
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPb2JSWVAp7PYbfPKy9LiGU&google_cver=1&google_push=AavPq0OkALyDSTgWZ6EWmp3yNlO8lpOebCq2KrNqldZ9bEXM9VMqHcz0LWRGA4G740L5tW2H4jcPITXkcwGbRv5KwIZNgI2Htyg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 541C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAbVt1P3ogsJgsHAAd1SvMw&google_cver=1&google_push=AavPq0MAtGVo-ppYtiyhxCJUvGEch0LWLN7CbHf3rrpWAQ1MBNCjR6mAAsuHHILOsGQCvCmnnQnet-0eQv7xlHSy...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MAtGVo-ppYtiyhxCJUvGEch0LWLN7CbHf3rrpWAQ1MBNCjR6mAAsuHHILOsGQCvCmnnQnet-0eQv7xlHSyzCNFinN2HnnrvQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MAtGVo-ppYtiyhxCJUvGEch0LWLN7CbHf3rrpWAQ1MBNCjR6mAAsuHHILOsGQCvCmnnQnet-0eQv7xlHSyzCNFinN2HnnrvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 21 Dec 2022 15:24:23 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MAtGVo-ppYtiyhxCJUvGEch0LWLN7CbHf3rrpWAQ1MBNCjR6mAAsuHHILOsGQCvCmnnQnet-0eQv7xlHSyzCNFinN2HnnrvQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 21 Dec 2022 15:24:22 GMT
pixel
cm.g.doubleclick.net/ Frame 541C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK5nRuMexI6bG0jHjAm0FLs&google_cver=1&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_q...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEK5nRuMexI6bG0jHjAm0FLs&google_cver=1&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw&google_hm=ix5nS0OhTkmBoYV3m21I7Q==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw&google_hm=ix5nS0OhTkmBoYV3m21I7Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw&google_hm=ix5nS0OhTkmBoYV3m21I7Q==
date
Wed, 21 Dec 2022 15:24:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 541C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAIZzGR7_Dt8wh0p8-FobzA&google_cver=1&google_push=AavPq0ORYgoJAE8nYLuteqjgVufQC6HaX30aNc-pQqDxvwVl4RUPpf-TFi_DsbNhhUBOzqYje05umBftavXSR01kMz85ol3...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0ORYgoJAE8nYLuteqjgVufQC6HaX30aNc-pQqDxvwVl4RUPpf-TFi_DsbNhhUBOzqYje05umBftavXSR01kMz85ol3dLF9_&google_hm=eS00NG1kWHJSRTJwRWpua0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0ORYgoJAE8nYLuteqjgVufQC6HaX30aNc-pQqDxvwVl4RUPpf-TFi_DsbNhhUBOzqYje05umBftavXSR01kMz85ol3dLF9_&google_hm=eS00NG1kWHJSRTJwRWpua052eWt0OEN6T0xmLkJxNFJKNn5B
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Dec 2022 15:24:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0ORYgoJAE8nYLuteqjgVufQC6HaX30aNc-pQqDxvwVl4RUPpf-TFi_DsbNhhUBOzqYje05umBftavXSR01kMz85ol3dLF9_&google_hm=eS00NG1kWHJSRTJwRWpua052eWt0OEN6T0xmLkJxNFJKNn5B
content-length
0
dds
rtb.openx.net/sync/ Frame 541C
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELgleaSiESIDlUrYfuMMmBM&google_cver=1&google_push=AavPq0OjN7C8_5ZcNlLPkf_EpCBT-mmc5mE3kRzG_2ZvOgP4WrlSyKs9n77KodUrbYVKJ6IupwAMEJUxpep-ZoW5PqhnHnaTiNefzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
deuag59cb661afvumr6baqsueepksdlt
pixel
cm.g.doubleclick.net/ Frame 541C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENWSdimGYjg8II-0tMzlI1o&google_cver=1&google_push=AavPq0M57MYGvwW-6gdjpOY2K6RxK3JlCS5mtxrwm-rFnfaDUSQsa3lIESaoKV-_UL4ytsk0CRJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYVDJKTlctUC04RjVS&google_push=AavPq0M57MYGvwW-6gdjpOY2K6RxK3JlCS5mtxrwm-rFnfaDUSQsa3lIESaoKV-_UL4ytsk0CRJ88RUB7Q7uIjGTUtkEj1FRSbdRxg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYVDJKTlctUC04RjVS&google_push=AavPq0M57MYGvwW-6gdjpOY2K6RxK3JlCS5mtxrwm-rFnfaDUSQsa3lIESaoKV-_UL4ytsk0CRJ88RUB7Q7uIjGTUtkEj1FRSbdRxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJYVDJKTlctUC04RjVS&google_push=AavPq0M57MYGvwW-6gdjpOY2K6RxK3JlCS5mtxrwm-rFnfaDUSQsa3lIESaoKV-_UL4ytsk0CRJ88RUB7Q7uIjGTUtkEj1FRSbdRxg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 541C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-afb8a4e3-c662-4d5f-9851-1e6549cf91f7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MKUqCIAYKxRO0QVi8Pe...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ&google_hm=A6-4pOPGYk1fmFEeZUnPkfc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ&google_hm=A6-4pOPGYk1fmFEeZUnPkfc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKUqCIAYKxRO0QVi8PeQS77bJhEfCTyTBSZfi9ySyObJsBKIhKi1X9dG206NjYZKSw7sAe048Y27ICXI2hmUKKD67g145ZSQ&google_hm=A6-4pOPGYk1fmFEeZUnPkfc
date
Wed, 21 Dec 2022 15:24:23 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXafb8a4e3c6624d5f98511e6549cf91f7003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 541C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrMienR8mqrU_YF510jhoHqFW9jh4p12lfzUmqXWHcQx308zwmEH6vcKwjkHsAIHoBeds-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame BCB7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750301943075978&output=html&h=90&slotname=4555012441&adk=542552719&adf=1199968654&pi=t.ma~as.4555012441&w=728&lmt=1671636261&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.offshorereviews.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671636261374&bpp=4&bdt=518&idt=290&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=446992551879&frm=20&pv=2&ga_vid=469923382.1671636261&ga_sid=1671636262&ga_hid=401665651&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779794%2C44780792&oid=2&pvsid=1883890868047079&tmod=1838469102&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ix782dLaon&p=https%3A//www.offshorereviews.com&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:23 GMT
expires
Wed, 21 Dec 2022 15:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4098
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 17:04:17 GMT
x-content-type-options
nosniff
age
253206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:04:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bd86b1098a8086947d7fe2deb6dfa4b545f4624e52287faeb2ef7e721290cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11159
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1750301943075978&plah=www.offshorereviews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:24:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B22E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.offshorereviews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49550
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3B29
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a5424c752d0e9dd0189695cd11af19d7681f7fb3f53415ddcf5f35b7d6c4650
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iR3kMJxy2sYcTUQOEkHKPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.offshorereviews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-iR3kMJxy2sYcTUQOEkHKPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 15:24:23 GMT
expires
Wed, 21 Dec 2022 15:24:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 3B29
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1883890868047079&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame B22E
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 15:36:17 GMT
generate_204
tpc.googlesyndication.com/ Frame B22E
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?IbA1UA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:24:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1883890868047079&bg=!a2ilaCzNAAYgquz3AKo7ACkAdvg8WpR8hQm8GdkO7-d_9m1JKMShWmhOLL260BaRVh9L1aoxRYB9WQIAAABaUgAAAAJoAQeZAuijaY_X3kxBZON6XsvzejBPXqfLEjFZ9eloWXYALJlnWSRnIOLJLgidvKpzpqtPZD8RTmuHhb6hkcFxGo4LCY48jmLUri6hj_ugNWjnlqNO7toDEk5oVaVnnKkvlxPgT24flRWpRih4WPScaZua5qElnkCOs-NPtlwb3BWOS3HprO4ViND-vXuynJ8jO6vfMG-SAsMN-W2_ljSbA_vUQBTnudhgG2nJqmbjnLWibgS-ommvNBlArR97ATk1Uz_yaChKYB_4gIs8lwaywxaZpZ0VoaEwfOkSVQZnp3mCsZbSXdm1SV5AEKxomqHOuEhnhcHGygw4eL1sw2J1CaGGyMfF4u-81p9250jF6OddoQMtY_2ePfKd7kpy-FEE-DQDaDzDvq_y0k4g86r7iWt1QfTbzgusk_4jZZWZQX_rEB_sKM08yWj5Xdqci_lDs2iL_6Htb5eQG9B59p-otXWRyHme-DgAR5oPpBApMRFi8m_goXAE6CS-BKMNMzYCv1RUx8Xu8KwQVbYkRltAX2YKy5zgRUb4aMC4bakCFWXohsTklZsYcw7SV0Uq_QCxlvsEdlwiHg0m8jmUO3Kk5tXaM2NtkYoC96hL56aYFn2ndwRCqa7P6s2EVsCgyR3ujfUCHDEUykW250tOh-QcdSWVGYQqv89x6_KwiP2rIbz0gTLmzDDS5_AguHWCUs5Ou-CmnymM8_B5yrwAfO9FuqBM4kogdQJnKTyPFBx1kePimfkCmj6Fmr7SQJDf5XPb-kTE1E9SIhCNyQJ2KJVWt-k9XGrBm3y4E3VvX9NHvy-zccbAzNO3wMCoaKcM_e87Unqa26f5RZgG0r88qJwoE_712J_km1vxRgDCBzl7XNZS4lbvYloZG7pL9RzjZph7kuJmjxfppSZy0gIzSUkVzwaYRIs3J4fXfzi3OvP1foBIqe4YGyjJWTDXPFr6BzBvRvDU_b2BBuk99J0D5JMhq0JXz4MMMsfz25Vh_OU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.offshorereviews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 4098
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbASBxNX421ONbfa1CBzw1HsN3AWfUeg1HngLOoETD01mOE7PWRK9w4mMwyt4grfDbIkLRXe3P1KL2yti-xfFUoeF3493yDweYKzpLQ4VysTO9oI1exiFKcPo9gjhr6CKPqqVAZP1QSaiPhxAK3X21tTAvK7h7AVzurz6iR2g5F4RxRJCLqBKZ5BeOxD5KoOlNzUDXQBceBgqM2a1B7-qd4vw2ug0PEeJ2f-lqoKzYuchCRAYXJaFI3QCJERjgyVPjUUaD5GKQNFoq8xw4PoYu2r_n5GULhK4BVIwpJFPKO8fM_SxgC8D1k38yjfx59lXdjagFzvQ4qdCbtMT5pJXPT0ZatOFEoytJO5GFYIbadXHhkiCeCW-McffKRAQyB3KZFx8GPPAyK766cINEVqQEtPSB6VuxQh1idwbKjDyWn6PGZbDmh8cWvWmdgyjXItaM5cCvSfxH6kpyzbpsFklEqtPCJegL87FBvEdwx0Eddfs444h6SRq_5vqP324lra5TEIY-fEE0OaiDiqwwhpeyDnl5F0LYLUSyhE2zHobmNkzheZvxHhxYXsWTxtfjQDhwyQZBxdjKcwA2rAWTJI2KcHoR0eLU_pqura-dmSOqPQhThVHZrCqbh5so_7k-fpThQW78aZKk5qRqmrVvuCN6Vg9bcczZXe1yF-IooB0pwMS2g90HI3iH8Om69flTf9b6TynJ3LKnZ1u232KDBeAeObLDswV8EQUXWOD46nNGCeN2lSRbsqxkz9lfpYCyf4bkOsnzCquwA5dSL88TI6mmjwQMeazgmWX6ih2QVqUdf2hm46UIAtlyaFzSfTUqIkjcLW3pe_PRpRs9lARR7PnJMz5fNAgEJhQU6gQbcU-pS_sPYPiqfNEKAEbDOlp5FAaYF9pKUrWFPI6irBjxEnWZQ5u2p1L2qo1lhzEI-Bl8NJe50zvWO5C5v5qTybc2wXkecIEjXInLer2Oen-cTndIpf9lHWKibVK40y0&sai=AMfl-YRqBNN28DzTuHAJEty7w4riBRVCJkdka8oP70Iudx74W3jUTLnXyJ2oMBLUWppgU7SNHZgMMjRRqt8XZThb3Tc7HT7TOylvu1lnG_4DgBK67kV7OntNju4&sig=Cg0ArKJSzFR2pO8KcNaUEAE&cid=CAQSKQDq26N9BsXEhTxhLoPrirBia1SBK-xoknnf2fv-Sgy_Ucn-p-SloaeNGAEgEw&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=542552719&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671636261687&rpt=1663&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 15:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| jQuery111306196405840632602 object| Select2 object| FormValidation function| isValidEmailAddress object| nodes object| adsbygoogle object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ string| google_user_agent_client_hint object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| recaptcha function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
.offshorereviews.com/ Name: _ga
Value: GA1.2.469923382.1671636261
.offshorereviews.com/ Name: _gid
Value: GA1.2.844994700.1671636261
.offshorereviews.com/ Name: _gat
Value: 1
.offshorereviews.com/ Name: __gads
Value: ID=38058d35a3782b34-221b5da134da0038:T=1671636261:RT=1671636261:S=ALNI_MaS3m-OIpr_stUVO6mPnFCnf1OnMw
.offshorereviews.com/ Name: __gpi
Value: UID=00000b95bbfbf2b7:T=1671636261:RT=1671636261:S=ALNI_MYTZyDexRGeJhtoC7QYJPk3aE7Gow
.quantserve.com/ Name: d
Value: EFEBCQHuJ4EA
.quantserve.com/ Name: mc
Value: 63a32526-9d404-2a0fd-34287
.lijit.com/ Name: ljt_reader
Value: F2o8qGZH55wzGzdXTXmspMb4
.simpli.fi/ Name: suid
Value: 3D2F7730C1C049C8810EEA83F6AC90D6
.ctnsnet.com/ Name: cid_622e4e5104804d1e95a60e8d6d92edf6
Value: 1
.ctnsnet.com/ Name: gid_CAESEDebUoInwImYQM45IpZd78o
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%228EFB9F6C-F581-423C-B87D-E0AC228622D0%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUmpd20sL_xLNKPuVd4EDVFt7789JhbdPPvt00bP1k7CSnas2AXsW-tjv6al1to
.mathtag.com/ Name: uuid
Value: 1ae963a3-2527-4700-b6b4-f5df213968ec
.mathtag.com/ Name: mt_mop
Value: 4:1671636263
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-afb8a4e3-c662-4d5f-9851-1e6549cf91f7-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-afb8a4e3-c662-4d5f-9851-1e6549cf91f7-003%22%7D
.bidswitch.net/ Name: tuuid
Value: 8b1e674b-43a1-4e49-81a1-85779b6d48ed
.bidswitch.net/ Name: c
Value: 1671636263
.bidswitch.net/ Name: tuuid_lu
Value: 1671636263
.bidswitch.net/ Name: google_push
Value: AavPq0NEyjVbeZAtlVoyOX7pvOGObTMHorrg4U3gTszIZz64mcpqw4eTo4snGsQ3J-L2MXk5eFXrroYlEF7ZkJKvE-_qt2W7GyIRbw
.yahoo.com/ Name: A3
Value: d=AQABBCclo2MCEJfVWFxvvtzkJ_4A59mXqw0FEgEBAQF2pGOtYwAAAAAA_eMAAA&S=AQAAAk2CgteKmQUYyXy8JFOBHN4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
offshorereviews.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rtb.openx.net
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.offshorereviews.com
x.bidswitch.net
142.250.180.198
142.250.186.34
142.251.208.98
18.158.238.72
185.29.132.245
213.19.147.44
2606:4700:20::ac43:47c1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c06::9c
2a00:1450:400d:807::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2003
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:73b0:e4e3:666c:f4d
34.91.62.186
35.186.193.173
35.190.0.66
35.227.252.103
51.89.9.254
69.173.144.165
72.251.249.13
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0495a0cf06be69868e25582dab934bf5e5634e43edc1b96e437fb3ee14c571ba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
112d44be760a177a894750a0a768d93420fdbbee4128ecc04bb7600412acc187
12359b1692009ec38028c13a6584cdfbcaa09bc53c0710746fa3956b5a097e03
142f7e1fabfef01648ecc9c5bc2f3fb5fd4519f95f2e1ac5b156ae8b5a7885b4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1cc38d1457ac75f0feb505e5eb39e34478743b3e32a9966b4bd22f2e842687df
1ec1bc15ec8debe4d3102160cf90918c7ae8b36765ffd742590532d171941f93
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
23d06f67febf173f359ef1db72c8511305490ac417e134e8bbd005c6b35c561b
2a655bb3bca3c61d6566496c565bf8872aed17eca41a10747803212c37d786c1
2a90243140a0a5cb3d97bc8c11b46cd28b4f178bb7e921f0a0cbfa614e3ff9a5
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798
2d5bb2c595da8b8781bbce38467b8e4ecb4c301ee9e1163b3aa0e982c94e7f8d
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
375e898ce4999dfd221595a0ec737273e247cbfa4b114e378388d55964e95e0c
4166bc7d5a8728c40319d4e43416ac32bcd8fe79222583f405097041c48371aa
416d357726417254c48fb1dce5add1db72a63724f4c10ddc3558d17032298c95
426af2feeed66fca859c7d81943b16d35ea83a3e418185c74cc4e669dea65bb0
467677b04db9bf365425a8022b211f84d0f265af3fa7cdbc98090e49b07b0ccf
4a5424c752d0e9dd0189695cd11af19d7681f7fb3f53415ddcf5f35b7d6c4650
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcb83fd2efdf1d7d069f9a681ba10569dd05f2117b99ed0972714aaa2cc6872
52fb734365969c9611601d2510dca9e7032b3c0196c99a7344d6cb9b8d486e70
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641293bbdbc3baaf6ff8b210425bd7dd26209668708b5323c83bfc974aa3d784
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
66f91d4c4cc871cf19f98e5e01102b2d60f9bbea9c68a434905e14981b4eaab5
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd86b1098a8086947d7fe2deb6dfa4b545f4624e52287faeb2ef7e721290cd7
6e0c4b8663cb161b157cbe54f2356a115ce93c63be8929af156f7cb4899385e5
73b27f9aeb7bc6ee3c4bd20742382f015efd89981a3706d2a29a50867849629c
79d331a9d423a3654a83509e0a5b3deb9f6a05e2974308229ef402073d2ab78a
7f71bbf7e36c6b93b11435c47acaec92443c23f272e77d9d178e391aa9589c8c
83987c9b57335cce8880ced16dbc8e4702991297d74a10d49d986c89d1879e44
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8b54c7c7b788a31d600674d86decd7f27b5a7503c08ada71724ac82b0ab5a988
90c26c64e380876c218d8d6730fb3fa2250502cc1f844fe0026077f13ee97abe
926277a34899cd4c8f87e0f9f1c24f14a42d1ccb45c75bca0da764c32573dbfa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b02f1085eeccf91c6876551661f3b42ed251a64d5591216364a35964861a27b
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9d2bd2d90cbbedd8ea3df2e4245824c56ed26823c9abe4b1062af79f853b6a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8cdb3d5483b3e94c0ec7a37ad6d0c2efe5985ec59d4ac70768f5f6bab94b3c6
bfc0df4076e845f5705184bebb515861b53113ad071d52466c5fad392ffe4d1c
ce9e485c8a9f619263c2a97498fe42204b0024c8bd44b30d06a124940a6ed74d
d7b0ea0f449ddf3513752a72a7760cd2c6ee71d86b0ba85d069821ed9b18be82
d9265171c1f0b31caa0caf55f5a676bffd46dff14661b8982783ad2fe14b4742
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
e3143981b0975bcc0e3b7663ffc1c661bbed7f53083d6aef28335f94403e568e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81040f1ee073da82fe508a52b4760ff6a1a223f2055ccfffb0e75d95159f89f
eaea90106a5983c20339a373a3c2ffd49e3c6f41e7be910e19dfa86265057b90
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f220c054c4e19e5ebcf03bd1e85b8505792f1af753ce7701c5e26e384506b9bb
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f