lawyer.gogandul.com Open in urlscan Pro
2606:4700:3035::6815:5322 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lawyer.gogandul.com/
Submission: On March 21 via api (March 21st 2024, 11:50:52 am UTC) from US — Scanned from US

Summary HTTP 86 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 86 HTTP transactions. The main IP is 2606:4700:3035::6815:5322, located in United States and belongs to CLOUDFLARENET, US. The main domain is lawyer.gogandul.com.
TLS certificate: Issued by E1 on February 4th 2024. Valid for: 3 months.

This is the only time lawyer.gogandul.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3035::6815:5322	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2004	15169 (GOOGLE) (GOOGLE)
1	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
2	2607:f8b0:400... 2607:f8b0:4006:807::201b	15169 (GOOGLE) (GOOGLE)
2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
86	14

16 2606:4700:3035::6815:5322 (United States)

ASN13335 (CLOUDFLARENET, US)

lawyer.gogandul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::201b (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	572 KB
16	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	75 KB
16	gogandul.com lawyer.gogandul.com	134 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	117 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	99 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 storage.googleapis.com — Cisco Umbrella Rank: 696	28 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
1	8proof.com 8proof.com — Cisco Umbrella Rank: 107094	112 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	97 KB
86	10

	Domain	Requested by
16	lawyer.gogandul.com	lawyer.gogandul.com
15	tpc.googlesyndication.com	pagead2.googlesyndication.com lawyer.gogandul.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
15	pagead2.googlesyndication.com	lawyer.gogandul.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	lawyer.gogandul.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	lawyer.gogandul.com googleads.g.doubleclick.net
2	www.googleadservices.com
2	storage.googleapis.com	srcdoc
1	8proof.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	lawyer.gogandul.com
86	14

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.idtheme.com

Subject Issuer	Validity	Valid
gogandul.com E1	`2024-02-04` - `2024-05-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-16` - `2025-02-07`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://lawyer.gogandul.com/
Frame ID: 3A46BA52DB5E7094183CBFF24C89EBBC
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7828187356226797&output=html&adk=1812271804&adf=3025194257&lmt=1711021848&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Flawyer.gogandul.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711021847708&bpp=4&bdt=804&idt=557&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1150221074127&frm=20&pv=2&ga_vid=208034032.1711021848&ga_sid=1711021848&ga_hid=381684237&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C31081904%2C95326317%2C95322183%2C31081572&oid=2&pvsid=3127014956713502&tmod=927185588&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=599
Frame ID: 73EF6C1F6E81B14F9A428E42B01A7B51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 3E9C0541FBE64CA523E98B6A095ED7DC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: CF7E1ECF7AD84C479732FD951BDE0805
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: DD0F7534CBF813556CF74A688D372957
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 57D7F85B7DA7E35EC39664AF9EC0EE07
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1506A04ADDFDFFA9CB756EF7F9CDF4CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B868E5CE0B8F4B66C35E0E300C31CE7E
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 6DD6343EBDCD72B793368847AA4624DD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 918530C18109B76FF9EDD459E091D861
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: D19CABED33260A6E70DF232133895B49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gogandul | About Lawyer - Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

86
Requests

98 %
HTTPS

85 %
IPv6

10
Domains

14
Subdomains

14
IPs

1
Countries

1124 kB
Transfer

2975 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://www.idtheme.com/superfast/
Title: Theme: Superfast

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://googleads.g.doubleclick.net/pagead/adview?ai=CVFWxGB_8ZcC2H7TkvPIP18-tmAaI0qvHa7Tr4-nDDq4CEAEgzcS5HGDJhoCA3KPEEKABnY2KzgPIAQmoAwHIA8sEqgTeAU_Qh7JwqsXh_dyCGfE0K1CH3Wtn49wLB2kIt9pp4O9TjSi7DMWiIGfvEEM7R84FhlFQ1Dd5fZfV6Ce7aD3DsIDFw6VWMbvgd-WOqBBtmra-fT4NK_COQyrmQo_13ewfQZIOnzPs_0SZgkVLfYQEz8T4pFQLnoxPImYjxkrHIQkaziutHQR9FKDfZfJGigrUtXrKZx0a44bm5EueSTnE4ht69BLwwR0HqeMrrEL9qGZ1Br9M4XEfse_9v6zIqhAI_SgyFomjdoUzMwMGswu5c9C1TbZ37AxKJXeUcuJaxsAExZ_NqswDiAXqnL_0MpIFBAgEGAGSBQQIBRgEoAYugAekxqgxqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQyfEL0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WMDk7oulhYUDmgmpAmh0dHBzOi8vcHJvZ3JhbS5ueWZhLmVkdS9maWxtbWFraW5nP3V0bV9zb3VyY2U9R29vZ2xlJnV0bV9tZWRpdW09Y3BjJktleXdvcmQ9JkFkPTUzMDc3MjA0MTIyMiZOZXR3b3JrPWQmdXRtX2NvbnRlbnQ9dHlwZSZ1dG1fY2FtcGFpZ249UmVtJTIwKE5ZRkElMjBEaXNwbGF5KSUyMC0lMjBGaWxtJTIwU2Nob29sJTIwWWVsbG93JnJlZmVyYnk9U2VhcmNoJTIwRW5naW5lJnJlZmVyc3BlY2lmaWM9R29vZ2xlJTIwUFBDJmNyZWF0aXZlPTUzMDc3MjA0MTIyMiZrZXl3b3JkPSZtYXRjaHR5cGU9Jm5ldHdvcms9ZCZkZXZpY2U9Y4AKAcgLAdoMEAoKEKCz7LWKmM25dRICAQO4E-QD2BMNiBQH0BUBgBcBshccChoIABIUcHViLTc4MjgxODczNTYyMjY3OTcYALIYBBICh1Q&sigh=uNSGQjlUT3Y&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqarDuyRsCh2noKNsHGYioFj_QZWyqSmwGbALfVjpEGD8no-Q6UYW-3PXseyAL2sgXbf3MaFz989nblHdoGQHMtSSSVG0xsOnQBBgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd81d056d0c2e20300000000000000000%22,%222%22:%220x17cf1c11b64ee4400000000000000000%22,%223%22:%220xc87a20150a92f81e0000000000000000%22,%224%22:%220xe34289c06b8923ee0000000000000000%22,%225%22:%220x49ad154e45a2b8ab0000000000000000%22},%22debug_key%22:%2216078802559313268848%22,%22debug_reporting%22:true,%22destination%22:%22https://nyfa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969049757%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214690440865877430945%22}&andc=true

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lawyer.gogandul.com/ 47 KB
10 KB 1180ms
1068ms Document
text/html 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawyer.gogandul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ab5eccad65f06623f6f2f176ad565455902fd08fc05fc2dee510c78b18f9b168

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 867db9e88fb074ba-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 11:50:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://lawyer.gogandul.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8PwvUi1WT9qsHoG4Lcl5RxD5YYIwGnhq7tM2DMnOS4atE%2FsL6OahXqQO4fQGU3vvMYL7C4%2FhzXK4YZe%2Bn51RuhtdYT0EXsbwUS%2FSM%2B%2FdlOP3VdHPTf%2B%2FNHG2rfB9OFAjsQIyqhAxqrV5kTkV9ygGhpGt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 idblog-core.css
lawyer.gogandul.com/wp-content/plugins/idblog-core/css/ 7 KB
2 KB 388ms
386ms Stylesheet
text/css 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawyer.gogandul.com/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Mar 2024 07:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a77-65fa8a15-5e0b8b;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlthvnRwMjT4qVmaR8DsiZ9dioAbFM12Ve7%2BJ1OFjquJtkcnH4C1kdUJI1vKAmKGBrRgs0XARgsJtQRS86p6VIzmoXe%2FuuAntJHzSPk5y6bJBy%2FwcU%2F1scskCbtdgZezy6pYkQzBHCJicfoAgWaPLuvv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 867db9ef4e4e74ba-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 10:23:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 230ms
83ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.1.3

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f136ca06d69de0c1598cd9f012a3232ec9e2861fb7f4ee93a551ca5265823adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 11:50:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 11:50:47 GMT

GET
H2 200 style.css
lawyer.gogandul.com/wp-content/themes/superfast/ 45 KB
10 KB 389ms
388ms Stylesheet
text/css 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawyer.gogandul.com/wp-content/themes/superfast/style.css?ver=2.1.3
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4ccdb61fb27f34a2eb755463215c47acebc9ef0783264444fea77972b9f29d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Mar 2024 07:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b290-65fa8a7e-5e0d72;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bt374KSgsioaKYs8%2BEjmre660PudbYtZ7JSUXxMCKxP%2FOhOpwNAIT79uz1JVPzk%2BnfPhZjSXxs0JC7kK5LRJ8M%2FhQO1NU1H5HZ9b%2Bsv1pO%2F2yQklxrMBReJmQxZwVoH6vsdKCcAIev8%2FUXasv3a8vITV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 867db9ef4e4f74ba-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 10:23:24 GMT

GET
BLOB 200
OK aae582e2-5b85-4a1e-98b4-a77727df920a
https://lawyer.gogandul.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lawyer.gogandul.com/aae582e2-5b85-4a1e-98b4-a77727df920a
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
97 KB 243ms
103ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-KTRXRGCZ

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

829e6c03ef12b344ea4c967fcc33c40d5e4df50a23caf488bfcbbe207a9c656f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 11:50:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 273ms
135ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7828187356226797&host=ca-host-pub-2644536267352236

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd163cb7bac6e31371d9cd4a52cd7017b384e243925b092ef574b598544087d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
Origin: https://lawyer.gogandul.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51110
x-xss-protection: 0
server: cafe
etag: 3974675251467755576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 11:50:47 GMT

GET
H2 200 gogandul.png
lawyer.gogandul.com/wp-content/uploads/2024/03/ 4 KB
4 KB 393ms
392ms Image
image/png 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/gogandul.png
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b9002f2b5b335a6bd96ea7ab713ef28f873050c06a671d5ccea78549675068

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Mar 2024 06:46:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e80-65fa8653-196f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaHKLySYUr8rEa7xD4%2BGvvbENp%2BzcINISNcANrcvLWEIeW9CoIxOCTiAwG6oR9YuyuA07RnLiUIndtZNrYarJ1r%2Fx%2F4qyPCNRiOe95ksVB0RQqiqD1QS7%2BTK6s0TqmxwFqL%2B89weDDBWRm0ADGZ5JWhs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9ef7e7c74ba-MIA
alt-svc: h3=":443"; ma=86400
content-length: 3712
expires: Thu, 21 Mar 2024 10:23:24 GMT

GET
H2 200 mad_blog_5df388728402e1576241266-200x135.png
lawyer.gogandul.com/wp-content/uploads/2024/03/ 33 KB
33 KB 504ms
504ms Image
image/png 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/mad_blog_5df388728402e1576241266-200x135.png
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abcdc8c04042b4ec6ab2c62439adec3f6199d3999d2c54b3feb2760cfcc979e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:58:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "82fe-65fb6a20-5234c9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0ivmcuUnuWoAdr0V%2F7uQlpiTErgQiWfvFvPRAfZ9xwgS%2BPFvlw%2F8C9shW5SMtqTj7hAR%2FxFMoNMo4DbnbEj%2Bsfwzq%2Fx6%2BftzztRsFROsH91xQZhHSnL2%2FXZZzeYcOnEpoz4LcVm3o61zKdqMGtgs6uT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9ef7e7e74ba-MIA
alt-svc: h3=":443"; ma=86400
content-length: 33534
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 f302e55663ee5e40b63fd6375e829c3697316a89-4500x3000-1-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 9 KB
10 KB 397ms
395ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/f302e55663ee5e40b63fd6375e829c3697316a89-4500x3000-1-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d89d3c52ca675b6afde4ec749dfe737555a2b30a2a7f1af00a3427dc27225d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:56:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "241d-65fb69a0-5234bd;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FTn2btNlzdbTHrYkxKnUGa9EYrt3hlkSxieWpKE%2Bn7aUKFwFNYEZJ0H%2B0PbEao7a3aJ%2BG9g%2Bq1npMi3MUpm4tWlaMy8MCQgMxTUqk4RCDGZETfiLDkDRmkPiXfIjNpidZPaOurRLpk1tVNjpINSmUsZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f1bbfa4c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9245
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 the-definitive-guide-to-whatsapp-for-education-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 7 KB
7 KB 391ms
389ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/the-definitive-guide-to-whatsapp-for-education-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78bfd848870755e313bfa731337924835e46468758b91c5860046d9d48d4c9ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:55:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1a79-65fb6944-5234ab;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBkt5YjWFumRAuRNYa5G6QzqSgEID3uOWtZbWWdhGeDX5bf8pWKkBP7%2B319RTTfZCOSVDZww%2BNHCq8yZ%2FZ3n5ocGu3nQHGqlOMHQDkBX1BwfCTy6k5jyTHdPVlN0T4428eDfIFhKlm38cLlhHTzns5hV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f1bbfc4c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6777
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 customscript.js Show response
lawyer.gogandul.com/wp-content/themes/superfast/js/ 14 KB
5 KB 163ms
161ms Script
application/x-javascript 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawyer.gogandul.com/wp-content/themes/superfast/js/customscript.js?ver=2.1.3
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Mar 2024 07:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"36ac-65fa8a7e-5e0d62;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjIiMpCi%2Bvonf1xcIrlfT8zh3OZlnnVfDzy45wMX8%2BxiMM9BxlrLptd%2BkP0yJ%2Ffi9ey%2BU5uCjwFNTjH2%2BQHySlrAVnRx6avMv4SBDBjt8qYuLbrXH8wZxC3oK%2BsPmQmiIc8okPrHU1BdXieU61GmAGRp"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 867db9f1bbfd4c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 10:23:25 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 207ms
65ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lawyer.gogandul.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:48 GMT
x-content-type-options: nosniff
age: 100979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:48 GMT

GET
H3 200 shutterstock_430087837-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 8 KB
8 KB 390ms
388ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/shutterstock_430087837-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66bad101f356007e58824b8b675a6b98bc217f7bde941b9514263fd48b4fc842

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:55:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1fe8-65fb6944-5234ae;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSrwYcavwH6B15d%2FDoeGXIcGsNov7DiHPpeMMJLuZnvvwlTXZ7%2Bwkl%2BUl%2BKIjCRGgHEkIbiqMbNJQ3c2Agr%2F06yK%2BVHlVdg%2BgXzUZuKqBWfiuszeQIZfGMzLnGREHAxY1PVQl%2FxMPgdBm7fpFSj5rgvM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f1fc2b4c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 8168
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 A-CASE-STUDY-bpm-providers-11-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 7 KB
7 KB 399ms
393ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/A-CASE-STUDY-bpm-providers-11-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfe4b900b2ba5765814d4046f939482a61ea4b95a568acdbe620f3ce6b22ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1a5a-65fb6942-523499;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KG7vzV%2BYNgSmmwg9Aq%2FWgICCB25%2B3KbnCkfnJkxoqHRqdk0KEPkf4%2BR%2F0uvLS78llANufcTmxu0TV%2FDVMoDLvryZyZhLyQf5Z93mcSluXd5kKXYb7PwkX2KDmrD5HPrI5yeIt69SV%2BLfU0FtaKxNdS5P"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f20c374c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6746
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 cso_gdpr_data_privacy_by_ipopba_gettyimages-1150199939_2400x1600-100808201-large-768x512-1-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 6 KB
7 KB 422ms
416ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/cso_gdpr_data_privacy_by_ipopba_gettyimages-1150199939_2400x1600-100808201-large-768x512-1-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 609acca9e8669e9d5ce85df34176afe57fd0cbed0a6cf2ffd037cc38b53bfea6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:54:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19fc-65fb6941-523494;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XG%2Fj4F%2FNIHUKmnU1nGBVbmV6HyyN9hZ9OI5ltDbmhv2WY3u4eILWKJDYFeVc3H4F5M5cwwr461veTgcL79n9qH%2F6ixbepVE7jzAtITWpVeP3NH7sFpz3yJ5nzQaxJnWxlMD43EfWEmXyDF16DLjSzdc0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f20c384c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6652
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 whatsapp-business-api-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 5 KB
5 KB 421ms
416ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/whatsapp-business-api-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61cd0a51d7787976d06a3ce452a65300b7c0fb8c87d5c3ab9780af43703c68a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13e6-65fb690f-52347c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8A42aoLAU9pKiRC%2BGnTaFdJUMXyeaoUDIfNisCpxGB5fB8nt8SIx8qqu%2B9qzGl9Lf2w7B8e5EvpoThE8if5%2FTajgMmtxDJKKe2Amx3pCjO%2BKMKeZQSaCb8YZtWOfQ1dbz9SzXjih7buMs%2BXn9dzWPsE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f20c394c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5094
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 stockvault-the-social-network-people-networking176080-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 5 KB
5 KB 421ms
417ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/stockvault-the-social-network-people-networking176080-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1d710353f39b5771fae9cf58a9053f6a329753f643bc31fcc24f7028ef1ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13af-65fb6912-523482;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsNVHzMb%2FWPAqhwHoow8wY%2BA69OzTseVKiwny1tczpirVMDXUQ8YIPP7x7rZAxSkeO1dubkwjZviAuOjslKNoGaw19DSE5qUdBm992DxJRMqZ0gpgvoDiR3%2FjOA0GUJ1WUwrVD1QAnFm5lsA%2FKD%2FUAQF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f20c3a4c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5039
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 RNG9XwVxS99yXVoLtv2rB32BYmW5L0hDVygry_pUAMyObGvGXVGSzJZK8mUe2GO9a5GL9gwvRvuqGMv44LgqjITbb-CpBN32E8qbE3VJy6cfXli3Uw6lYhb1tnYvDGj2yJQfyI-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 5 KB
6 KB 421ms
417ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/RNG9XwVxS99yXVoLtv2rB32BYmW5L0hDVygry_pUAMyObGvGXVGSzJZK8mUe2GO9a5GL9gwvRvuqGMv44LgqjITbb-CpBN32E8qbE3VJy6cfXli3Uw6lYhb1tnYvDGj2yJQfyI-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8b5cb5ccd2f265557df1fde5615d941cfbdd9e7674a9399d60d877fcdc94d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:53:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14b6-65fb6906-523460;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=049w7nVLu9BmEWy8CcG4eLf3Na2mg1E5Ydd2GGLNLYLyoRg6oQv3GqtVDEa5SGjwpL8GOStoZYEN3ziqeDU7wG0oSuaU%2FxjeNeSNICm4bDSLURXV5LCylfz8%2B%2Fhbsqgbc%2BSruKMHU8t4kCac0dB03nS9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f20c3b4c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5302
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 fintech-750x500-1-200x135.jpg
lawyer.gogandul.com/wp-content/uploads/2024/03/ 8 KB
9 KB 421ms
418ms Image
image/jpeg 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lawyer.gogandul.com/wp-content/uploads/2024/03/fintech-750x500-1-200x135.jpg
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f9aeca887fda862ca78759b0e6c95f678052f6b1cc6303119a956636bada0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 22:54:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "208c-65fb6908-52346b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ff6ATlXfmNSVwjSsN%2BEjM3qveZZgOMM%2F4ThqC6vTsunGvrc5kKjnsT7LWyo7l5BPEcdPj3xixu0exp6M5nG1r96Y%2BLOtcPb2SzUFwWEMNsiAJgQ5zEBfYlQnw6pgWxxp%2BZ%2FWHWcsL1hCiorEmE5mleGn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 867db9f20c3d4c22-MIA
alt-svc: h3=":443"; ma=86400
content-length: 8332
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 wp-emoji-release.min.js Show response
lawyer.gogandul.com/wp-includes/js/ 18 KB
5 KB 397ms
396ms Script
application/x-javascript 2606:4700:3035::6815:5322
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawyer.gogandul.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5322 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-63db0985-5a1301;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1HNHWfTPAT6aOAIY4lAYPfa4Mr6xnLhh30yD1VdXrjKCY6GVW6ue91kKQ%2BK8BBnV5H8mmQeiXnPSW%2FSh0mEf117Bz108y5rH7xIAu8n7dCOgcGgGUR9vznf%2B3iuNT%2B15yY4psuhM4g2AUD4BEK4MLzP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=43200
cf-ray: 867db9f2dd144c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 23:50:47 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 281ms
151ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7828187356226797&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41193689c350f873e11ca1b9443c21ce70eb2badff876c8086a55303dbe06d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141440
x-xss-protection: 0
server: cafe
etag: 15241799176407462919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 11:50:47 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
257 B 215ms
76ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CH8QXY02QE&gtm=45Pe43k0v9180652667za200&_p=1711021847301&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=208034032.1711021848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711021847&sct=1&seg=0&dl=https%3A%2F%2Flawyer.gogandul.com%2F&dt=Gogandul%20%7C%20About%20Lawyer%20-%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2075
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-KTRXRGCZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 11:50:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lawyer.gogandul.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73EF 442 KB
87 KB 772ms
630ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7828187356226797&output=html&adk=1812271804&adf=3025194257&lmt=1711021848&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Flawyer.gogandul.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711021847708&bpp=4&bdt=804&idt=557&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1150221074127&frm=20&pv=2&ga_vid=208034032.1711021848&ga_sid=1711021848&ga_hid=381684237&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C31081904%2C95326317%2C95322183%2C31081572&oid=2&pvsid=3127014956713502&tmod=927185588&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=599

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fae09cc0e3c83342b6bcf514c99b2f1ea846eba65ca0d82c14c1fe380b354a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 88487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 11:50:49 GMT
expires: Thu, 21 Mar 2024 11:50:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 151ms
149ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82bb576ab6b2306164f48c6030218d35463fd6b55fea6b46e33e4734f5aca301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12481
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 146ms
145ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d347439aa62e6b6baf4fd72eacf77d55290658f774d54b5e05672fd36312b434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57716
x-xss-protection: 0
server: cafe
etag: 12454665056814667687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 11:50:49 GMT

GET
H2 200 ca-pub-7828187356226797 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 252ms
101ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7828187356226797?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14f500e6c5ee7535f874352f7151a82e3a598fa7e3c9cbc5ae3b3646aa02cb44

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KS1AW5f_cXlcN2eA5jxy0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KS1AW5f_cXlcN2eA5jxy0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDMXPfh_VsAjt2b37KCADbDDGS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 91 KB
32 KB 143ms
143ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7828187356226797&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed01edbcf29adb9644f141532f60330a6d4bd74e377b7a1565fff469c0348858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32329
x-xss-protection: 0
server: cafe
etag: 17928601329993966897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 11:50:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 290ms
129ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 11:50:49 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 125ms
124ms Fetch
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7828187356226797&host=ca-host-pub-2644536267352236
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 3E9C 9 KB
4 KB 66ms
64ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame CF7E 9 KB
4 KB 65ms
63ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame DD0F 9 KB
4 KB 76ms
74ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:10:09 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUE19z0mjBqMF4wG7xd9GfsjLU844AfM74n_uoQZ1N3r_0Izu2bDLYBkU7PcoJRQZr-0ORRAW0zqoJOrAbzaFZfBJF2fjeU12lLMKiKmQasDuTYSjV8cpvopT27W_YtZ0hyZsgC6w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 107ms
105ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUE19z0mjBqMF4wG7xd9GfsjLU844AfM74n_uoQZ1N3r_0Izu2bDLYBkU7PcoJRQZr-0ORRAW0zqoJOrAbzaFZfBJF2fjeU12lLMKiKmQasDuTYSjV8cpvopT27W_YtZ0hyZsgC6w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDIxODQ5LDc4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sYXd5ZXIuZ29nYW5kdWwuY29tLyIsbnVsbCxbWzgsImxya3UxdnltYzJzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/am=wA/d=1/rs=AJlcJMxBmE6Wco2YVd9vGWk608DN5GI2uQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ce40f18e8739eed2d5d7531ed1f62c28701fa4c0d668c6946dfbc5180c486b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-29FQIl7QNtq6DvP7OZCt_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-29FQIl7QNtq6DvP7OZCt_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDMXPfh_VsAgtuT5rCDADhMTE6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 57D7 2 KB
587 B 86ms
85ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 11:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 10:37:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 11:50:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 57D7 2 KB
1 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:56:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 57D7 23 KB
9 KB 79ms
77ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 57D7 3 KB
1 KB 90ms
88ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 57D7 20 KB
8 KB 68ms
66ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 18:53:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 57D7 206 KB
62 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 12:35:24 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 57D7 36 KB
15 KB 226ms
65ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 08:02:59 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 3E9C 15 KB
6 KB 85ms
84ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:56:00 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E9C 205 B
519 B 232ms
81ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:01:03 GMT
x-content-type-options: nosniff
age: 96587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 09:01:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3E9C 604 B
695 B 285ms
136ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 05:13:37 GMT
x-content-type-options: nosniff
age: 110233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 05:13:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 3E9C 22 KB
9 KB 96ms
96ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 08:10:06 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1506 13 KB
5 KB 103ms
102ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 40973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 00:27:57 GMT
expires: Fri, 21 Mar 2025 00:27:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B868 829 B
1 KB 235ms
88ms Document
text/html 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9bcf83fcb69c1d3e24a0e7085f5ee0167725e4b4a5a37f38e17ad20edb7e2f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0y4OX1R8U5W9XV-vzQd1cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lawyer.gogandul.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0y4OX1R8U5W9XV-vzQd1cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 11:50:50 GMT
expires: Thu, 21 Mar 2024 11:50:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame CF7E 6 KB
801 B 84ms
83ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 11:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 11:45:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 11:50:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame CF7E 2 KB
856 B 89ms
74ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:56:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame CF7E 23 KB
9 KB 86ms
76ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame CF7E 3 KB
1 KB 99ms
89ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:27:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame CF7E 20 KB
8 KB 77ms
68ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 18:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 18:53:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CF7E 206 KB
62 KB 78ms
71ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 12:35:24 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame CF7E 36 KB
15 KB 170ms
83ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 08:02:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DD0F 0
23 B 136ms
134ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCUlgGB_8ZcG2H7TkvPIP18-tmAbamImHa8-ppu-ODsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTc4MjgxODczNTYyMjY3OTfIAQmoAwHIAwKqBNQBT9Ady9_4OVHzm66UC5tRkpfySodnHViRMVkX1an4OWxDqMKdkYAlC0fHUsqKUqnRSeR1PUiZRYvT9JwhxzVlu_2qLDpwq-QpdFO8dhp4FAWGpWoEF4iz5sTXJwsKvL_B6Ro7Lt0eF0DYMFLIsLMI0T2AX5eF6QiMqIeFLGFjB-_5q9FQWsQmOj3GO4zZ9YqjpN6OdRxxI7ivZcy2nWDwTah8NyNpZ6cQxHHnnYdLzlr31I0EzSL-8odsActbVMsgrLjbrMXp4a43DwUKFmH_Zc42SwOABtKSu5z407u_W6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WMDk7oulhYUDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc4MjgxODczNTYyMjY3OTcYAA&sigh=1DbvjZReF90&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqarDuyRsCh2noKNsHGYioFj_QZWyqSmwGbALfVjpEGD8no-Q6UYW-3PXseyAL2sgXbf3MaFz989nblHdoGQHMtSSSVG0xsOnQBBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 11:50:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 11:50:50 GMT

GET
H/1.1 200 win
8proof.com/app/ Frame DD0F 0
112 B 235ms
67ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=747869742271&ap=ZfwfGAAH20EITzI0AAtn17FtlPyNARllAQZPrQ&brid=E9zX5Be2z_wVG8sItPZa1Q&t=b&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 11:50:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 6DD6 13 KB
13 KB 232ms
66ms Font
application/octet-stream 2607:f8b0:4006:807::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:42:34 GMT
age: 496
x-guploader-uploadid: ABPtcPp-zOTgNaV_wt3x1CbjUgdbj1vFEJTYiW3Yx19NlGBF3a34fjSXLUrrOfvBIh69TRMJ4agxNUmaDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 21 Mar 2024 12:42:34 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 6DD6 12 KB
13 KB 248ms
83ms Font
application/octet-stream 2607:f8b0:4006:807::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:15:34 GMT
age: 2116
x-guploader-uploadid: ABPtcPrIr4mlEXhV32PMTlCiAA-HCsn__Z37lDEi4XhVwWrpYGyycXYcS_A6EKUk_npv88Bxe_tXIqCTdQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 21 Mar 2024 12:15:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B868 0
0 125ms
125ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240319&jk=3127014956713502&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1506 40 KB
16 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 9185 52 KB
20 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/18375307164142252255/ Frame CF7E 36 KB
36 KB 67ms
66ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18375307164142252255/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700a40fd58964fc54274ac0b2c1a5aeab1a6079ea29b7a53513a588253213107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:09:55 GMT
date: Wed, 20 Mar 2024 08:09:55 GMT
x-content-type-options: nosniff
age: 99655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36493
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 00:58:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12929005243277501819/ Frame CF7E 1 KB
1 KB 65ms
65ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12929005243277501819/14763004658117789537?w=100&h=100&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e6de9fa7c1413b18604ddb490f68ba4582502cdf813a52a7d0c41d5f17c521b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 09:34:09 GMT
date: Wed, 20 Mar 2024 09:34:09 GMT
x-content-type-options: nosniff
age: 94601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 23:59:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame CF7E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39c82e89e33693b991fe19be51d582a6f0a5cb8782d8fafe5808d13564912db0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF7E 15 KB
16 KB 88ms
85ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:58 GMT
x-content-type-options: nosniff
age: 100972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF7E 15 KB
15 KB 67ms
66ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:29 GMT
x-content-type-options: nosniff
age: 101001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF7E 15 KB
15 KB 97ms
97ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:28 GMT
x-content-type-options: nosniff
age: 96382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:04:28 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame D19C 52 KB
20 KB 74ms
74ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: lawyer.gogandul.com
URL: https://lawyer.gogandul.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CF7E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVFWxGB_8ZcC2H7TkvPIP18-tmAaI0qvHa7Tr4-nDDq4CEAEgzcS5HGDJhoCA3KPEEKABnY2KzgPIAQmoAwHIA8sEqgTeAU_Qh7JwqsXh_dyCGfE0K1CH3Wtn49wLB2kIt9pp4O9TjSi7DMW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd81d056d0c2e20300000000000000000%22,%222%22:%220x17cf1c11b64ee4400000000000000000%22,%223%22:%220xc87a20...

0
0

254ms
121ms

Fetch
text/css

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd81d056d0c2e20300000000000000000%22,%222%22:%220x17cf1c11b64ee4400000000000000000%22,%223%22:%220xc87a20150a92f81e0000000000000000%22,%224%22:%220xe34289c06b8923ee0000000000000000%22,%225%22:%220x49ad154e45a2b8ab0000000000000000%22},%22debug_key%22:%2216078802559313268848%22,%22debug_reporting%22:true,%22destination%22:%22https://nyfa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22969049757%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214690440865877430945%22}&andc=true

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd81d056d0c2e20300000000000000000","2":"0x17cf1c11b64ee4400000000000000000","3":"0xc87a20150a92f81e0000000000000000","4":"0xe34289c06b8923ee0000000000000000","5":"0x49ad154e45a2b8ab0000000000000000"},"debug_key":"16078802559313268848","debug_reporting":true,"destination":"https://nyfa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969049757"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"14690440865877430945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 11:50:51 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 11:50:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd81d056d0c2e20300000000000000000","2":"0x17cf1c11b64ee4400000000000000000","3":"0xc87a20150a92f81e0000000000000000","4":"0xe34289c06b8923ee0000000000000000","5":"0x49ad154e45a2b8ab0000000000000000"},"debug_key":"16078802559313268848","debug_reporting":true,"destination":"https://nyfa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["969049757"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"14690440865877430945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 273ms
122ms Preflight
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 11:50:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 layerads. Show response
fundingchoicesmessages.google.com/f/AGSKWxWtNa3BulKrlaiGunxVob3h-tu4bigKNJg5urUomiLRx0_UX9jVveZ9x3TJfPsKVtUs7x_YQo94lLWWJWfDyfa80C2SDk3ksqcKmAZQ1WlsNL9Ew7VeWF7_h2feh3dm1gHQdZ5UEvWdZO8g3cRfD_TCUdEbP... 54 B
110 B 99ms
94ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWtNa3BulKrlaiGunxVob3h-tu4bigKNJg5urUomiLRx0_UX9jVveZ9x3TJfPsKVtUs7x_YQo94lLWWJWfDyfa80C2SDk3ksqcKmAZQ1WlsNL9Ew7VeWF7_h2feh3dm1gHQdZ5UEvWdZO8g3cRfD_TCUdEbP-nUbYA_0JryJoHoGnOsLlUh0Ko41mYo/__400-80./smallad-_blogads.-banner-768./layerads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lrku1vymc2s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMySuRJJ5L17GyUkL7_9ZnG4bLjqWA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fe7dcb6fd35df28fc628a18d0398be7ef1862e837df66e1661b8f458e3eb72c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Mfo_5X7ADuwV2QMO6xOGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-2Mfo_5X7ADuwV2QMO6xOGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNMXvfh_VsAg9u7zMEAKlzMTA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 67ms
64ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 12:01:45 GMT

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 222ms
91ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-E1QasnKK-UdacV6NSIj8Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-E1QasnKK-UdacV6NSIj8Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1JBiqGV4xtQKxE7pM1hDgFiIm2P2vg_r2QRe7DyTAwC8pgyA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lawyer.gogandul.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1506 0
10 B 64ms
63ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o-tvvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 146ms
88ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sr8qL1t7dRGfHXm9qdQ0lA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sr8qL1t7dRGfHXm9qdQ0lA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIm2P2vg_r2QQunD2dDQC8PQx4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lawyer.gogandul.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 117ms
90ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P74iPsbYGxXco3qLDPMUrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-P74iPsbYGxXco3qLDPMUrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1hDgFiIm2P2vg_r2QQWtL3IBgC6HAwY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lawyer.gogandul.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 117ms
92ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-18Bxe2XsAlpx_CCbYLFr7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-18Bxe2XsAlpx_CCbYLFr7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1hDgFiIm2P2vg_r2QQmLNmXCwC5Hgv4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lawyer.gogandul.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWfo8FtmpXUcKMXTx81MdRn0m0m99NTr0ZiYxOWFSSqBgTRaSWEzUC36JG_uOMzn6d-mJ0WEYn38y6kyNDexzm_u89ARvrSPomOoCVfk9_vlj3KFVFLn1UB1HppBGNUOHWBhMfkgA== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 97ms
96ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWfo8FtmpXUcKMXTx81MdRn0m0m99NTr0ZiYxOWFSSqBgTRaSWEzUC36JG_uOMzn6d-mJ0WEYn38y6kyNDexzm_u89ARvrSPomOoCVfk9_vlj3KFVFLn1UB1HppBGNUOHWBhMfkgA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDIxODUxLDE1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGF3eWVyLmdvZ2FuZHVsLmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c20ad8b4d6ad868aa11a6ce1c06795836dd9f98a716d25e4ae25c644abf55dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zVu62OP1Rl_uqFNzWLGWPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-zVu62OP1Rl_uqFNzWLGWPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTNMXvfh_VsAg2Xr6UCAKoDMRg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 87ms
87ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KfH-oxOWS2JT076n02Zbzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-KfH-oxOWS2JT076n02Zbzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1hDgFiIh2P2vg_r2QQuNO-fzAgAxpUMQw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lawyer.gogandul.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV_UnLpkl9Ij1sR0WnfI5U0EtaGR9SM3F9oAt-Jhgkze_n-4XilpC4vBUH0yDs46ZG4xxMnx_2AR7aI0CrG-x1IHgnN_KRsnydjL-D-4HUGzaVpXnA4QhuPNGCvhgx78Wi5EFS6nw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 106ms
105ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV_UnLpkl9Ij1sR0WnfI5U0EtaGR9SM3F9oAt-Jhgkze_n-4XilpC4vBUH0yDs46ZG4xxMnx_2AR7aI0CrG-x1IHgnN_KRsnydjL-D-4HUGzaVpXnA4QhuPNGCvhgx78Wi5EFS6nw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDIxODUxLDI2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGF3eWVyLmdvZ2FuZHVsLmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

849f532a51ac0192cd8eeb1a1aadd5af9b0ac271ee8af3daceca25dd336a870c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z0arHOA1StLs0sugZZ-keA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z0arHOA1StLs0sugZZ-keA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDMXvfh_VsAhdmvprHCADh1zGJ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 90ms
89ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FWwrqBtrOYOcbSefay3UKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FWwrqBtrOYOcbSefay3UKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIh2P2vg_r2QQ6tt84ywgAxfAMfA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lawyer.gogandul.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUN6-eRHURYuoiT1Nii3_DOJ8FpuV53nDi2SM3FMAyRupuV1BJnP0pPCPXRY7v_bbDve5FFYJQ1nF7wYy4k3qSKoGgl7q6olDCbY9g9ZLyEL_Ok2kJimdjC44jiJCr8ExlYlD3X6A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 94ms
93ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUN6-eRHURYuoiT1Nii3_DOJ8FpuV53nDi2SM3FMAyRupuV1BJnP0pPCPXRY7v_bbDve5FFYJQ1nF7wYy4k3qSKoGgl7q6olDCbY9g9ZLyEL_Ok2kJimdjC44jiJCr8ExlYlD3X6A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDIxODUxLDM4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGF3eWVyLmdvZ2FuZHVsLmNvbS8iLG51bGwsW1s4LCJscmt1MXZ5bWMycyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsyLCJbbnVsbCxbbnVsbCwxLFsxNzExMDIxODUxLDMyMDU5MjAwMF1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e52542963f5e2d6249325a376b4a4dede4b89ebd9b58f7e07b56d5008791f06

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Z9etgYEbv_sSZ55ggeM2cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Z9etgYEbv_sSZ55ggeM2cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDMXvfh_VsAjt-tlxiBADcSzGS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXO2Y6dvAmoGBkKC6IipN-UlOWNa8spMpuNfPZKrSrZE5mBoYL4wFVNW-hi8xwhxupBog18eSS1fBR1yrfA0XA53KQnLgVPkqj4pNtmJF8C8Cl0n_2Eyuzdsik9ifSeRs2I7ut07A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
98ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXO2Y6dvAmoGBkKC6IipN-UlOWNa8spMpuNfPZKrSrZE5mBoYL4wFVNW-hi8xwhxupBog18eSS1fBR1yrfA0XA53KQnLgVPkqj4pNtmJF8C8Cl0n_2Eyuzdsik9ifSeRs2I7ut07A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDIxODUxLDQ5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCwxNSw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sYXd5ZXIuZ29nYW5kdWwuY29tLyIsbnVsbCxbWzgsImxya3UxdnltYzJzIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzIsIltudWxsLFtudWxsLDEsWzE3MTEwMjE4NTEsMzIwNTkyMDAwXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda7d3a602b05c1249c00a46eabe750a63946e3f82c855d2097c7ff0029a2389

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DFu9XmpryTpA64AlDfKBsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-DFu9XmpryTpA64AlDfKBsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTDMXvfh_VsAit6P7UwAQDaFjE1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXQES51e-eSFBrDf7eDxas70kY0qFIYdstNIt9wndm9cOweVARwgteWLRfhS-kmRTYi2LbfAlOeT3RRkVRYBSEbMGHzqNqKNj2cO82huPuS5mLEh_GAS6NmOvHiulXGIDo4KBHKhQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 91ms
90ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXQES51e-eSFBrDf7eDxas70kY0qFIYdstNIt9wndm9cOweVARwgteWLRfhS-kmRTYi2LbfAlOeT3RRkVRYBSEbMGHzqNqKNj2cO82huPuS5mLEh_GAS6NmOvHiulXGIDo4KBHKhQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gOiv870cnEW_oB5aNi_mmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-gOiv870cnEW_oB5aNi_mmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIh2P2vg_r2QRuLD-3lQkAyAMMow"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lawyer.gogandul.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 93ms
92ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCCYuTw62B8X2nWg2lcozfnpOFshJkp_kfh6IvgCXY91Ax2JGmqSB8Uq7W30YSLis-DSJ4ECo6drKV31OiaDV5IYmaizjz7ACspIfbiiAdwbB1H7mYsutqQbRlbx1eECPDrtvwXw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7tpUbZLrNQAOQpjgk5XmWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lawyer.gogandul.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 11:50:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7tpUbZLrNQAOQpjgk5XmWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIh2P2vg_r2QQOnHy_lQkAx2YMxg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lawyer.gogandul.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
127ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240319&jk=3127014956713502&bg=!TU6lTgHNAAZaswqNerM7ADQBe5WfOGI7xaKhuiDzYdvQmaUG75Qu87iMiDO-0zGdPXELiCBips_XWpEmMdDyrQCuOLJNAgAAAaxSAAAAA2gBB34ANUQ3eiX9VapAhiiQeT2dmtvxV8mCrBaWGc9ASGsW2xPzZ5GminxCfQmrN0eG4KCLTbU-BWw7mQJzF7pk2Qrfs7eGYUlfChEt1L-4-hewcW-LtontU2H_UKYLvg01CHRx5RK3jhITP17jEy9vb11jjZxceQvNZwkdo6xwkgwTz9512284ZGHnleX9ghZ4HDcH9JcwX-ZL7EDqTlNotGCZQGIOsQeYzdY2n4crXBXYhNp00i6W4ho2Jck9nqwDMXZ1RppVl3FY9Oiqvi7iKLEvKgr8q-Nnt68R0A6-YMocZOuduNMeSjkQxI0-cIXaTEIBvlsSJ1IYFHVb8kc1_tXq8Gmej-x_irDf0RGHvpqYwjCVrRK22RgWUHh_IvPLD9ydJsqC8TFaKwCfkUBXBVDwDXIOsMI443bGU8Ph3QYdTal8-eVi42bSrkvH-iUHZm0o3u9t1urJMYRmvvU9GJLOQ_460qS6A8LFcoaFBkf55irlepqJxTo7x_TsHzdmAKwGBPk0TkCPBzoUYoBKqMoxVBdNCgGuWqxvl0EKY8eytLRG6so5bX8jXHbkiXMEYePgjEyP0UqjTBPL9tkwh2NfddEP00gDVTxy4tTeX0Qqml6SC2SPT5UyiOr8GR0kanJwbdz55n9OK0Lc6JCC-G4t2PQp1j-Se34izk4f-P7NSNbSnA4j_2qBCutEVYjOJf7knBqjwqrQd0UmWwbgbmzBzrae7NcMEAHyPphWE0ZNO9U_SptZO0vxdhjCSp2_jmNoZnYuCQ029ab2vPn0gpimGlzZVdj9PDwMfIksY1NvYeCflpg2ja5ZQznhmPEjgvypQOnEnQw0y_NVwgHnw3ssUiot9H2bik4KAKN9uuu2Vs6Q9Q9sitOwVLQNFu98Z8ttckZ3IIbFYrYqMkKT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lawyer.gogandul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF7E 42 B
64 B 127ms
126ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-W0XDTtLamlqJEt_5H1tg51GhAg4zOx11g-dRjWembVt-XmDnwf2S8c67FETnYO5mFYOubhSTe_L09VqEAlkPizlM3yWwUd6oOWApzHmPeRY_jYPpkBky39sSQkduASDon-LOMsLLYhkqLo_hR_5NUI2UNGbbpyw&sai=AMfl-YSjD52AhsOVPQkdJpfUGu_WI48gM_XGge4ooXTC89HY9ffe5hIJre5HrMNgdX91SLjGS0CHAjAKwT9OdaWYRBtZC-JETBX6443IWGPsPby07KD6VkM4RsgGBKCNf3rf1kkQbVqmb2yqYf3WyzW2&sig=Cg0ArKJSzDt2FzGILbaPEAE&cid=CAQSTgB7FLtqarDuyRsCh2noKNsHGYioFj_QZWyqSmwGbALfVjpEGD8no-Q6UYW-3PXseyAL2sgXbf3MaFz989nblHdoGQHMtSSSVG0xsOnQBBgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=695465000&rst=1711021849754&rpt=854&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 11:50:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lawyer.gogandul.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: knt1vvikunnnehskqutc0v00r9
.gogandul.com/	1970-01-21 04:53:01	Name: _ga_CH8QXY02QE Value: GS1.1.1711021847.1.0.1711021847.0.0.0
.gogandul.com/	1970-01-21 04:53:01	Name: _ga Value: GA1.1.208034032.1711021848
.doubleclick.net/	1970-01-21 04:53:01	Name: IDE Value: AHWqTUlfCwYu_jf3Yo7jgvA_D8aWkY3dI3ARXSqQy-eJzZ9mDYcuLDEIbLDfdr4XVkw
.gogandul.com/	1970-01-21 04:38:37	Name: __gads Value: ID=7ec41897426db147:T=1711021848:RT=1711021848:S=ALNI_MYw1IhWiO5c66A13te8jj9CF9EJOA
.gogandul.com/	1970-01-21 04:38:37	Name: __gpi Value: UID=00000dd455643587:T=1711021848:RT=1711021848:S=ALNI_MagneXY9qq33C1Vvc6ShkGVR7BQmQ
.gogandul.com/	1970-01-20 23:36:13	Name: __eoi Value: ID=8b0c91d16bc2edfb:T=1711021848:RT=1711021848:S=AA-AfjYYpJEV_jSq0VBkcv_fdPaF
.googleadservices.com/	1970-01-20 21:26:37	Name: ar_debug Value: 1
.gogandul.com/	1970-01-21 04:02:37	Name: FCNEC Value: %5B%5B%22AKsRol9HlCVlyj4kWL_EMpcdch4nXL3L_Je7A-D-CAwY-lTa0iqwp9qv4qw5Lewh0OGqacSaaQd9JH9CUAXNAgKf1HvncmcztQl6UEA6pwG02cuqwgq-NyOzAuSlvQ2iNBci8LUFgMtpxsMD6pqmb8TBjtP2offX_A%3D%3D%22%5D%2Cnull%2C%5B%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1711021851%2C320592000%5D%5D%5D%22%5D%5D%5D

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lawyer.gogandul.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lawyer.gogandul.com
pagead2.googlesyndication.com
storage.googleapis.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.80.66
2606:4700:3035::6815:5322
2607:f8b0:4006:807::201b
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2002
52.116.53.150
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0c20ad8b4d6ad868aa11a6ce1c06795836dd9f98a716d25e4ae25c644abf55dc
0d4ccdb61fb27f34a2eb755463215c47acebc9ef0783264444fea77972b9f29d
14f500e6c5ee7535f874352f7151a82e3a598fa7e3c9cbc5ae3b3646aa02cb44
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1e6de9fa7c1413b18604ddb490f68ba4582502cdf813a52a7d0c41d5f17c521b
2e52542963f5e2d6249325a376b4a4dede4b89ebd9b58f7e07b56d5008791f06
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d89d3c52ca675b6afde4ec749dfe737555a2b30a2a7f1af00a3427dc27225d
39c82e89e33693b991fe19be51d582a6f0a5cb8782d8fafe5808d13564912db0
41193689c350f873e11ca1b9443c21ce70eb2badff876c8086a55303dbe06d5c
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dfe4b900b2ba5765814d4046f939482a61ea4b95a568acdbe620f3ce6b22ea3
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
609acca9e8669e9d5ce85df34176afe57fd0cbed0a6cf2ffd037cc38b53bfea6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66bad101f356007e58824b8b675a6b98bc217f7bde941b9514263fd48b4fc842
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
700a40fd58964fc54274ac0b2c1a5aeab1a6079ea29b7a53513a588253213107
73b9002f2b5b335a6bd96ea7ab713ef28f873050c06a671d5ccea78549675068
78bfd848870755e313bfa731337924835e46468758b91c5860046d9d48d4c9ba
7fd1d710353f39b5771fae9cf58a9053f6a329753f643bc31fcc24f7028ef1ac
7fe7dcb6fd35df28fc628a18d0398be7ef1862e837df66e1661b8f458e3eb72c
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
829e6c03ef12b344ea4c967fcc33c40d5e4df50a23caf488bfcbbe207a9c656f
82bb576ab6b2306164f48c6030218d35463fd6b55fea6b46e33e4734f5aca301
842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430
849f532a51ac0192cd8eeb1a1aadd5af9b0ac271ee8af3daceca25dd336a870c
8ce40f18e8739eed2d5d7531ed1f62c28701fa4c0d668c6946dfbc5180c486b4
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
ab5eccad65f06623f6f2f176ad565455902fd08fc05fc2dee510c78b18f9b168
abcdc8c04042b4ec6ab2c62439adec3f6199d3999d2c54b3feb2760cfcc979e3
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c7f9aeca887fda862ca78759b0e6c95f678052f6b1cc6303119a956636bada0f
d347439aa62e6b6baf4fd72eacf77d55290658f774d54b5e05672fd36312b434
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d61cd0a51d7787976d06a3ce452a65300b7c0fb8c87d5c3ab9780af43703c68a
d9bcf83fcb69c1d3e24a0e7085f5ee0167725e4b4a5a37f38e17ad20edb7e2f6
dda7d3a602b05c1249c00a46eabe750a63946e3f82c855d2097c7ff0029a2389
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed01edbcf29adb9644f141532f60330a6d4bd74e377b7a1565fff469c0348858
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f136ca06d69de0c1598cd9f012a3232ec9e2861fb7f4ee93a551ca5265823adc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa8b5cb5ccd2f265557df1fde5615d941cfbdd9e7674a9399d60d877fcdc94d3
fae09cc0e3c83342b6bcf514c99b2f1ea846eba65ca0d82c14c1fe380b354a40
fcd163cb7bac6e31371d9cd4a52cd7017b384e243925b092ef574b598544087d

lawyer.gogandul.com Open in urlscan Pro 2606:4700:3035::6815:5322 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

98 %HTTPS

85 %IPv6

10 Domains

14 Subdomains

14 IPs

1 Countries

1124 kBTransfer

2975 kBSize

9 Cookies

2 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lawyer.gogandul.com Open in urlscan Pro
2606:4700:3035::6815:5322 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

98 %
HTTPS

85 %
IPv6

10
Domains

14
Subdomains

14
IPs

1
Countries

1124 kB
Transfer

2975 kB
Size

9
Cookies

86 HTTP transactions
1 data transactions