urlscan.io logo urlscan.io
SecurityTrails logo

sendbigfiles.getbehind.me Open in urlscan Pro
108.175.7.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sendbigfiles.siteflex.net/uploads/Details_4c1da2ba-1fe4-44d0-9229-bc014e5be7a6.txt
Effective URL: https://sendbigfiles.getbehind.me/
Submission: On January 23 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 37 HTTP transactions. The main IP is 108.175.7.185, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is sendbigfiles.getbehind.me.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on July 17th 2023. Valid for: a year.
This is the only time sendbigfiles.getbehind.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 108.175.7.185 8560 (IONOS-AS ...)
4 142.251.163.154 15169 (GOOGLE)
4 172.253.63.155 15169 (GOOGLE)
11 142.251.163.113 15169 (GOOGLE)
2 172.64.205.21 13335 (CLOUDFLAR...)
4 172.253.122.132 15169 (GOOGLE)
2 142.251.111.154 15169 (GOOGLE)
37 8
9    108.175.7.185 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: us6.siteflex.net
sendbigfiles.siteflex.net
sendbigfiles.getbehind.me
4    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
pagead2.googlesyndication.com
4    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
googleads.g.doubleclick.net
11    142.251.163.113 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f113.1e100.net
fundingchoicesmessages.google.com
2    172.64.205.21 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bidbrain.app
4    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com
2    142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
www.googletagservices.com
Apex Domain
Subdomains		 Transfer
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
70 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
307 KB
8 getbehind.me
sendbigfiles.getbehind.me
273 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
42 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
131 KB
2 bidbrain.app
cdn.bidbrain.app — Cisco Umbrella Rank: 19978
80 KB
1 siteflex.net
sendbigfiles.siteflex.net
250 B
37 7
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 sendbigfiles.getbehind.me sendbigfiles.getbehind.me
4 tpc.googlesyndication.com googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com sendbigfiles.getbehind.me
pagead2.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 cdn.bidbrain.app googleads.g.doubleclick.net
1 sendbigfiles.siteflex.net 1 redirects
37 8

This site contains no links.

Subject Issuer Validity Valid
*.getbehind.me
AlphaSSL CA - SHA256 - G4		 2023-07-17 -
2024-08-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
bidbrain.app
E1		 2023-12-31 -
2024-03-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://sendbigfiles.getbehind.me/
Frame ID: 172BAE07D88DFE840A889C09DD85B05E
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 5B0DC28C95524FF2581C4649F8945080
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&adk=1812271804&adf=3025194257&lmt=1706030145&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145673&bpp=15&bdt=513&idt=189&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2401710627251&frm=20&pv=2&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=326
Frame ID: C0A2CB3B5174C61B37D154D956C1AA9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=8135892462&adk=979730474&adf=1477197835&pi=t.ma~as.8135892462&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145688&bpp=2&bdt=529&idt=353&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Frame ID: 32C5EF715A42B49A962EB7C7F7CF230E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=9694185014&adk=2010136482&adf=2955751841&pi=t.ma~as.9694185014&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145690&bpp=4&bdt=531&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=434
Frame ID: 84795E557C65B4DAA0E8F5C443497F41
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Send Your Files - Send App

Page URL History Show full URLs

  1. http://sendbigfiles.siteflex.net/uploads/Details_4c1da2ba-1fe4-44d0-9229-bc014e5be7a6.txt HTTP 302
    https://sendbigfiles.getbehind.me/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

37
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

902 kB
Transfer

2093 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sendbigfiles.siteflex.net/uploads/Details_4c1da2ba-1fe4-44d0-9229-bc014e5be7a6.txt HTTP 302
    https://sendbigfiles.getbehind.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sendbigfiles.getbehind.me/
Redirect Chain
  • http://sendbigfiles.siteflex.net/uploads/Details_4c1da2ba-1fe4-44d0-9229-bc014e5be7a6.txt
  • https://sendbigfiles.getbehind.me/
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66be647ff2b88a28568611f16c80f31b420b280a94dfb9cddb0685add71f10bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-length
4541
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.0
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin

Redirect headers

Content-Length
157
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 17:15:43 GMT
Location
https://sendbigfiles.getbehind.me/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
css
sendbigfiles.getbehind.me/Content/ 		95 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/Content/css?v=YEodZ6GntGFNCDAA3H96nWecL4x98Bq3weWiYuc9DAw1
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00c798aa83f443dac2bdd077a15613a96b4d405ee8ef7a0027312e9f4c49bb23

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
content-length
96914
expires
Wed, 22 Jan 2025 17:15:45 GMT
modernizr
sendbigfiles.getbehind.me/bundles/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
10999
expires
Wed, 22 Jan 2025 17:15:45 GMT
jquery
sendbigfiles.getbehind.me/bundles/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
93078
expires
Wed, 22 Jan 2025 17:15:45 GMT
jqueryval
sendbigfiles.getbehind.me/bundles/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/bundles/jqueryval?v=CscDCYKiyigBhIQTJsxhIQqf-LoZUf7GH2o1SgDjN2I1
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b0763e03c901f3551d806710dbadb31b755a3dfce6e407379347b81fb7ff52ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
25528
expires
Wed, 22 Jan 2025 17:15:45 GMT
bootstrap
sendbigfiles.getbehind.me/bundles/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/bundles/bootstrap?v=2Fz3B0iizV2NnnamQFrx-NbYJNTFeBJ2GM05SilbtQU1
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
31069
expires
Wed, 22 Jan 2025 17:15:45 GMT
blockUI
sendbigfiles.getbehind.me/bundles/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/bundles/blockUI?v=ioqpQF7yAEQ7x5IoeoFmt9IKVK9C6ivDFtL0skuwng41
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
710a6a3bf2b0efe1b5b8cadcd5a655788b243c959e5defbb58338a19ca5fa41e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Tue, 23 Jan 2024 17:15:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
9227
expires
Wed, 22 Jan 2025 17:15:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
63712a7b503c55d4074a7ccd143b908c1ffcdd70c079b326165f702c24c2581e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51137
x-xss-protection
0
server
cafe
etag
2489350138001494121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 17:15:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4205835751010395
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
c60149a41e75e17f4cae4f34063faf3c291bdf8a95d125472183fb0f9df361bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
Origin
https://sendbigfiles.getbehind.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51135
x-xss-protection
0
server
cafe
etag
4144797752817381742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 17:15:45 GMT
send.js
sendbigfiles.getbehind.me/Scripts/Controllers/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sendbigfiles.getbehind.me/Scripts/Controllers/send.js
Requested by
Host: sendbigfiles.getbehind.me
URL: https://sendbigfiles.getbehind.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.175.7.185 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
us6.siteflex.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96f9a616434f2f9b83e9a83a8a8ea6b648493621de686a1f14c4608d687d1af1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 23 Jan 2024 17:15:45 GMT
last-modified
Thu, 07 Sep 2023 21:16:12 GMT
server
Microsoft-IIS/10.0
etag
"bd43a387d0e1d91:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
6815
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
9f14c6c9346cd024354936091155e3fef1ae72ec95e19e808c941936fde47a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139778
x-xss-protection
0
server
cafe
etag
4796496089348103266
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 17:15:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 5B0D 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
60197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 00:32:28 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 00:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C0A2 		1 KB
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&adk=1812271804&adf=3025194257&lmt=1706030145&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145673&bpp=15&bdt=513&idt=189&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2401710627251&frm=20&pv=2&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=326
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
c5b493fe26d1dc8e14ebdc8320b068dc7f43f97d5fcd99b51f2c0bd925acfdb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 17:15:46 GMT
expires
Tue, 23 Jan 2024 17:15:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 32C5 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=8135892462&adk=979730474&adf=1477197835&pi=t.ma~as.8135892462&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145688&bpp=2&bdt=529&idt=353&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
57064d5026a90801628cd877f5acaa8a4d2d6cfeff3ce3bba804ecb47e825e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18605
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 17:15:46 GMT
expires
Tue, 23 Jan 2024 17:15:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8479 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=9694185014&adk=2010136482&adf=2955751841&pi=t.ma~as.9694185014&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145690&bpp=4&bdt=531&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=434
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
a5ef90e11358adec3c2b231c159eb1553b8c9579bf98d63d7b38b2427489039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18601
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 17:15:47 GMT
expires
Tue, 23 Jan 2024 17:15:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-4205835751010395
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4205835751010395?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
bbdadb7f85f85ac983a4455d974eab4d126efe7576911f95c5bb09a9f1ec31a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZmufSyCCW0uxSYhdiAkAqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZmufSyCCW0uxSYhdiAkAqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUZTTW1QUV1Jv86yR4OjYVIYAdbK3-6_eRko6W7Fot4FwAWA_H_9BVNg0hXPqI5Q_r6_1DfWTulcpZHMc0-c3c-NysPjF5Vjedm8aJroteKTUo9c2Kif27ejWSyH28kbfZewFC7Hw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUZTTW1QUV1Jv86yR4OjYVIYAdbK3-6_eRko6W7Fot4FwAWA_H_9BVNg0hXPqI5Q_r6_1DfWTulcpZHMc0-c3c-NysPjF5Vjedm8aJroteKTUo9c2Kif27ejWSyH28kbfZewFC7Hw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDMwMTQ2LDYwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zZW5kYmlnZmlsZXMuZ2V0YmVoaW5kLm1lLyIsbnVsbCxbWzgsIjFmR3Rablkwd2hZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
672384dbe3f10819724cbbca3e3f6af3fa8634ac884f639f4bbced36ddf2a371
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VcM1Aci7PdqlPQyX66FvUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-VcM1Aci7PdqlPQyX66FvUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXvgp10l9YO8pTwFOJYJ7kmztGHIWwggL0sh53XbWQhrusX-KCHzYwtVdyk9l5MY7h7UBeBFX7EIcqpv0Ar9bgwyMP7yw5ikJj_CvKVSLAyI-xSMUz9mdJ5LSINUEDayLM-nm1Hbw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvgp10l9YO8pTwFOJYJ7kmztGHIWwggL0sh53XbWQhrusX-KCHzYwtVdyk9l5MY7h7UBeBFX7EIcqpv0Ar9bgwyMP7yw5ikJj_CvKVSLAyI-xSMUz9mdJ5LSINUEDayLM-nm1Hbw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDMwMTQ2LDczMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc2VuZGJpZ2ZpbGVzLmdldGJlaGluZC5tZS8iLG51bGwsW1s4LCIxZkd0Wm5ZMHdoWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
eef66090666f555788b366c6e04c549606421886d96c3776ae076bd021b26bb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8ZJ2_CcQGUviTLcgAq9fsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-8ZJ2_CcQGUviTLcgAq9fsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
index-7c836574.js
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 32C5 		109 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidbrain.app/ng-assets/creative/assets/index-7c836574.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=8135892462&adk=979730474&adf=1477197835&pi=t.ma~as.8135892462&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145688&bpp=2&bdt=529&idt=353&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.205.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21a68d9a722d7716973e0e2ef1f73ceedec3f53f815ce5a534ac01fefdb3811

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2281
x-guploader-uploadid
ABPtcPr_DAsxkIhkgONj0BqllWQm4YJhEdZUY9SAOkTwyQqH-VNc4BM7owLX9f4zt7OTYNc_BYMjO9_yF8NrX2aC
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 14:29:17 GMT
server
cloudflare
etag
W/"5aaaed5357d0e381ac31044d52dff192"
vary
Accept-Encoding
x-goog-hash
crc32c=7lXyXw==, md5=WqrtU1fQ44GsMQRNUt/xkg==
x-goog-generation
1705588157002725
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miJeHT%2FrofGPI7vxXMFvI2%2FVl84GKcbVrMBULwDASnratRVHiJt%2BlK6j2rfeeAiV9%2Bc6FiVNK2Lm6K1Yp4zSYZJ3Ypmvmu%2Fzv90VyAvVU%2FGp%2FOKreCl%2F9lvjKQDr%2BOtE%2Bw9O"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
111210
cf-ray
84a1ae47fbd38716-ORD
expires
Tue, 23 Jan 2024 17:19:06 GMT
index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 32C5 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 32C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=8135892462&adk=979730474&adf=1477197835&pi=t.ma~as.8135892462&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145688&bpp=2&bdt=529&idt=353&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
74654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:31:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 32C5 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=8135892462&adk=979730474&adf=1477197835&pi=t.ma~as.8135892462&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145688&bpp=2&bdt=529&idt=353&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:31:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 32C5 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=8135892462&adk=979730474&adf=1477197835&pi=t.ma~as.8135892462&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145688&bpp=2&bdt=529&idt=353&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 17:15:49 GMT
torget_ads.
fundingchoicesmessages.google.com/f/AGSKWxX5ZSFOMZFBh-sCVBA8gpHa_V7WLdkxxiBXlg6r8qYRs1WjihVdYQyaxqQwmh6emkKqFWwJC54kf_zCKHXXuxKWENQbX3-ahFZrNvXGmV2SLDFbuAeliw_AXdap5Nbt4lyxZE-wwfezFxzFMQ0v6G29EwPsp... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX5ZSFOMZFBh-sCVBA8gpHa_V7WLdkxxiBXlg6r8qYRs1WjihVdYQyaxqQwmh6emkKqFWwJC54kf_zCKHXXuxKWENQbX3-ahFZrNvXGmV2SLDFbuAeliw_AXdap5Nbt4lyxZE-wwfezFxzFMQ0v6G29EwPspRc6Ozft5pDZnRSlXsD1dMox4sWjv4IU/_/AudienceNetworkPrebid./doubleclicktag./adtech-/adactions./torget_ads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyvEr0eIRRJ9yfKC2FI-uQoJCYyzw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
a0b1965ad51e27c03d5ac983b60f2b4813297eb7f704a334fca19b29d3601104
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-w5-DNVqHKMkbld4pA32nhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-w5-DNVqHKMkbld4pA32nhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyvEr0eIRRJ9yfKC2FI-uQoJCYyzw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
f4c35b3e5176a02b4a9659e8289eeeae4c55eda6c35184a0367e019bc41863b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51133
x-xss-protection
0
server
cafe
etag
7961127963349059325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 17:15:47 GMT
AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ANniSJHgNMPhi-zQSmZ2sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ANniSJHgNMPhi-zQSmZ2sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sendbigfiles.getbehind.me
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
index-7c836574.js
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 8479 		109 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidbrain.app/ng-assets/creative/assets/index-7c836574.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=9694185014&adk=2010136482&adf=2955751841&pi=t.ma~as.9694185014&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145690&bpp=4&bdt=531&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.205.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21a68d9a722d7716973e0e2ef1f73ceedec3f53f815ce5a534ac01fefdb3811

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2281
x-guploader-uploadid
ABPtcPr_DAsxkIhkgONj0BqllWQm4YJhEdZUY9SAOkTwyQqH-VNc4BM7owLX9f4zt7OTYNc_BYMjO9_yF8NrX2aC
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 14:29:17 GMT
server
cloudflare
etag
W/"5aaaed5357d0e381ac31044d52dff192"
vary
Accept-Encoding
x-goog-hash
crc32c=7lXyXw==, md5=WqrtU1fQ44GsMQRNUt/xkg==
x-goog-generation
1705588157002725
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eS%2BUaxUG0%2FXLbS1Qte488nlLJ6nJLfRK%2BE07ukkONHDKG1XdQK4dtP3%2FU4LbC7399m5EHQeVMJLd%2FXQhCE17KRMIcJnPD4F95N9WAsZYCdG3YPW2LrMK98uiGRRa6YfCKBk"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
111210
cf-ray
84a1ae47fbd58716-ORD
expires
Tue, 23 Jan 2024 17:19:06 GMT
index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 8479 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8479 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=9694185014&adk=2010136482&adf=2955751841&pi=t.ma~as.9694185014&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145690&bpp=4&bdt=531&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
74654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:31:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 8479 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=9694185014&adk=2010136482&adf=2955751841&pi=t.ma~as.9694185014&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145690&bpp=4&bdt=531&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:31:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8479 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205835751010395&output=html&h=280&slotname=9694185014&adk=2010136482&adf=2955751841&pi=t.ma~as.9694185014&w=1170&fwrn=4&fwrnh=100&lmt=1706030146&rafmt=1&format=1170x280&url=https%3A%2F%2Fsendbigfiles.getbehind.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706030145690&bpp=4&bdt=531&idt=413&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=2401710627251&frm=20&pv=1&ga_vid=1228188200.1706030146&ga_sid=1706030146&ga_hid=1460982901&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079964%2C31080333%2C95321958%2C95320889%2C95321627%2C95322163&oid=2&pvsid=4330847414285740&tmod=1383662978&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 17:15:49 GMT
AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vBNKvqPMjSr0m3VJD7uTqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vBNKvqPMjSr0m3VJD7uTqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sendbigfiles.getbehind.me
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uAf7fuVqmG9dyJRF4xw7xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uAf7fuVqmG9dyJRF4xw7xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sendbigfiles.getbehind.me
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eqaNoszDeKWTUCWnZBLpSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-eqaNoszDeKWTUCWnZBLpSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sendbigfiles.getbehind.me
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWXcllAZdy48R5PXDFkPwm1ilFBeGYOIl77bcUE80IuAHYErO3CkQaDKqxwAKuxKFaL5PmNCJymZ7gH-ZFpvd687HaaeGwIFjoB120impvhNAd71BOvaR48XU4z9KmO1JcyY5367A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWXcllAZdy48R5PXDFkPwm1ilFBeGYOIl77bcUE80IuAHYErO3CkQaDKqxwAKuxKFaL5PmNCJymZ7gH-ZFpvd687HaaeGwIFjoB120impvhNAd71BOvaR48XU4z9KmO1JcyY5367A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDMwMTQ3LDg0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zZW5kYmlnZmlsZXMuZ2V0YmVoaW5kLm1lLyIsbnVsbCxbWzgsIjFmR3Rablkwd2hZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
f4431860930b57119d120039a4e3d7f87aab341423a81967d5a3aff0f861756a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i27iVKDq8g3WpJ0mwbATLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sendbigfiles.getbehind.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-i27iVKDq8g3WpJ0mwbATLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWV5fR8t3KPBfdUK2qBr4krXvpPZF9EOjK4fpmHB4EYV-sIuMiAkJ4ZXo_oISvPgHHD8njHftJgBv8dQFigxB8q6NnhrVEP2zgAUkmhm69xmuwiAxJafQOzwy-TPwq0rNL1XZ7Cvw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWV5fR8t3KPBfdUK2qBr4krXvpPZF9EOjK4fpmHB4EYV-sIuMiAkJ4ZXo_oISvPgHHD8njHftJgBv8dQFigxB8q6NnhrVEP2zgAUkmhm69xmuwiAxJafQOzwy-TPwq0rNL1XZ7Cvw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CvAmQ_OXd9amy66kYPhodA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CvAmQ_OXd9amy66kYPhodA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sendbigfiles.getbehind.me
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcmjZNpvYwraUoSq7kaAQhO3LAwbkoZXLLZAtldOG3KFCKecF19nSkYRoF0AndctH-hair8_7cS-a4TEna028DFbHkUw5gHjm8QXN3sTMroeWZUgSJP7fiJzqQGUKg8UgzAOFD1g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1fGtZnY0whY.es5.O/am=wA/d=1/rs=AJlcJMzN1xyqIXLk7c3DEBGim0GF-kmcEg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rK2G11QCRIcrS-XBok15Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sendbigfiles.getbehind.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 17:15:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-rK2G11QCRIcrS-XBok15Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sendbigfiles.getbehind.me
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.bidbrain.app
URL
https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Domain
cdn.bidbrain.app
URL
https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| html5 object| Modernizr function| $ function| jQuery object| jQuery110202459072718504136 object| respond object| adsbygoogle function| SubmitUploadForm function| SubmitEmailForm function| DisplayMessage object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTQ0YWNiN2FjNTJjOGY1Y2xvYWRlcl9qcw== string| MTQ0YWNiN2FjNTJjOGY1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| f0ae8066-7a83-44a3-8ebd-86b1d947d089

3 Cookies

Domain/Path Name / Value
sendbigfiles.getbehind.me/ Name: __RequestVerificationToken
Value: 9h2DK5kOmllnIRAQtSz5RJ8P_EH0c895E8zVWFaXT_FzCR4c3AzJ-nup9HoCAgAuQLHkDw3TTzJnuouTwcR_8B7EB9SwpstIm5eM2Vu0g9A1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.getbehind.me/ Name: FCNEC
Value: %5B%5B%22AKsRol89-S-yDjAIOV9_UtpJzOsMjaOWqmRBS48821h8JWUzkF0iMNi-EWkceXCKnOYHoHAwP_zI1JEqNb5ffkPqPDODvIBrGU1Mlv5yKwVIf6jFTgauAiLjVLAprHbquqlE6Bs01G4sZ0NhFoS0RMhbjSHpMf0TXA%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bidbrain.app
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
sendbigfiles.getbehind.me
sendbigfiles.siteflex.net
tpc.googlesyndication.com
www.googletagservices.com
cdn.bidbrain.app
108.175.7.185
142.251.111.154
142.251.163.113
142.251.163.154
172.253.122.132
172.253.63.155
172.64.205.21
00c798aa83f443dac2bdd077a15613a96b4d405ee8ef7a0027312e9f4c49bb23
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
57064d5026a90801628cd877f5acaa8a4d2d6cfeff3ce3bba804ecb47e825e86
63712a7b503c55d4074a7ccd143b908c1ffcdd70c079b326165f702c24c2581e
66be647ff2b88a28568611f16c80f31b420b280a94dfb9cddb0685add71f10bf
672384dbe3f10819724cbbca3e3f6af3fa8634ac884f639f4bbced36ddf2a371
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
710a6a3bf2b0efe1b5b8cadcd5a655788b243c959e5defbb58338a19ca5fa41e
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
96f9a616434f2f9b83e9a83a8a8ea6b648493621de686a1f14c4608d687d1af1
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f14c6c9346cd024354936091155e3fef1ae72ec95e19e808c941936fde47a73
a0b1965ad51e27c03d5ac983b60f2b4813297eb7f704a334fca19b29d3601104
a5ef90e11358adec3c2b231c159eb1553b8c9579bf98d63d7b38b2427489039e
b0763e03c901f3551d806710dbadb31b755a3dfce6e407379347b81fb7ff52ef
bbdadb7f85f85ac983a4455d974eab4d126efe7576911f95c5bb09a9f1ec31a3
c5b493fe26d1dc8e14ebdc8320b068dc7f43f97d5fcd99b51f2c0bd925acfdb4
c60149a41e75e17f4cae4f34063faf3c291bdf8a95d125472183fb0f9df361bf
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e21a68d9a722d7716973e0e2ef1f73ceedec3f53f815ce5a534ac01fefdb3811
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eef66090666f555788b366c6e04c549606421886d96c3776ae076bd021b26bb7
f4431860930b57119d120039a4e3d7f87aab341423a81967d5a3aff0f861756a
f4c35b3e5176a02b4a9659e8289eeeae4c55eda6c35184a0367e019bc41863b1