urlscan.io logo urlscan.io
SecurityTrails logo

curlercow9.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-schoo...
Effective URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-schoo...
Submission: On May 12 via manual from US — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 34 HTTP transactions. The main IP is 54.36.158.42, located in Paris, France and belongs to OVH, FR. The main domain is curlercow9.xtgem.com.
This is the only time curlercow9.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.36.158.42 16276 (OVH)
1 34.232.117.190 14618 (AMAZON-AES)
1 143.204.215.119 16509 (AMAZON-02)
1 157.56.13.114 8075 (MICROSOFT...)
1 143.204.215.5 16509 (AMAZON-02)
6 141.94.172.213 16276 (OVH)
1 91.228.74.136 16509 (AMAZON-02)
9 142.250.185.142 15169 (GOOGLE)
1 2 65.9.7.116 16509 (AMAZON-02)
1 142.250.186.67 15169 (GOOGLE)
1 2 142.250.184.194 15169 (GOOGLE)
1 142.250.186.102 15169 (GOOGLE)
4 142.250.185.74 15169 (GOOGLE)
1 142.250.185.100 15169 (GOOGLE)
1 142.250.185.161 15169 (GOOGLE)
1 142.250.185.86 15169 (GOOGLE)
1 172.217.23.99 15169 (GOOGLE)
1 2 91.228.74.198 16509 (AMAZON-02)
34 19
1    54.36.158.42 (Paris, France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
curlercow9.xtgem.com
1    34.232.117.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-117-190.compute-1.amazonaws.com
www.cgma.org
1    143.204.215.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-119.fra53.r.cloudfront.net
d3njjcbhbojbot.cloudfront.net
1    157.56.13.114 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.publicconsultinggroup.com
1    143.204.215.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-5.fra53.r.cloudfront.net
d2ouvy59p0dg6k.cloudfront.net
6    141.94.172.213 (France)

ASN16276 (OVH, FR)
5.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    91.228.74.136 (United Kingdom)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
9    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.youtube.com
2    65.9.7.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-116.fra56.r.cloudfront.net
rules.quantcount.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
static.doubleclick.net
4    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
jnn-pa.googleapis.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
yt3.ggpht.com
1    142.250.185.86 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f22.1e100.net
i.ytimg.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net
www.gstatic.com
2    91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
736 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 276
22 KB
4 xtgem.com
curlercow9.xtgem.com
xtgem.com — Cisco Umbrella Rank: 234910
16 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
static.doubleclick.net — Cisco Umbrella Rank: 358
1 KB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 12885
pixel.quantserve.com — Cisco Umbrella Rank: 427
11 KB
3 xtstatic.com
5.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
2 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
18 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
858 B
2 cloudfront.net
d3njjcbhbojbot.cloudfront.net
d2ouvy59p0dg6k.cloudfront.net
394 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
28 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 211
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 7
14 KB
1 publicconsultinggroup.com
www.publicconsultinggroup.com
119 KB
1 cgma.org
www.cgma.org — Cisco Umbrella Rank: 976394
389 KB
34 14
Domain Requested by
9 www.youtube.com curlercow9.xtgem.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 xtgem.com curlercow9.xtgem.com
2 pixel.quantserve.com 1 redirects curlercow9.xtgem.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 rules.quantcount.com 1 redirects curlercow9.xtgem.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 cif.images.xtstatic.com curlercow9.xtgem.com
1 enif.images.xtstatic.com curlercow9.xtgem.com
1 edge.quantserve.com curlercow9.xtgem.com
1 5.thumbs.xtstatic.com curlercow9.xtgem.com
1 d2ouvy59p0dg6k.cloudfront.net curlercow9.xtgem.com
1 www.publicconsultinggroup.com curlercow9.xtgem.com
1 d3njjcbhbojbot.cloudfront.net curlercow9.xtgem.com
1 www.cgma.org curlercow9.xtgem.com
1 curlercow9.xtgem.com
34 21

This site contains links to these domains. Also see Links.

Domain
controlc.com
xtgem.com
Subject Issuer Validity Valid
us.aicpa.org
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-09-21		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.publicconsultinggroup.com
Entrust Certification Authority - L1K		 2021-06-04 -
2022-06-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.xtgem.com
R3		 2022-04-25 -
2022-07-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Frame ID: 8446CF9A75AB0C2C57DB98B3CBF13A38
Requests: 11 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 5E0C27A9E1C9BE86D23A4D5DD7DBF5B2
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 3CEC16E1BE83AA3ED9B8B72372B06BC7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ElW7RUo-gr4
Frame ID: D96D464141449E2FC265115647653ED6
Requests: 19 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9jdXJsZXJjb3c5Lnh0Z2VtLmNvbVwvX194dF9ibG9nXC9fX3h0YmxvZ19lbnRyeT9fX3h0YmxvZ19lbnRyeT0yNjc2OTk2OSZfX3h0YmxvZ19ibG9ja19pZD0xIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiY3VybGVyY293OS54dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Frame ID: F4D13D4C98BDF54EE19DA0D04688E078
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finance - Faculty & Research - Harvard Business School Things To Know Before You Buy - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

34
Requests

71 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

19
IPs

3
Countries

1756 kB
Transfer

3787 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 18
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 29
  • http://pixel.quantserve.com/pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-539680607-1652353866983;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1652353866982;tzo=0;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-539680607-1652353866983;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1652353866982;tzo=0;ogl=

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy
curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
a1fd203c0a27289fb9488fc561dbd75c916a121d8f949880e0f2e84374c4ea96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
7560
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 May 2022 11:11:04 GMT
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Pragma
no-cache
Vary
Host,Accept-Encoding
finance-transformation-819x400.jpg
www.cgma.org/content/dam/cgma/resources/reports/publishingimages/ 		388 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cgma.org/content/dam/cgma/resources/reports/publishingimages/finance-transformation-819x400.jpg
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.117.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-117-190.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7456f14e7e82e7bc6892d12d3664e7db143bcefc9ccbef5923ad94f80038a3eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:11:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 21:58:04 GMT
server
Apache
etag
"61018-5d09e8daeb300"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
content-length
397336
x-xss-protection
1; mode=block
fundamentalsFinance_coursera_exploration3.jpg
d3njjcbhbojbot.cloudfront.net/api/utilities/v1/imageproxy/https://coursera-course-photos.s3.amazonaws.com/89/15687fa52e445a88b80a0b2bc7f575/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3njjcbhbojbot.cloudfront.net/api/utilities/v1/imageproxy/https://coursera-course-photos.s3.amazonaws.com/89/15687fa52e445a88b80a0b2bc7f575/fundamentalsFinance_coursera_exploration3.jpg?auto=format%2Ccompress&dpr=1
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-119.fra53.r.cloudfront.net
Software
envoy /
Resource Hash
ed2532182c03789f5aaf960000ec39dc7c43864edb68a876357f72de38ef89bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-coursera-request-id
N4WKodHkEeyFzRIMzfPZ7Q
x-envoy-upstream-service-time
6
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
server
envoy
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000
x-amz-cf-id
eFJBcLFg_yPjFOABOPIJDXpuG72O3RMniIClvFNqbeGHxImDxGFxfQ==
x-coursera-trace-id-hex
55b3b2aa8b2cd569
tc-finance.jpg
www.publicconsultinggroup.com/media/1420/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.publicconsultinggroup.com/media/1420/tc-finance.jpg?width=900&height=450
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.56.13.114 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ececc088274e4bc35a28895384c602efac372b324c799713c0ddf90aa00a7f2

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 May 2022 11:11:06 GMT
Last-Modified
Thu, 12 May 2022 11:11:06 GMT
ImageProcessedBy
ImageProcessor/2.5.4.0 - ImageProcessor.Web/4.8.4.0
ETag
W/"774983f9f065d81:0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, must-revalidate, max-age=604800
Accept-Ranges
bytes
Content-Length
121379
Expires
Thu, 19 May 2022 11:11:06 GMT
finance_557502.png
d2ouvy59p0dg6k.cloudfront.net/img/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ouvy59p0dg6k.cloudfront.net/img/finance_557502.png
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-5.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a86cf3bb24d9c93d29437f0b9dffc5b37d48754b8f08c6cbb1583a125057ff75

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 May 2022 10:44:44 GMT
Via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 30 Jun 2016 14:24:44 GMT
Server
AmazonS3
Age
347181
ETag
"7b272a0e1055fa41dfb3ed8b0fd8ed88"
X-Cache
Hit from cloudfront
x-amz-version-id
null
Cache-Control
max-age=604802
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Type
image
Content-Length
363760
X-Amz-Cf-Id
N83TB0L1KOEVTkBRqZd8Wi6RH8DX7R2OgXHoxf_YCcIEfly2MJxm4Q==
insane-481107.jpg
5.thumbs.xtstatic.com/100/50/-/578d0bcc2530f4abf70ce0004aaa26d5/awesometattoos.xtgem.com/images/blog/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://5.thumbs.xtstatic.com/100/50/-/578d0bcc2530f4abf70ce0004aaa26d5/awesometattoos.xtgem.com/images/blog/insane-481107.jpg
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1eb0bef08d2354244362c141711ab669eb8c2a30f49bdfd03c551af896dc4863

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 May 2022 11:11:05 GMT
X-Ngz
1
Last-Modified
Sun, 28 Oct 2018 05:23:34 GMT
ETag
"50f-0"
Sent-XS
0.000
Content-Type
image/jpeg
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Content-Length
1295
Expires
Sat, 14 May 2022 11:11:05 GMT
quant.js
edge.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
91.228.74.136 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 May 2022 11:11:05 GMT
Content-Encoding
gzip
Etag
"u2JtyZzqnTXwzBUswy2r+w=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 19 May 2022 11:11:05 GMT
tp.gif
enif.images.xtstatic.com/ Frame 5E0C 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://curlercow9.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Thu, 12 May 2022 11:11:05 GMT
ETag
"2a-59774aa04e000"
Expires
Sat, 11 Jun 2022 11:11:05 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
tp.gif
cif.images.xtstatic.com/ Frame 3CEC 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://curlercow9.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Thu, 12 May 2022 11:11:05 GMT
ETag
"2a-59774aa04e000"
Expires
Sat, 11 Jun 2022 11:11:05 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ElW7RUo-gr4
www.youtube.com/embed/ Frame D96D 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ElW7RUo-gr4
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
b353610465de49e0528e53a9bbef07f0fc0d0bd851d4abc8c9913051e7924e40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://curlercow9.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 12 May 2022 11:11:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=is for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
__xt_authbar
xtgem.com/ Frame F4D1 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9jdXJsZXJjb3c5Lnh0Z2VtLmNvbVwvX194dF9ibG9nXC9fX3h0YmxvZ19lbnRyeT9fX3h0YmxvZ19lbnRyeT0yNjc2OTk2OSZfX3h0YmxvZ19ibG9ja19pZD0xIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiY3VybGVyY293OS54dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
af6b87bf07d2e26eb563207a836bf4c37d739359728eb0397ec7fa8a3b523ae9

Request headers

Referer
http://curlercow9.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
2921
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 May 2022 11:11:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Vary
Accept-Encoding
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://curlercow9.xtgem.com/
Origin
http://curlercow9.xtgem.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 May 2022 11:11:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 May 2022 11:11:05 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Sat, 11 Jun 2022 11:11:05 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
H2
Server
65.9.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 03:28:51 GMT
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
age
27850
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
gLMMZxAHLPuEBlX9BoLSMfZEfWNJTOnsiVhUShLekeGZpRrU3sOPNQ==

Redirect headers

Date
Thu, 12 May 2022 11:11:06 GMT
Via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
2nxNK9UomGO_GRb8qsDh52f21iQ7PQy4gu2nE8kEYpAZAx7DjheT1w==
www-player.css
www.youtube.com/s/player/8a298c38/ Frame D96D 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8a298c38/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
877bfd2d71649f8bf5fca798c7b0100d50e7e5440c72eaed4528688e1626102f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:57:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
72842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47172
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:57:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D96D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 May 2022 17:06:41 GMT
x-content-type-options
nosniff
age
151465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 10 May 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/8a298c38/www-embed-player.vflset/ Frame D96D 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8a298c38/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
35e84aafa79fca84178a0755bd9f5a1812fd0fcf926bdec4e502d4eeaf376324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:57:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
72842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87680
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:57:04 GMT
base.js
www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/ Frame D96D 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
499cf8a3d0fe34a782b8bce2e5d7dd96c470086d0ab5200be05bbbfc2039b418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 17:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
62154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
540992
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 17:55:12 GMT
fetch-polyfill.js
www.youtube.com/s/player/8a298c38/fetch-polyfill.vflset/ Frame D96D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8a298c38/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:57:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
72842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:57:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame D96D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1c8f98d2ae9f08d23f8d58b2ebab7ba36cbae459df32978c53d5532d2303db76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 May 2022 11:11:07 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D96D 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:08:11 GMT
x-content-type-options
nosniff
age
176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 12 May 2022 11:23:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 12 May 2022 11:11:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D96D 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
14001f9706154e18acc0be55475305446d01e2151dd5b570c7dba9deaf1b5277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 12 May 2022 11:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22207
x-xss-protection
0
remote.js
www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/ Frame D96D 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
46c9833d6d50ffe54cad7118291b3192b090b29b45e69b54e58154d72a2d697e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 18:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
59523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37775
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 18:39:03 GMT
pnS8W8CLkwK18al8dwuWUw6UNwvOiNhGGw5Co3IGe3M.js
www.google.com/js/th/ Frame D96D 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/pnS8W8CLkwK18al8dwuWUw6UNwvOiNhGGw5Co3IGe3M.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
sffe /
Resource Hash
a674bc5bc08b9302b5f1a97c770b96530e94370bce88d8461b0e42a372067b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 05:04:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
108380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13672
x-xss-protection
0
last-modified
Mon, 02 May 2022 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 05:04:47 GMT
embed.js
www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/ Frame D96D 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
aa58f2ea1b753b46cd110a57f451d5738e0dc3b0f7dc0c3002cf139fd854103b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 May 2022 17:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
62153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8100
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 17:55:13 GMT
truncated
/ Frame D96D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
tO8Ut4tYcvrmrf1OStPqKFDPPO5jz3ZglN4fF4bY-SQ-rghWMDFBb32s4WzVnHwAZx0L4i5g2Zc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D96D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/tO8Ut4tYcvrmrf1OStPqKFDPPO5jz3ZglN4fF4bY-SQ-rghWMDFBb32s4WzVnHwAZx0L4i5g2Zc=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
fife /
Resource Hash
97c97142897cc7c0edc0ba18c1c38a628e5ec139ed6cf4e7e9c30a7a41644a62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:09:24 GMT
x-content-type-options
nosniff
age
3703
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4866
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 26 Mar 2022 20:08:56 GMT
sddefault.webp
i.ytimg.com/vi_webp/ElW7RUo-gr4/ Frame D96D 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ElW7RUo-gr4/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f22.1e100.net
Software
sffe /
Resource Hash
2493779e8945d428e833d17ed6ab458a2e19b049469aa64d394694a778a43aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:11:07 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28568
x-xss-protection
0
server
sffe
etag
"1652201940"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 May 2022 11:16:07 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D96D 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 11:11:07 GMT
pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvard-business-school-things-to-k...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvard...
  • https://pixel.quantserve.com/pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvar...
35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-539680607-1652353866983;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1652353866982;tzo=0;ogl=
Requested by
Host: curlercow9.xtgem.com
URL: http://curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy?__xtblog_block_id=1
Protocol
H2
Server
91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
is-IS,is;q=0.9
Referer
http://curlercow9.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 11:11:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Date
Thu, 12 May 2022 11:11:07 GMT
Access-Control-Allow-Origin
*
Location
https://pixel.quantserve.com/pixel;r=1606961183;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fcurlercow9.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F26769969-finance-faculty-research-harvard-business-school-things-to-know-before-you-buy%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-539680607-1652353866983;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1652353866982;tzo=0;ogl=
Cache-Control
private, no-transform, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 13 May 2022 11:11:07 GMT
generate_204
www.youtube.com/ Frame D96D 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?79OWlw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ElW7RUo-gr4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:11:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D96D 		98 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
ca1eeaa471a60a7fa87f1e6bbe07b2572cb75b568c622e8693573d8c67552615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 12 May 2022 11:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 12 May 2022 11:11:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame D96D 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8a298c38/player_ias.vflset/is_IS/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ElW7RUo-gr4
X-YouTube-Client-Version
1.20220510.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtQMHpHZGxHR2g0VSjJ1vOTBg%3D%3D
X-YouTube-Ad-Signals
dt=1652353866510&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 12 May 2022 11:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 12 May 2022 11:11:09 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

8 Cookies

Domain/Path Name / Value
curlercow9.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: 073364025961f1c8247a621576adca4e
.xtgem.com/ Name: _xta_vid
Value: 1eac5e8f64209da7bcd71a45f9b38c7e-1652353865
.youtube.com/ Name: YSC
Value: gChYs_pFp0w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: P0zGdlGGh4U
.www.publicconsultinggroup.com/ Name: ARRAffinitySameSite
Value: 275306f9f9d760fb26713c40c1ddaba9cc6a1c7818138565d08c2df5943556b1
.quantserve.com/ Name: mc
Value: 627ceb4c-1147e-5d24a-b9504
.xtgem.com/ Name: __qca
Value: P0-539680607-1652353866983

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5.thumbs.xtstatic.com
cif.images.xtstatic.com
curlercow9.xtgem.com
d2ouvy59p0dg6k.cloudfront.net
d3njjcbhbojbot.cloudfront.net
edge.quantserve.com
enif.images.xtstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pixel.quantserve.com
rules.quantcount.com
static.doubleclick.net
www.cgma.org
www.google.com
www.gstatic.com
www.publicconsultinggroup.com
www.youtube.com
xtgem.com
yt3.ggpht.com
141.94.172.213
142.250.184.194
142.250.185.100
142.250.185.142
142.250.185.161
142.250.185.74
142.250.185.86
142.250.186.102
142.250.186.67
143.204.215.119
143.204.215.5
157.56.13.114
172.217.23.99
34.232.117.190
54.36.158.42
65.9.7.116
91.228.74.136
91.228.74.198
14001f9706154e18acc0be55475305446d01e2151dd5b570c7dba9deaf1b5277
1c8f98d2ae9f08d23f8d58b2ebab7ba36cbae459df32978c53d5532d2303db76
1eb0bef08d2354244362c141711ab669eb8c2a30f49bdfd03c551af896dc4863
2493779e8945d428e833d17ed6ab458a2e19b049469aa64d394694a778a43aef
2ececc088274e4bc35a28895384c602efac372b324c799713c0ddf90aa00a7f2
35e84aafa79fca84178a0755bd9f5a1812fd0fcf926bdec4e502d4eeaf376324
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46c9833d6d50ffe54cad7118291b3192b090b29b45e69b54e58154d72a2d697e
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
499cf8a3d0fe34a782b8bce2e5d7dd96c470086d0ab5200be05bbbfc2039b418
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7456f14e7e82e7bc6892d12d3664e7db143bcefc9ccbef5923ad94f80038a3eb
877bfd2d71649f8bf5fca798c7b0100d50e7e5440c72eaed4528688e1626102f
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
97c97142897cc7c0edc0ba18c1c38a628e5ec139ed6cf4e7e9c30a7a41644a62
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1fd203c0a27289fb9488fc561dbd75c916a121d8f949880e0f2e84374c4ea96
a674bc5bc08b9302b5f1a97c770b96530e94370bce88d8461b0e42a372067b73
a86cf3bb24d9c93d29437f0b9dffc5b37d48754b8f08c6cbb1583a125057ff75
aa58f2ea1b753b46cd110a57f451d5738e0dc3b0f7dc0c3002cf139fd854103b
af6b87bf07d2e26eb563207a836bf4c37d739359728eb0397ec7fa8a3b523ae9
b353610465de49e0528e53a9bbef07f0fc0d0bd851d4abc8c9913051e7924e40
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ca1eeaa471a60a7fa87f1e6bbe07b2572cb75b568c622e8693573d8c67552615
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2532182c03789f5aaf960000ec39dc7c43864edb68a876357f72de38ef89bd
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629