class-30x.us Open in urlscan Pro
2606:4700:3037::6815:ed8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://class-30x.us/
Effective URL:
https://class-30x.us/
Submission: On November 19 via manual (November 19th 2024, 4:56:01 pm UTC) from US — Scanned from US

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 30 domains to perform 69 HTTP transactions. The main IP is 2606:4700:3037::6815:ed8, located in United States and belongs to CLOUDFLARENET, US. The main domain is class-30x.us. The Cisco Umbrella rank of the primary domain is 435624.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.

This is the only time class-30x.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3037::6815:ed8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:807::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c40... 2a02:6ea0:c400::54	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:2e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3035::ac43:ade3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.173.132.105 18.173.132.105	16509 (AMAZON-02) (AMAZON-02)
1	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1	131.153.172.93 131.153.172.93	19437 (SS-ASH) (SS-ASH)
1	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.18.34.190 104.18.34.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.222.39.186 51.222.39.186	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.140.223 18.173.140.223	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:251... 2600:9000:2511:7a00:a:e047:754:afe1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
1	44.218.66.238 44.218.66.238	14618 (AMAZON-AES) (AMAZON-AES)
1	141.95.33.120 141.95.33.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	51.222.39.185 51.222.39.185	16276 (OVH OVH SAS) (OVH OVH SAS)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
69	39

4 2606:4700:3037::6815:ed8 (United States)

ASN13335 (CLOUDFLARENET, US)

class-30x.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c400::54 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:2e8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ade3 (United States)

ASN13335 (CLOUDFLARENET, US)

country.adinplay-venatus.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-105.jfk52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.184 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.172.93 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.34.190 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.140.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-140-223.jfk52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:7a00:a:e047:754:afe1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.218.66.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-66-238.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	75 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	257 KB
5	googlesyndication.com 3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	15 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687 aax.amazon-adsystem.com — Cisco Umbrella Rank: 468	89 KB
4	class-30x.us class-30x.us — Cisco Umbrella Rank: 435624	10 KB
3	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 13534	203 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	13 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	29 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712	409 B
2	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 3097	842 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 281 acdn.adnxs.com — Cisco Umbrella Rank: 643	7 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1313	104 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 506	146 KB
2	icons8.com maxst.icons8.com — Cisco Umbrella Rank: 27957	112 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	424 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	4 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	4dex.io mp.4dex.io — Cisco Umbrella Rank: 2752	276 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 505 eus.rubiconproject.com Failed	895 B
1	cpmstar.com server.cpmstar.com — Cisco Umbrella Rank: 3384	480 B
1	workers.dev country.adinplay-venatus.workers.dev — Cisco Umbrella Rank: 38899	709 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1618	52 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	gstatic.com fonts.gstatic.com	8 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	68 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
69	30

	Domain	Requested by
11	fundingchoicesmessages.google.com	cadmus.script.ac
7	securepubads.g.doubleclick.net	api.adinplay.com cadmus.script.ac imasdk.googleapis.com
4	class-30x.us	class-30x.us
3	3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com	cadmus.script.ac
3	c.amazon-adsystem.com	api.adinplay.com c.amazon-adsystem.com
3	api.adinplay.com	class-30x.us api.adinplay.com
2	pagead2.googlesyndication.com	cadmus.script.ac
2	onetag-sys.com	api.adinplay.com cadmus.script.ac
2	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	cdn.jsdelivr.net	api.adinplay.com cadmus.script.ac
2	maxst.icons8.com	class-30x.us maxst.icons8.com
1	gum.criteo.com	cadmus.script.ac
1	esp.rtbhouse.com	cadmus.script.ac
1	acdn.adnxs.com	cadmus.script.ac
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	invstatic101.creativecdn.com	cadmus.script.ac
1	cdn.id5-sync.com	cadmus.script.ac
1	static.criteo.net	cadmus.script.ac
1	oa.openxcdn.net	cadmus.script.ac
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	mp.4dex.io	api.adinplay.com
1	fastlane.rubiconproject.com	api.adinplay.com
1	server.cpmstar.com	api.adinplay.com
1	ib.adnxs.com	api.adinplay.com
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	imasdk.googleapis.com	api.adinplay.com
1	country.adinplay-venatus.workers.dev	api.adinplay.com
1	cadmus.script.ac	api.adinplay.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	class-30x.us
1	cdnjs.cloudflare.com	class-30x.us
1	www.googletagmanager.com	class-30x.us
0	eus.rubiconproject.com Failed	cadmus.script.ac
69	38

This site contains no links.

Subject Issuer	Validity	Valid
class-30x.us WE1	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
1454623486.rsc.cdn77.org E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
adinplay.com WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
script.ac E5	`2024-10-19` - `2025-01-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
adinplay-venatus.workers.dev WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
i.clean.gg WR3	`2024-10-27` - `2025-01-25`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2024-07-20` - `2025-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
the-ozone-project.com WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
mp.4dex.io WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
cdn.prod.uidapi.com E6	`2024-09-11` - `2024-12-10`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
esp.rtbhouse.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://class-30x.us/
Frame ID: 2673559BD6E092614AB9D96BD0AB4097
Requests: 59 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: BF694E7BD3DA44677A945C2E4F9F0C27
Requests: 1 HTTP requests in this frame

Frame: https://3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 915F42D446C14E94222509C4D082C270
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FD48581616EC87615D28E8414E1FAE77
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D59BEEAF4497021B6073C2C81DCF25CE
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&gpp=&gpp_sid=&pubcid.org=9e64bd39-4189-4303-9ec0-11966a1ad79f&publisherId=OZONEAIP0001&siteId=1500000135&cb=1732035352371&bidder=ozone
Frame ID: 81E562FC8EA7C176DB25682681F501CA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1732035352340
Frame ID: 730B2EEDEED58C760E7AD5DFB5EDF1C5
Requests: 1 HTTP requests in this frame

Frame: https://3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD386E95582DB8E2157E979699FC6D10
Requests: 1 HTTP requests in this frame

Frame: https://3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7942A933D9BB3AE08E2D856B4A3738E5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=class-30x.us&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: E733DF6221B759AB4C8796D826470FED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

class-30x.us

Page URL History Show full URLs

http://class-30x.us/ HTTP 307
https://class-30x.us/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

69
Requests

99 %
HTTPS

58 %
IPv6

30
Domains

38
Subdomains

39
IPs

4
Countries

1227 kB
Transfer

3733 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://class-30x.us/ HTTP 307
https://class-30x.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
class-30x.us/
Redirect Chain

http://class-30x.us/
https://class-30x.us/

8 KB
4 KB

101ms
64ms

Document
text/html

2606:4700:3037::6815:ed8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://class-30x.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f87269da4c62c1f51ef6d9d2d2b1d2a486f321ce7266931f84d6399e716f67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e51baf06d876a55-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 19 Nov 2024 16:55:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2mlf3OPR16fmGrfJjZMcXHH6B1I4ZNBwyJiqJzrpb8B1EG5KiXmV1aDkYF%2FMa23zJZiliB%2F00T5w55inOony6F7xhyXjp5ifCVmQxJy%2BhW3Dkah1NxO3HCgS8RKBKXomkineARxGDy1TJQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=4784&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4423&delivery_rate=793&cwnd=12000&unsent_bytes=0&cid=014fc500080f4b5c&ts=83&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://class-30x.us/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
108 KB 135ms
63ms Script
application/javascript 2607:f8b0:4006:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBH0VG561V

Requested by

Host: class-30x.us
URL: https://class-30x.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c0cbd22465bbe1b4d548626471cedd825fe8962388d46cb2b269dc962c8f788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 19 Nov 2024 16:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109648
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 style.css
class-30x.us/Assests/CSS/ 8 KB
3 KB 83ms
81ms Stylesheet
text/css 2606:4700:3037::6815:ed8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://class-30x.us/Assests/CSS/style.css?1732035351
Requested by: Host: class-30x.us
URL: https://class-30x.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 750b027ed4b599c71cf7fa08280f7cd98bb55d263554c9a371ad8701f155a2fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"210b-67340111-11083f5a;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7cd%2BFpKm%2Bbi8yOjkXDw707WDyQbqLmQs3XsLPewDI7GxHoQKu%2FU%2BREK4i%2BbS74%2Bh%2BXJwxposNHe%2BkGGSiEuMjDcBSG6ztE70QH46q5u8XploWUdr2s9maIrGx0BzeKkvD407x39UCpXCmA%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 Nov 2024 16:55:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8389&sent=22&recv=18&lost=2&retrans=2&sent_bytes=12519&recv_bytes=5550&delivery_rate=108137&cwnd=8400&unsent_bytes=0&cid=014fc500080f4b5c&ts=376&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/css
last-modified: Wed, 13 Nov 2024 01:29:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e51baf218b46a55-EWR
server: cloudflare

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ 105 KB
17 KB 90ms
18ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Requested by

Host: class-30x.us
URL: https://class-30x.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

4716ecc4c3d6816c0cce4e62bd854fa32c81f9ced9eccd36d009723879e27fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

access-control-max-age: 1728000
content-encoding: gzip
etag: W/"1a57e-m/ufJj2eAiPapDT36d69nG4R6Hc"
x-77-cache: HIT
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-77-nzt-ray: f03d061321c5e75817c33c675526911a
last-modified: Wed, 09 Oct 2024 12:17:26 GMT
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
x-77-nzt: EgwBT3/O6QH3+oYuAAwBnJI76AG3QQAAAA
cache-control: max-age=315360000, public
access-control-allow-credentials: true
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 3049210
server: CDN77-Turbo

GET
H3 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 274 KB
68 KB 77ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js

Requested by

Host: class-30x.us
URL: https://class-30x.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-4472c"
age: 884512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpuwqCE7ACgdbz%2FRsrvVD6G%2FYWWQ1wyjUXaxMgHqZAZJ3IPGblD1BBR9iNFQ3%2B7vSSDEn%2BtB7xF7N9GszClbeW9Ae4l2MLioy0P%2BGE4gzJj2tyFNStXRNwaX8Doy%2FtX8zBksfdA%2BL9M4%2FpMsS%2FkTOUcA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 16:55:51 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e51baf26c2e431a-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69049
server: cloudflare

GET
H3 200 aboutblank.js Show response
class-30x.us/Assests/JS/ 1 KB
1 KB 63ms
61ms Script
text/javascript 2606:4700:3037::6815:ed8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://class-30x.us/Assests/JS/aboutblank.js?v1f1
Requested by: Host: class-30x.us
URL: https://class-30x.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2854f1442839ab6fb3c09e8f9372d4512ddfb1d56aeac6c3658c8e281c4089ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"4e3-6732505e-12007bc0;br"
age: 3191
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvP9EQLVWav3xgEebZHRLH2wArI6nyfmvMY%2FYD0sTl7fbWzetbZL7UAjdprM2E7PdvYPrLkeAY8dta9fXNveun3u9oZlycqZsALsTujKiWvb1FDaMbXE%2FplRsRpSwrs1MEJYRDyvf%2FrvPfE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5710&sent=17&recv=15&lost=0&retrans=0&sent_bytes=8835&recv_bytes=5415&delivery_rate=532371&cwnd=12000&unsent_bytes=0&cid=014fc500080f4b5c&ts=330&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/javascript
last-modified: Mon, 11 Nov 2024 18:43:42 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e51baf218bb6a55-EWR
server: cloudflare

GET
H3 200 options.js Show response
class-30x.us/Assests/JS/ 760 B
1 KB 52ms
50ms Script
text/javascript 2606:4700:3037::6815:ed8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://class-30x.us/Assests/JS/options.js?1f11
Requested by: Host: class-30x.us
URL: https://class-30x.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:ed8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec0e3d252ae073496068fdd8f0210ce555babd0effc705294a7be37d23cfc3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"2f8-6732505e-12007bc2;br"
age: 3191
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40VFsUh97gZH8yOlSBSz3guogmvZ7ng31O30JtMStNUSe8bvMEXZmpe1NUXcAOSXXv%2BRb8b%2FrWfmT5McF%2F15vqpq8AEtSjUWKfTLAt414HnEmS4hDTYIQZKfuFZgDkzA6IoniQlGQtkprmU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5710&sent=19&recv=15&lost=0&retrans=0&sent_bytes=10127&recv_bytes=5415&delivery_rate=532371&cwnd=12000&unsent_bytes=0&cid=014fc500080f4b5c&ts=337&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/javascript
last-modified: Mon, 11 Nov 2024 18:43:42 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e51baf218bd6a55-EWR
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 72ms
33ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Ubuntu:wght@300&display=swap

Requested by

Host: class-30x.us
URL: https://class-30x.us/Assests/CSS/style.css?1732035351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

faf14cd2dc18bb5be6b7823718ab0659c2c7787aff3e7f715685a19d6cad3215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 16:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 19 Nov 2024 16:16:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/ 2 KB
1 KB 84ms
35ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.min.js
Requested by: Host: class-30x.us
URL: https://class-30x.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e3b5c442707239c8314146f7630d1efc65b642ea65eb8680feea8b0cd7ea225

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

x-host: adinplay-1
cf-cache-status: HIT
etag: W/"673c6715-639"
age: 21586
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ryyGwyNRuMU7GIppDRxYg%2BFIFLX98dZ0eq%2FP%2BI3dmSqRF4eitCqwrwR0LibgCbW4k1yzazHi5GWrRIoBzNSLoHNIIsjSAWTNaSrik%2BZXzeQ6rXB0QZI2O9mLlkvn7%2F7QKcC08dpjtTBB%2FocIDc%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6568&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4044&recv_bytes=2218&delivery_rate=1561128&cwnd=253&unsent_bytes=0&cid=c4c6474837151e0c&ts=46&x=0"
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 10:23:17 GMT
vary: Accept-Encoding
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e51baf38d7b6a5e-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 40ms
10ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Ubuntu:wght@300&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://class-30x.us
Referer: https://fonts.googleapis.com/

Response headers

age: 324630
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 22:45:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 22:45:21 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ 94 KB
95 KB 18ms
5ms Font
font/woff2 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2

Requested by

Host: maxst.icons8.com
URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://class-30x.us
Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Response headers

access-control-max-age: 1728000
etag: "179f0-idlTHAxwqHUd/4PBkXuqsfFqIHE"
x-77-cache: HIT
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 12:17:26 GMT
x-77-nzt-ray: f03d061378b94d5d17c33c673b22a524
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
x-77-nzt: EgwBT3/O6QH39oYuAAwBnJI76AG3QwAAAA
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
x-77-pop: newyorkUSNY
content-length: 96752
x-77-age: 3049206
server: CDN77-Turbo

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 37ms
16ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HBH0VG561V&gtm=45je4be0v9184280918za200&_p=1732035351431&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=1477221563.1732035352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732035351&sct=1&seg=0&dl=https%3A%2F%2Fclass-30x.us%2F&dt=class-30x.us&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=674
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBH0VG561V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://class-30x.us
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 tag.aip.min.js Show response
api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/ 634 KB
201 KB 43ms
42ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f219083e290f3ffe11cc382eae09b2fa05cd9cc6777c183cda7a01c2baa54e9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

x-host: adinplay-2
cf-cache-status: HIT
etag: W/"673c6715-9e866"
age: 21586
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFgnBkHVBYoC2xGR%2FyRypvBWh%2B%2FALuHAydp9otsVETb%2BNyd6XBWCow3a9z6aSyhQRaevHU%2BPrRVtTLS6zVcqs6UZ6wFs%2FbOUZcOeg%2FITLXrRIPFXaLZAJNxVNziw%2F%2FmE4zn5F70mKAqoDsdnAl4%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6669&sent=9&recv=15&lost=0&retrans=0&sent_bytes=5374&recv_bytes=2299&delivery_rate=1561128&cwnd=255&unsent_bytes=0&cid=c4c6474837151e0c&ts=169&x=0"
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 10:23:17 GMT
vary: Accept-Encoding
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e51baf43e9e6a5e-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 148 KB
52 KB 55ms
16ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0778613bd34066564195e28d54300a09a76952db902e617fa1ade180771cfb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
content-encoding: gzip
etag: W/"474bcb8d53a8b81fe25f38e637cb74d293d0471f"
age: 0
cf-ray: 8e51baf5bed6440c-EWR
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 16:25:21 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
5ms Fetch
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241119

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a520089e498892ed0f8a93c220ad31eecd5fce604579187e0a3499f2265fdfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"639-REljfyMvuPKjqXSlhxGbvqoYr2Q"
age: 3301
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21964-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 829
x-jsd-version: 1.0.2245

GET
H3 200 / Show response
country.adinplay-venatus.workers.dev/ 2 B
709 B 61ms
17ms XHR
text/plain 2606:4700:3035::ac43:ade3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay-venatus.workers.dev/
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ade3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4CaOEJZ0ZDEHwLYNXuXD90YOd0n54rxYwjUqInawmHLvevGsuNdehKY6ds9s8KXGIg1tyu0nIMQMRq%2ByJk%2F6pLn275fmUm9Nv9q56FhfPjk55ngSfkKkTiiIVnTnsEZarWSjbK50D%2F4R%2FH%2B26SyHOWpwzY2VJc6zRnPKQeRWD0TiVo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-ray: 8e51baf5dea7435c-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2
server-timing: cfL4;desc="?proto=QUIC&rtt=4470&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4354&delivery_rate=96151&cwnd=12000&unsent_bytes=0&cid=40cfb8175d28f98f&ts=28&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i
access-control-allow-headers: Content-Type

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 135ms
13ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"812ceba01127f3bf5aede260eaddcd29"
age: 2249
via: 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront), 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 9u9gvgFphLlY7O-ZJ3TxXzNB_eoAAz3a2l3kKyk_bT0S2M-IJopl6A==
date: Tue, 19 Nov 2024 16:18:24 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:03 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
x-amz-server-side-encryption: AES256

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 57ms
33ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=421469808

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301a6f3d7fea95ad6cf51eedfa506660f37aa3f2d3cfb3e28f4992510cb47b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
etag: 563 / 20046 / m202411130102 / config-hash: 6901299952160827384
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 16:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33774
x-xss-protection: 0
server: cafe

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 424 KB
145 KB 65ms
24ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae050a0159c9519b836bf5a1a8ffb7c5c45611037cc18b40ed51b8af41eb10c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 16:55:51 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148159
date: Tue, 19 Nov 2024 16:55:51 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
488 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

x-host: adinplay-2
cf-cache-status: HIT
etag: "5ac4f9a5-10"
age: 23528
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL9IVp9y%2BiYe3rpLoFaHeXBUCx5JnlomROx6%2Fwcu%2BPOfmYiXGH20w0fTleDNmcPUWgdcoxqqYbqxn022i6%2ByekTDn5O2UTP9IuerSpalQZB5gPXbpLQzGAN6wsVfnGiFfxUlT3Ba%2FT2GH56%2F8S0%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=4177&sent=176&recv=143&lost=0&retrans=0&sent_bytes=213264&recv_bytes=2372&delivery_rate=27368618&cwnd=264&unsent_bytes=0&cid=c4c6474837151e0c&ts=364&x=0"
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: application/javascript
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
vary: Accept-Encoding
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e51baf598ac6a5e-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16
server: cloudflare

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 57ms
22ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://class-30x.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 19 Nov 2024 16:55:52 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 20ms
16ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://class-30x.us/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: application/octet-stream
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411130102/ 489 KB
152 KB 16ms
15ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411130102/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9558fe12b61a71d65a039cd3348fe2572cb55fbe72eaa19e1ac34b51d35054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
etag: 18000071572711967338
age: 334
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 16:50:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 19 Nov 2024 16:50:18 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155155
x-xss-protection: 0
server: cafe

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
60 B 38ms
35ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fclass-30x.us%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d49fd142c0f355c82e85a06c9da27340646a33c69cd6eeafad3bfc04c5a70e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 16:55:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 36
date: Tue, 19 Nov 2024 16:55:52 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 53b902f9-cf9c-4605-aec3-2c8ce65042b8 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
832 B 40ms
4ms Script
application/javascript 18.173.132.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-105.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4e533a8084dfbed8098b1bcc579853702f9822d1832dd60d48cda7f1b853bfb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cache-control: max-age=3600
age: 2841
via: 1.1 79985f6b7b9f366996e2a85ef814999e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: LUzdGJXJR-U4f_LNZrfFq6HL0XHyOfaU1zzBZ9znyx6o9ZK8iFwAhg==
date: Tue, 19 Nov 2024 16:08:31 GMT
content-type: application/javascript
x-amz-cf-pop: JFK52-P2
server: CloudFront

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 6ms
5ms XHR
text/plain 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fclass-30x.us&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 18653
access-control-allow-credentials: true
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
access-control-allow-origin: https://class-30x.us
x-cache: Hit from cloudfront
x-amz-cf-id: OL_ufaXf12fyqVeupIubQWpuj7TTPvWinuV2zqG2RfYMRMqju0B_rw==
date: Tue, 19 Nov 2024 11:44:58 GMT
x-amz-cf-pop: JFK50-P3
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 16ms
6ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 14290
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: Q7eT5E6uKzzfUXVzdaiETKXlvz68BvHSeCCSW80Raw0Dwehm_m-rqw==
date: Tue, 19 Nov 2024 12:57:43 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 347ms
287ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a620a290781ab35d710a5e164a689b4ec0a9a170585253c72e001dc1291a1aa8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://class-30x.us
an-x-request-uuid: 66a1e23b-c76f-40a7-956b-1d6d71aa2a7b
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 19 Nov 2024 16:55:52 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 27 B
480 B 69ms
9ms Fetch
application/json 131.153.172.93
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?media=banner&json=c_b&mv=1&poolid=81289&reachedTop=true&requestid=59e648fa57d0cb&referer=https%3A%2F%2Fclass-30x.us%2F&schain=1.0%2C1%21adinplay.com%2CGDU%2C1%2C%2C%2C
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.153.172.93 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 193fdc7a48ae60adfa28663712b68539bead2a82033545589d0d97565c6e983b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

Cache-Control: private,no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: https://class-30x.us
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length: 27
Date: Tue, 19 Nov 2024 16:55:51 GMT
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 371 B
895 B 111ms
18ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=57&rp_schain=1.0,1!adinplay.com,GDU,1,,,&eid_pubcid.org=9e64bd39-4189-4303-9ec0-11966a1ad79f%5E1&rf=https%3A%2F%2Fclass-30x.us%2F&tg_i.domain=class-30x.us&tg_i.page=https%3A%2F%2Fclass-30x.us%2F&tg_i.pbadslot=worm-ist_970x250&tk_flint=pbjs_lite_v9.14.0&l_pb_bid_id=7d01b344dc2e07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=worm-ist_970x250&m_ch_mobile=%3F0&slots=1&rand=0.6818447468831057
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 7381e12d79a87abc5624f17d9ebc8fd764345e18c2e50721e1c013f2dbf7cb2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://class-30x.us
content-length: 371
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
842 B 107ms
56ms Fetch
text/plain 104.18.34.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8e51baf7c9bd42c4-EWR
expires: 0
access-control-allow-origin: https://class-30x.us
content-length: 2
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: text/plain; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 87ms
36ms Fetch
application/json 51.222.39.186
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.186 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip186.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://class-30x.us
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 prebid Show response
mp.4dex.io/ 0
276 B 208ms
148ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GDU/worm.ist/tag.aip.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://class-30x.us/

Response headers

x-version: 3.0.0-gcp-las
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
x-err: Parsing the Prebid Request. parseadrequest org/site not found
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8e51baf80aa35e68-EWR
expires: 0
access-control-allow-origin: https://class-30x.us
date: Tue, 19 Nov 2024 16:55:52 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
374 B 146ms
34ms XHR
text/javascript 18.173.140.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fclass-30x.us%2F&pid=31QS5tYqlXAoS&cb=0&ws=1600x1200&v=24.1105.2150&t=1500&slots=%5B%7B%22sd%22%3A%22worm-ist_970x250%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F421469808%2Fworm.ist_970x250%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21adinplay.com%2CGDU%2C1%2C%2C%2C&sm=309633d5-af39-43d3-a990-c03b069d7507&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-140-223.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
access-control-allow-origin: https://class-30x.us
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: xUZHnQRa2hmVDmAA5zxfX2wweTf3UlYySSmgBU2RsbBwDWLQDZ0n8g==
date: Tue, 19 Nov 2024 16:55:51 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: JFK52-P2
server: Server

GET
H2 200 421469808 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 202ms
129ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/421469808?ers=3

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ebaae794e80ef0b229b80a54cd4b8320b6f0771915e2cd265333baba023c40bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BMDR_f1JDMyyA6MMZlR8YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4lm9l1kXAfHM85dZFwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBwz2j7vZBO48fv2FUYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0NDQ3M9A7P4AgMAuehJUw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BMDR_f1JDMyyA6MMZlR8YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVGWDu3ZnDiGMYgQ_N7U8pfNHLSrw1u28ICRjYUYPlSnNFcss6koKvuhrm0w9rBiKVmxLyxIb-yfA7FmCh3865igz0M_Y-BU5293f6fJK7AJTLnyUfsYF-TQPzqUe6WyikXpiZ4EA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 70ms
69ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVGWDu3ZnDiGMYgQ_N7U8pfNHLSrw1u28ICRjYUYPlSnNFcss6koKvuhrm0w9rBiKVmxLyxIb-yfA7FmCh3865igz0M_Y-BU5293f6fJK7AJTLnyUfsYF-TQPzqUe6WyikXpiZ4EA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDM1MzUyLDY0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jbGFzcy0zMHgudXMvIixudWxsLFtbOCwiS292dTAxejVCckkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d62ad81942ad1170dae53f97d239e30c3a6799414c8a9557362933c1ba76c189

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZVwFcI4V3y0PICsjeNfsdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4lm9l1kXAfGM85dZFwBxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBwz2j7vZBOY8KnrGJOSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiaGhobmegVl8gQEAmUBIoQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZVwFcI4V3y0PICsjeNfsdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame BF69 0
0 51ms
14ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 16:23:02 GMT
expires: Tue, 19 Nov 2024 17:13:02 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 68ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 2380453
x-goog-stored-content-encoding: gzip
expires: Thu, 23 Oct 2025 03:41:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 23 Oct 2024 03:41:39 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AHmUCY3y7WxB11uvp_WitCVDVOY3-QHGIotC2inygCTajehuOskyfReWRK9ylRwk1UXNdSuzddgUd5qULw
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 125ms
70ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Nov 2024 16:55:52 GMT
access-control-allow-origin: *
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
815 B 44ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 19331
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230042-FRA, cache-lga21934-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 439
x-jsd-version: master

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 121ms
74ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

x-amz-id-2: 8C3HeN/2sdR7xhD5JppSkyGDakCH8nftCMy8/8kb1Kd0YsRVA8U10zD6jUIDHTOhFrB01Q7gVrI=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a7da20199e9cb2cd9232f608481d0778"
age: 1816
x-amz-request-id: 9FVVVDEAD9SH8CVW
cf-ray: 8e51bafa8819c341-EWR
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 368ms
321ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Tue, 19 Nov 2024 16:55:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 4d90ed8b71f62cf080f619d76dd9ff25

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 64ms
19ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 27087
via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: lDjn8uw4yir-YUt7OLOl0ZcgV9eiCW5TEbI3Wr1lbwddDXGFIJvZFA==
date: Tue, 19 Nov 2024 09:24:26 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 151ms
22ms Script
text/javascript 2600:9000:2511:7a00:a:e047:754:afe1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7a00:a:e047:754:afe1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
Age: 30637
Connection: keep-alive
Via: 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: 0orbVOiQ-c3pu8SVyICwTZxy27cdmyYiFiY4ByBs7nCejIsilSawdg==
Date: Tue, 19 Nov 2024 08:25:16 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
33 KB 449ms
440ms Fetch
text/plain 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3150209114605081&correlator=1057867176264460&eid=31088950%2C31088969%2C31089059%2C31089065%2C95344210%2C83320949&output=ldjh&gdfp_req=1&vrg=202411130102&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=421469808%2Cworm.ist_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732035352680&lmt=1732035352&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fclass-30x.us%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=48851&tan=984d43f3-2c9b-4e72-843d-33c35effd602&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY2rDoqrQySABSAghkEhwKDWNyd2RjbnRybC5uZXQY2rDoqrQySABSAghkEhkKCnVpZGFwaS5jb20Y2rDoqrQySABSAghkEhQKBW9wZW54GNmw6Kq0MkgAUgIIZBIbCgxpZDUtc3luYy5jb20Y2rDoqrQySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNqw6Kq0MkgAUgIIZBIXCghydGJob3VzZRjasOiqtDJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732035351367&idt=793&cust_params=stack%3DAIP%26update_id%3D7.0%252019%252F11%252F24%252011%253A23%2520673c671534b36&adks=2337803185&frm=20&eoidce=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128231e9c6904556414492c22b86ec51e1b94690d3950972bb55fbcad6cb087b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 19 Nov 2024 16:55:53 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://class-30x.us
content-length: 33800
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 915F 0
0 149ms
18ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 16:55:52 GMT
expires: Tue, 19 Nov 2024 16:55:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411130102/ 49 KB
15 KB 21ms
14ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411130102/pubads_impl_page_level_ads.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cbcb80d9bef8096e36bee076da0a2a09bd800000349cee22b9e67d586497b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
etag: 1224917422621244473
age: 66237
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 22:31:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 18 Nov 2024 22:31:55 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15818
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
24 KB 392ms
391ms Fetch
text/plain 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3150209114605081&correlator=1518598963185762&eid=31088950%2C31088969%2C31089059%2C31089065%2C95344210%2C83320949&output=ldjh&gdfp_req=1&vrg=202411130102&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=421469808%2Cworm.ist_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732035352751&lmt=1732035352&adxs=315&adys=65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fclass-30x.us%2F&vis=1&psz=1440x1868&msz=970x-1&fws=4&ohw=970&td=1&egid=48851&tan=984d43f3-2c9b-4e72-843d-33c35effd603&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY2rDoqrQySABSAghkEhwKDWNyd2RjbnRybC5uZXQY2rDoqrQySABSAghkEhkKCnVpZGFwaS5jb20Y2rDoqrQySABSAghkEhQKBW9wZW54GNmw6Kq0MkgAUgIIZBIbCgxpZDUtc3luYy5jb20Y2rDoqrQySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNqw6Kq0MkgAUgIIZBIXCghydGJob3VzZRjasOiqtDJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732035351367&idt=793&prev_scp=CDT%3Dno%26refrate%3Dnew%26Refr%3DPubrefr%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252019%252F11%252F24%252011%253A23%2520673c671534b36%26FC%3D1%26OS%3DOther%26Conc%3DNo%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.22%26hb_adid_appnexus%3D1470ca4166ba311%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.22%26hb_adid%3D1470ca4166ba311%26hb_bidder%3Dappnexus&cust_params=stack%3DAIP%26update_id%3D7.0%252019%252F11%252F24%252011%253A23%2520673c671534b36%26amznbid%3D0%26amznp%3D0&adks=372115625&frm=20&eoidce=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74bf0128ed5ccd05001e109b87cf5f5f9cf6b48d92167aa228a431fa6527b84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 19 Nov 2024 16:55:53 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://class-30x.us
content-length: 24808
x-xss-protection: 0
server: cafe

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
532 B 71ms
18ms XHR
application/json 44.218.66.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.66.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-66-238.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6aa8c538e0ed0429b20b94c1cc4610f5cc9380b0fb3cbce4ad8819f5f19c4b10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://class-30x.us/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://class-30x.us
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Tue, 19 Nov 2024 16:55:52 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.11.153
server: Jetty(9.4.38.v20210224)

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 296ms
89ms XHR
text/plain 141.95.33.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://class-30x.us
date: Tue, 19 Nov 2024 16:55:52 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET usync.html
eus.rubiconproject.com/ Frame FD48 0
0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame D59B 0
0 293ms
3ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 40287
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 19 Nov 2024 16:55:53 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 33643
X-Served-By: cache-lga21920-LGA
X-Timer: S1732035353.172594,VS0,VE0

GET
H2 200 load-cookie.html
elb.the-ozone-project.com/static/ Frame 81E5 0
0 89ms
62ms Document
text/html 104.18.34.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&gpp=&gpp_sid=&pubcid.org=9e64bd39-4189-4303-9ec0-11966a1ad79f&publisherId=OZONEAIP0001&siteId=1500000135&cb=1732035352371&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e51bafbcf4a428e-EWR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Nov 2024 16:55:52 GMT
expires: 0
last-modified: Thu, 14 Nov 2024 12:07:56 GMT
pragma: no-cache
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Origin, Accept-Encoding

GET
H2 200 /
onetag-sys.com/usync/ Frame 730B 0
0 64ms
16ms Document
text/html 51.222.39.185
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1732035352340

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 157 B
424 B 182ms
95ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 43f9370baa9ba37d3315f799de8187f3906e2f10d974890af2ec02b02819bb46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157
date: Tue, 19 Nov 2024 16:55:53 GMT
content-type: application/json
x-cloud-trace-context: 24ed5b3d81a805b2bb6b89534fb76bbc
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H2 200 container.html
3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD38 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 16:55:52 GMT
expires: Tue, 19 Nov 2024 16:55:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7942 0
0 1ms
1ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 16:55:52 GMT
expires: Tue, 19 Nov 2024 16:55:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 59ms
23ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://class-30x.us/

Response headers

GET
H3 200 adsrich. Show response
fundingchoicesmessages.google.com/f/AGSKWxXyd-O-WIY0Ce9-mIouftN0ITV0X0LskGOSkpxSU1uveSkpVcUng8U0I4R-Hr2Ep6tIcHDxzJu2zefxvFLXVon03J0iAX0OzWUayHbd1UCydvCBQ_mXyHXi2GtHpGWyTWGXc659RG4ggc7J0xEhZFDpR4QSm... 54 B
109 B 37ms
34ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXyd-O-WIY0Ce9-mIouftN0ITV0X0LskGOSkpxSU1uveSkpVcUng8U0I4R-Hr2Ep6tIcHDxzJu2zefxvFLXVon03J0iAX0OzWUayHbd1UCydvCBQ_mXyHXi2GtHpGWyTWGXc659RG4ggc7J0xEhZFDpR4QSm9HziP0KxlAxqqr-RZMFW8tvOU5wKMCb/_-NewAd..vert.ad./tools/ad./ads/bg_/adsrich.

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba1eafb97b6308784a05705dad74757e5572af0a8145f659aea205d941e41581

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z7jb9xFJJ38wxRo9i5ELyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4lm9l1kXAfGM85dZFwBxkcQV1hYgvt10hfUxEDN8vcLKAcRCPBwz2z7vZBOY8eXCFGYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0NDQ3M9A7P4AgMAlxpItQ"
content-security-policy: script-src 'report-sample' 'nonce-Z7jb9xFJJ38wxRo9i5ELyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: br
etag: 2157040660662159465
age: 3527
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 16:57:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 19 Nov 2024 15:57:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15113
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
27ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Kovu01z5BrI.es5.O/am=DAY/d=1/rs=AJlcJMxwzcxkLd-Hqah3fm9s2HntQrhLpQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--stfe9BGIrkP5hjGenfHhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGY2fZ5J5vAik8L5jMruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0NzPQPz-AIDADjWKOU"
content-security-policy: script-src 'report-sample' 'nonce--stfe9BGIrkP5hjGenfHhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://class-30x.us
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 syncframe
gum.criteo.com/ Frame E733 0
0 111ms
27ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=class-30x.us&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://class-30x.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 16:55:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 370391
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H3 204 AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
44ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ABB80Qp9SoZl3XiUHWVjIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uaY1fZ5J5tAw7INvkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDQ0FzPwDy-wAAA9EQoKw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ABB80Qp9SoZl3XiUHWVjIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://class-30x.us
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
51ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HSJlFyU9yrZotEa32nqC-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoExO5aF1n9gZjh6xVWDiAW4uaY1fZ5J5vAi4sXMpRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGhobmegXl8gQEAKl4o7g"
content-security-policy: script-src 'report-sample' 'nonce-HSJlFyU9yrZotEa32nqC-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://class-30x.us
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 55ms
50ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGjDxCctn7ScqUeUBjY5ZcQZHqzHPGDoWWSnlqQdq_O2XXknHOghUeUJm8gTx0M6zLea8ykifYCGR_TkiQeYzo_3a7w4dBwH-wQDPrq9bZjRpqR1e0TOpScv0a2weAqCShRFoPKw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RSdDcG5QqZD3yf3fKEfAkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uaY1fZ5J5vAgv6P6UouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDQ0FzPwDy-wAAAEBMojg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RSdDcG5QqZD3yf3fKEfAkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://class-30x.us
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxU3zYXOXn9FmQIaES1ulbJu42dSK2pFznNBn9SWxo_OtLsEixUQm84ag8LseCh3dg-64FKXbe6XPyOSvrQmdA_3xRJ0jObXl4K9JOs5Xz36ML600cRPxnqt0aJehAp_f7K3A_pnJQ== Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 106ms
104ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU3zYXOXn9FmQIaES1ulbJu42dSK2pFznNBn9SWxo_OtLsEixUQm84ag8LseCh3dg-64FKXbe6XPyOSvrQmdA_3xRJ0jObXl4K9JOs5Xz36ML600cRPxnqt0aJehAp_f7K3A_pnJQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDM1MzU0LDE5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY2xhc3MtMzB4LnVzLyIsbnVsbCxbWzgsIktvdnUwMXo1QnJJIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c7eb4596bc443e0e124dce01b390001124daa3ff33f677838b2379e72688e0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k1qD0fm6sJIiR0b8h_qrZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4lm9l1kXAfHM85dZFwJxkcQV1hYgvt10hfUxEDN8vcLKAcRC3Byz2j7vZBNoaFpZq6SRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGhormdgFl9gAAA9-0fy"
content-security-policy: script-src 'report-sample' 'nonce-k1qD0fm6sJIiR0b8h_qrZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWQA01e-Xh8v6HA5mHyLMTkfTOWm3S055YIcBf4PAhK8Cg1KBhRnAg3_rAFpu9QZMlCee5pIVCZ7jhFin8e6NkFGiHFS2bvbF91BCwcxAC5BDVOhoNY0EiS8E0fE79g-kvK6ZI45w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 85ms
85ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWQA01e-Xh8v6HA5mHyLMTkfTOWm3S055YIcBf4PAhK8Cg1KBhRnAg3_rAFpu9QZMlCee5pIVCZ7jhFin8e6NkFGiHFS2bvbF91BCwcxAC5BDVOhoNY0EiS8E0fE79g-kvK6ZI45w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDM1MzU0LDMwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY2xhc3MtMzB4LnVzLyIsbnVsbCxbWzgsIktvdnUwMXo1QnJJIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41273ee6ff20681725a30e48fb45e77ed0ad8910a42d7f3e11a5d71b0c9d1775

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-fViXBGw1aHLo2wdfVLD99A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4lm9l1kXAfHM85dZFwJxkcQV1hYgvt10hfUxEDN8vcLKAcRCPByz2j7vZBN48P7bckYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0NDQ3M9A7P4AgMArelJMg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-fViXBGw1aHLo2wdfVLD99A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWirZoXGUTWAT5y8ouiMHk2RxQPA0zQU4GQqMTp3LnS3Wr8hD87LHqJauxmgQcCHwtrZZOpqRVnN0Dj4Nv8eqU3iJ2UCF5kEtnLuaEUiBPmOlH54ls52PF-owV_RUt-d2efLac6Tg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 118ms
117ms Script
application/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWirZoXGUTWAT5y8ouiMHk2RxQPA0zQU4GQqMTp3LnS3Wr8hD87LHqJauxmgQcCHwtrZZOpqRVnN0Dj4Nv8eqU3iJ2UCF5kEtnLuaEUiBPmOlH54ls52PF-owV_RUt-d2efLac6Tg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyMDM1MzU0LDQwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9jbGFzcy0zMHgudXMvIixudWxsLFtbOCwiS292dTAxejVCckkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

092c481b6a4c2dd0cfed0949aa21cc9ed17d9751564923c8b5007b5a77c48a17

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sGuYSGhKJe4iKHpneCBzrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://class-30x.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4lm9l1kXAfGM85dZFwBxkcQV1hYgvt10hfUxEDN8vcLKAcRCPByz2j7vZBNY0HP6I6OSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiaGhobmegVl8gQEAnOxIuA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sGuYSGhKJe4iKHpneCBzrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxX0hVOp51p9Yw-ywU6G7VLdmkriW4YPwelHAqntSb9b6Gz4aQKQBsieUQ_aMAKnDrOMZMGhHMm9QYs8xI2_ZjuNYHsshfSRBM37uNmCEECCob4cBIbMwZSiAWJxv0EUfYPFKqyT4A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 29ms
27ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX0hVOp51p9Yw-ywU6G7VLdmkriW4YPwelHAqntSb9b6Gz4aQKQBsieUQ_aMAKnDrOMZMGhHMm9QYs8xI2_ZjuNYHsshfSRBM37uNmCEECCob4cBIbMwZSiAWJxv0EUfYPFKqyT4A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JmMPiqRQTKD_GdTVW5gW8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://class-30x.us/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 16:55:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uGY1fZ5J5vAjznvW5mUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhoaG5noF5fIEBAED7KQc"
content-security-policy: script-src 'report-sample' 'nonce-JmMPiqRQTKD_GdTVW5gW8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://class-30x.us
content-length: 0
x-xss-protection: 0
server: ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 03:16:51	Name: pid Value: 4528732110197290806
.class-30x.us/	1970-01-21 10:43:15	Name: _ga_HBH0VG561V Value: GS1.1.1732035351.1.0.1732035351.0.0.0
.class-30x.us/	1970-01-21 10:43:15	Name: _ga Value: GA1.1.1477221563.1732035352
.class-30x.us/	1970-01-21 03:18:44	Name: CountryCode Value: US
.class-30x.us/	1970-01-21 03:18:44	Name: userFromEEA Value: false
.class-30x.us/	1970-01-21 09:52:51	Name: _sharedID Value: 9e64bd39-4189-4303-9ec0-11966a1ad79f
.class-30x.us/	1970-01-21 09:52:51	Name: _sharedID_cst Value: zix7LPQsHA%3D%3D
.rubiconproject.com/	1970-01-21 09:52:51	Name: khaos Value: M3OP4N4A-T-F4JP
.adnxs.com/	1970-01-21 03:16:51	Name: XANDR_PANID Value: oe3JvfPG--zqk-Ga_CR9EqiB837qtwxhDqZrEZuDD1SQZbCSG4UWzxv2onI-Glj3shdMv4-LYTBmJSGgYp6NvybWgCT8X6AmTiM6fxagimM.
.adnxs.com/	1970-01-21 03:16:51	Name: icu Value: ChgIzYVEEAoYASABKAEwmIbzuQY4AUABSAEQmIbzuQYYAA..
.adnxs.com/	1970-01-21 10:43:15	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:16:51	Name: uuid2 Value: 2641386197553763526
.crwdcntrl.net/	1970-01-21 07:36:00	Name: _cc_id Value: 18e8a007ec90f919de5b759318aabb9f
.class-30x.us/	1970-01-21 07:36:03	Name: _cc_id Value: 18e8a007ec90f919de5b759318aabb9f
.class-30x.us/	1970-01-21 01:08:41	Name: panoramaId_expiry Value: 1732121752868
.the-ozone-project.com/	1970-01-21 03:16:51	Name: ozone_uid Value: 2p4plXaTTibEMmFUNZNF6ySPWZ8
.the-ozone-project.com/	1970-01-21 01:07:17	Name: __cf_bm Value: oTv0KKUgxdjQBs2AKNigQKFILz01iHsYttMHlFNHpGI-1732035353-1.0.1.1-cKzs1v5Ue9kb0_XeeiFKdcHAIwmpXVJLaPvDBKbofDjUP4ijhSjzfEhVYqM9aOUfUQ1ozWoijucJ1Cn3g3qdyw
.class-30x.us/	1970-01-21 10:28:51	Name: __gads Value: ID=920c3c5411f3a3c1:T=1732035352:RT=1732035352:S=ALNI_MaZ2eWaMCuHX2YgsbfNsK-26CzB4w
.class-30x.us/	1970-01-21 10:28:51	Name: __gpi Value: UID=00000f993f9de919:T=1732035352:RT=1732035352:S=ALNI_MY3paXv212Ys4YiuOd_7RcWAZvZ9Q
.class-30x.us/	1970-01-21 05:26:27	Name: __eoi Value: ID=a558318e42e8735b:T=1732035352:RT=1732035352:S=AA-Afjbyf0ulqiVEAVcRGuxFxdvP
.bidswitch.net/	1970-01-21 09:52:51	Name: tuuid Value: 9b75f480-2b12-4e9a-bc03-f09dfa3370ec
.bidswitch.net/	1970-01-21 09:52:51	Name: c Value: 1732035353
.bidswitch.net/	1970-01-21 09:52:51	Name: tuuid_lu Value: 1732035353
.doubleclick.net/	1970-01-21 10:43:15	Name: IDE Value: AHWqTUnuWsSh7Vlr2cwpUXzwBg05wd2T1MjdBNZN0TBQDOmo6P9evcwJUxwzbCu-rJM
.criteo.com/	1970-01-21 10:28:51	Name: uid Value: 97a51ff4-4ec3-4ef3-9936-64725ec8fce8
.criteo.com/	1970-01-21 10:28:51	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 05:26:27	Name: APC Value: AfxxVi74MJI6_z9c7nd9V8990cj9LFwfWfP0tFm5jmCH9_hBtt6IfQ
.doubleclick.net/	1970-01-21 05:26:27	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-21 02:33:39	Name: uid Value: 1696587822408345137
.class-30x.us/	1970-01-21 09:52:51	Name: FCNEC Value: %5B%5B%22AKsRol-6B6D2dQKi_zKzKumIMLJHKLDN8j0GBHnD4DmVWLpdL59DmzfRAjD6FW3yuJk9WcUG_rYi2uW4yPU5fjPQ2V8dZ4QlILyOGHUBCm3e5wouuIZiaPiB5iootxQBcXiWN49XINhdeLX9F_TR_xc06OlZOAYoXQ%3D%3D%22%5D%5D
.rubiconproject.com/	1970-01-21 09:52:51	Name: audit_p Value: 1\|tcR/wBEzWcIgy8JHgfXwP1MG4C6D/t+3x5H4/Al95QWNxU+FvywYbGnaWSgfdjS4tasgnAE5dvDw5nKtbLCy0SL5hAXvaZVp5BBVZHxJiD/c6UO785F0Pw==
.rubiconproject.com/	1970-01-21 09:52:51	Name: khaos_p Value: M3OP4N4A-T-F4JP
.rubiconproject.com/	1970-01-21 09:52:51	Name: audit Value: 1\|tcR/wBEzWcIgy8JHgfXwP1MG4C6D/t+3x5H4/Al95QWNxU+FvywYbGnaWSgfdjS4tasgnAE5dvDw5nKtbLCy0SL5hAXvaZVp5BBVZHxJiD/c6UO785F0Pw==
.rubiconproject.com/	1970-01-21 03:16:51	Name: receive-cookie-deprecation Value: 1
.class-30x.us/	1970-01-21 10:28:51	Name: cto_bundle Value: bgBLwV9KNVE3UCUyRmtUSHpFRjZTZGdSZXhvWFkyRFRsdFZzQlVXVEo4SnlRU2tNJTJCdjdIYzRhU0xrR3hnZWxhN1VpTUs1b0p3cFlFcW1VZ2lBNjNOTThyYW9DdXFUb2E4VzJEVHdEcm5IalRXVWxUcktLd0N6MEZlSGQ5UEtyb0N5OGdHY3NabFgyTWtBeUI0RUhjTGY2SGQ3WkhLT3BmUGVjMmhmcE12eEs3OU1DUXY0JTNE
.openx.net/	1970-01-21 09:52:51	Name: i Value: 67e89cb9-bf0b-4a63-875e-b5056ce16e2f\|1732035355
.the-ozone-project.com/	1970-01-21 03:16:51	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJncmlkIjp7InVpZCI6IjliNzVmNDgwLTJiMTItNGU5YS1iYzAzLWYwOWRmYTMzNzBlYyIsImV4cGlyZXMiOiIyMDI0LTEyLTAzVDE2OjU1OjUzLjYxNjkzNDVaIn0sIm9wZW54Ijp7InVpZCI6IjhkOWEyYzJmLWFmMTMtNDY3ZC1iNjA0LWJkZjg4OTlkOWY1ZiIsImV4cGlyZXMiOiIyMDI0LTEyLTAzVDE2OjU1OjU1LjcwMTkxOTE1NVoifSwicnViaWNvbiI6eyJ1aWQiOiJNM09QNE40QS1ULUY0SlAiLCJleHBpcmVzIjoiMjAyNC0xMi0wM1QxNjo1NTo1NS4yMDM2MzkwMzNaIn0sInNtYXJ0Ijp7InVpZCI6IjQ1Mjg3MzIxMTAxOTcyOTA4MDYiLCJleHBpcmVzIjoiMjAyNC0xMi0wM1QxNjo1NTo1My4zMzc5MDA2N1oifX0sImJkYXkiOiIyMDI0LTExLTE5VDE2OjU1OjUzLjMzNzg5Njc3WiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b72800733829195df44972b5041f86f.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
api.adinplay.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cadmus.script.ac
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
class-30x.us
config.aps.amazon-adsystem.com
country.adinplay-venatus.workers.dev
elb.the-ozone-project.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gum.criteo.com
i.clean.gg
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
maxst.icons8.com
mp.4dex.io
oa.openxcdn.net
onetag-sys.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
server.cpmstar.com
static.criteo.net
tags.crwdcntrl.net
www.google-analytics.com
www.googletagmanager.com
eus.rubiconproject.com
104.18.34.190
108.138.115.149
108.138.128.46
131.153.172.93
141.95.33.120
151.101.129.108
18.173.132.105
18.173.140.223
2600:9000:2511:7a00:a:e047:754:afe1
2602:803:c002:200::32
2606:4700:10::ac43:266a
2606:4700:20::681a:2e8
2606:4700:3035::ac43:ade3
2606:4700:3037::6815:ed8
2606:4700:4400::ac40:994e
2606:4700::6811:190e
2606:4700::6812:1791
2607:f8b0:4006:807::2008
2607:f8b0:4006:807::200a
2607:f8b0:4006:808::200e
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200e
2620:100:a00b::12
2620:100:a00b::4
2a02:6ea0:c400::54
2a04:4e42::485
34.102.146.192
34.95.69.49
34.96.70.87
35.190.39.111
44.218.66.238
51.222.39.185
51.222.39.186
68.67.160.184
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
092c481b6a4c2dd0cfed0949aa21cc9ed17d9751564923c8b5007b5a77c48a17
0c0cbd22465bbe1b4d548626471cedd825fe8962388d46cb2b269dc962c8f788
0c7eb4596bc443e0e124dce01b390001124daa3ff33f677838b2379e72688e0d
0e3b5c442707239c8314146f7630d1efc65b642ea65eb8680feea8b0cd7ea225
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
128231e9c6904556414492c22b86ec51e1b94690d3950972bb55fbcad6cb087b
139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
193fdc7a48ae60adfa28663712b68539bead2a82033545589d0d97565c6e983b
2854f1442839ab6fb3c09e8f9372d4512ddfb1d56aeac6c3658c8e281c4089ad
301a6f3d7fea95ad6cf51eedfa506660f37aa3f2d3cfb3e28f4992510cb47b1c
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
41273ee6ff20681725a30e48fb45e77ed0ad8910a42d7f3e11a5d71b0c9d1775
43f9370baa9ba37d3315f799de8187f3906e2f10d974890af2ec02b02819bb46
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4716ecc4c3d6816c0cce4e62bd854fa32c81f9ced9eccd36d009723879e27fea
4e533a8084dfbed8098b1bcc579853702f9822d1832dd60d48cda7f1b853bfb7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
59855ab21479dde905cf48ff3e82c9c15fcf97c96f99276952e263ede1f58916
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5cbcb80d9bef8096e36bee076da0a2a09bd800000349cee22b9e67d586497b3c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6aa8c538e0ed0429b20b94c1cc4610f5cc9380b0fb3cbce4ad8819f5f19c4b10
7381e12d79a87abc5624f17d9ebc8fd764345e18c2e50721e1c013f2dbf7cb2a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bf0128ed5ccd05001e109b87cf5f5f9cf6b48d92167aa228a431fa6527b84c
750b027ed4b599c71cf7fa08280f7cd98bb55d263554c9a371ad8701f155a2fa
7d49fd142c0f355c82e85a06c9da27340646a33c69cd6eeafad3bfc04c5a70e6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
88f87269da4c62c1f51ef6d9d2d2b1d2a486f321ce7266931f84d6399e716f67
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
9e9558fe12b61a71d65a039cd3348fe2572cb55fbe72eaa19e1ac34b51d35054
9ec0e3d252ae073496068fdd8f0210ce555babd0effc705294a7be37d23cfc3e
a520089e498892ed0f8a93c220ad31eecd5fce604579187e0a3499f2265fdfa6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a620a290781ab35d710a5e164a689b4ec0a9a170585253c72e001dc1291a1aa8
ae050a0159c9519b836bf5a1a8ffb7c5c45611037cc18b40ed51b8af41eb10c0
ba1eafb97b6308784a05705dad74757e5572af0a8145f659aea205d941e41581
d62ad81942ad1170dae53f97d239e30c3a6799414c8a9557362933c1ba76c189
e0778613bd34066564195e28d54300a09a76952db902e617fa1ade180771cfb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaae794e80ef0b229b80a54cd4b8320b6f0771915e2cd265333baba023c40bf
f219083e290f3ffe11cc382eae09b2fa05cd9cc6777c183cda7a01c2baa54e9b
faf14cd2dc18bb5be6b7823718ab0659c2c7787aff3e7f715685a19d6cad3215

class-30x.us Open in urlscan Pro 2606:4700:3037::6815:ed8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

58 %IPv6

30 Domains

38 Subdomains

39 IPs

4 Countries

1227 kBTransfer

3733 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

class-30x.us Open in urlscan Pro
2606:4700:3037::6815:ed8 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

58 %
IPv6

30
Domains

38
Subdomains

39
IPs

4
Countries

1227 kB
Transfer

3733 kB
Size

37
Cookies

69 HTTP transactions
0 data transactions