urlscan.io logo urlscan.io
SecurityTrails logo

valleypimple7.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?_...
Effective URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?_...
Submission: On September 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is valleypimple7.xtgem.com.
This is the only time valleypimple7.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.36.158.42 16276 (OVH)
1 23.45.237.106 16625 (AKAMAI-AS)
1 13.225.78.38 16509 (AMAZON-02)
1 208.109.27.101 398101 (GO-DADDY-...)
1 192.0.78.130 2635 (AUTOMATTIC)
6 178.33.123.218 16276 (OVH)
1 91.228.74.134 16509 (AMAZON-02)
1 2 13.224.193.27 16509 (AMAZON-02)
1 2 91.228.74.198 16509 (AMAZON-02)
14 9
1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
valleypimple7.xtgem.com
1    23.45.237.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-106.deploy.static.akamaitechnologies.com
www.goldmansachs.com
1    13.225.78.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-38.fra2.r.cloudfront.net
www.efinancialcareers.com
1    208.109.27.101 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-208-109-27-101.ip.secureserver.net
cbsnewsltd.com
1    192.0.78.130 (United States)

ASN2635 (AUTOMATTIC, US)
plopdo.com
6    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
1    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
2    13.224.193.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-27.fra2.r.cloudfront.net
rules.quantcount.com
2    91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Domain Requested by
4 xtgem.com valleypimple7.xtgem.com
2 pixel.quantserve.com 1 redirects valleypimple7.xtgem.com
2 rules.quantcount.com 1 redirects valleypimple7.xtgem.com
1 cif.images.xtstatic.com valleypimple7.xtgem.com
1 enif.images.xtstatic.com valleypimple7.xtgem.com
1 edge.quantserve.com valleypimple7.xtgem.com
1 plopdo.com valleypimple7.xtgem.com
1 cbsnewsltd.com valleypimple7.xtgem.com
1 www.efinancialcareers.com valleypimple7.xtgem.com
1 www.goldmansachs.com valleypimple7.xtgem.com
1 valleypimple7.xtgem.com
14 11

This site contains links to these domains. Also see Links.

Domain
squareblogs.net
xtgem.com
Subject Issuer Validity Valid
cdn-ak-1.gs.com
DigiCert SHA2 Extended Validation Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
www.efinancialcareers.com
Amazon		 2021-01-04 -
2022-02-02		 a year crt.sh
cbsnewsltd.com
Go Daddy Secure Certificate Authority - G2		 2021-02-11 -
2022-02-11		 a year crt.sh
tls.automattic.com
R3		 2021-08-15 -
2021-11-13		 3 months crt.sh
*.xtgem.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 4 frames:

Primary Page: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Frame ID: 6EC19A8A341EF55EBB7565B3FA4BD325
Requests: 11 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: D7C421F01956FA5C54D247628D81522E
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 6B39F036365C32659200627D9F600299
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC92YWxsZXlwaW1wbGU3Lnh0Z2VtLmNvbVwvX194dF9ibG9nXC9fX3h0YmxvZ19lbnRyeT9fX3h0YmxvZ19lbnRyeT0yMzI3NDY5MCZfX3h0YmxvZ19ibG9ja19pZD0xIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoidmFsbGV5cGltcGxlNy54dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Frame ID: 5D1D714C2D1F09AA16E6C4F15B643377
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Investment Banker - OnlineCollege.org - The Facts - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+/binaries/(?:[^/]+/)*content/gallery/
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

14
Requests

50 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

9
IPs

4
Countries

435 kB
Transfer

472 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 12
  • http://pixel.quantserve.com/pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecollege.org-the-facts%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-811085978-1632529932209;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1632529932209;tzo=0;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecollege.org-the-facts%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-811085978-1632529932209;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1632529932209;tzo=0;ogl=

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 23274690-investment-banker-onlinecollege.org-the-facts
valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
dc928daa401d775d676c69c66a298a49439200c077768e32f0de5489a897dbc7

Request headers

Host
valleypimple7.xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 25 Sep 2021 00:32:09 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=e2bfdd23667373ce495d00e12829caeb; expires=Mon, 25-Sep-2023 00:32:11 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly _xta_vid=ef0b3eac9f9bdf5eee646418161d503b-1632529931; expires=Sat, 25-Sep-2021 01:02:11 GMT; Max-Age=1800; path=/; domain=.xtgem.com; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
6424
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
investment-banking-hero.png
www.goldmansachs.com/careers/divisions/investment-banking/images/ 		85 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.goldmansachs.com/careers/divisions/investment-banking/images/investment-banking-hero.png
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-106.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ffb6e7bde5473dcfeab9ac853345aee7f0b4332dcaf6a3aadc80293a65b97aee
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

device_os
Windows NT
is_tablet
false
date
Sat, 25 Sep 2021 00:32:12 GMT
physical_screen_width
280
x-check-cacheable
YES
is_mobile
false
mobile_browser_version
89
mobile_browser
Chrome
physical_screen_height
175
last-modified
Tue, 29 Sep 2020 21:37:40 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
87546
x-akamai-device-characteristics
ajax_preferred_geoloc_api=none;device_os=Windows NT;device_os_version=10.0;is_tablet=false;is_wireless_device=false2;mobile_browser=Chrome;mobile_browser_version=89;physical_screen_height=175;physical_screen_width=280;resolution_height=800;resolution_width=1280;viewport_initial_scale=;viewport_width=width_equals_max_image_width;is_mobile=false
viewport_initial_scale
viewport_width
width_equals_max_image_width
resolution_height
800
device_os_version
10.0
server
Akamai Image Manager
etag
"10aa34-58b401cc1bd3d"
x-serial
1932
content-type
image/webp
ajax_preferred_geoloc_api
none
x-xss-protection
1; mode=block
cache-control
private, no-transform, max-age=43200, private
resolution_width
1280
is_wireless_device
false
expires
Sat, 25 Sep 2021 12:32:12 GMT
Busy-1.jpg
www.efinancialcareers.com/binaries/content/gallery/efinancial-careers/articles/2019/01/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.efinancialcareers.com/binaries/content/gallery/efinancial-careers/articles/2019/01/Busy-1.jpg
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-38.fra2.r.cloudfront.net
Software
nginx/1.19.9 /
Resource Hash
70525150e6bcc9dbf5e4d02c37579f2d814150dda6765c48976a6afee0290a86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Via
1.1 b26814b9dbe71dc1916d211eeeec7ffd.cloudfront.net (CloudFront), 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
Age
5500538
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
135784
Last-Modified
Mon, 28 Jan 2019 14:38:59 GMT
Server
nginx/1.19.9
Etag
"1583555706502"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg;charset=UTF-8
Cache-Control
public, immutable, max-age=78343055
X-Amz-Cf-Pop
IAD66-C1, FRA2-C2
Accept-Ranges
bytes
X-Target-Backend
ohfqBc5SV9DJodfDnY5uBMgm0D1M0xGj5UNXsNz8Z1I4I9jXVgY5VCminqFJSlCK
X-Amz-Cf-Id
a3GJb8UBwNiV0q7CkDptyEfgYKgq-eSf3zMoe9XG6WBpSQ02Yvak-g==
Expires
Tue, 16 Jan 2024 02:34:09 GMT
6149019a0f70c.jpg
cbsnewsltd.com/wp-content/uploads/2021/09/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsnewsltd.com/wp-content/uploads/2021/09/6149019a0f70c.jpg
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.27.101 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-208-109-27-101.ip.secureserver.net
Software
Apache /
Resource Hash
2e2df43fc4b1466bfe3c9c7618ec29ded021dab39313e5ef6210841208beaee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:32:12 GMT
last-modified
Mon, 20 Sep 2021 21:48:10 GMT
server
Apache
accept-ranges
bytes
etag
"4b84c65-9b12-5cc743cb249da"
content-length
39698
content-type
image/jpeg
role-of-investment-banker.jpg
plopdo.com/wp-content/uploads/2019/01/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plopdo.com/wp-content/uploads/2019/01/role-of-investment-banker.jpg
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.130 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4fccac40ccfd639260c6d0478562350c5891ae83fcd9e31f1e0dcbc65f3745b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:32:12 GMT
x-ac
2.hhn _atomic_ams
last-modified
Mon, 14 Jan 2019 12:05:52 GMT
server
nginx
etag
"5c3c7b20-23255"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
143957
expires
Sat, 02 Oct 2021 00:32:12 GMT
xtgem-forums.jpg
xtgem.com/images/forum/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/forum/xtgem-forums.jpg
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 00:29:19 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
172
ETag
"20c8-59774aa04e000"
X-Cache
HIT
Content-Type
image/jpeg
Expires
Mon, 25 Oct 2021 00:29:19 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
8392
X-Cache-Hits
39
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Content-Encoding
gzip
Etag
"dfAcRt65NMPvqdNgsZZi3w=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 02 Oct 2021 00:32:12 GMT
tp.gif
enif.images.xtstatic.com/ Frame D7C4 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://valleypimple7.xtgem.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/

Response headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Mon, 25 Oct 2021 00:32:12 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame 6B39 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://valleypimple7.xtgem.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/

Response headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Mon, 25 Oct 2021 00:32:12 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
Cookie set __xt_authbar
xtgem.com/ Frame 5D1D 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC92YWxsZXlwaW1wbGU3Lnh0Z2VtLmNvbVwvX194dF9ibG9nXC9fX3h0YmxvZ19lbnRyeT9fX3h0YmxvZ19lbnRyeT0yMzI3NDY5MCZfX3h0YmxvZ19ibG9ja19pZD0xIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoidmFsbGV5cGltcGxlNy54dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
300f04a632941d6c9623b7ecc5e03ed180dbe1a6e8f90207c564ed80141c1a59

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://valleypimple7.xtgem.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/

Response headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w3~0mbnj4p4m8pd94np7s2enq0835; expires=Sun, 26-Sep-2021 00:32:12 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Mon, 25-Oct-2021 00:32:12 GMT; Max-Age=2592000; path=/ __lang=US; expires=Mon, 25-Oct-2021 00:32:12 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2933
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
xtgem-icons.woff
xtgem.com/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://valleypimple7.xtgem.com/
Origin
http://valleypimple7.xtgem.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
X-Cache-Hits
0
close2.png
xtgem.com/images/ 		564 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 00:32:08 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
3
ETag
"234-59774aa04e000"
X-Cache
HIT
Content-Type
image/png
Expires
Mon, 25 Oct 2021 00:32:08 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
4
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 03:16:26 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
age
76610
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
180I74f2QeyIzagQYf8PuNvMqXbfvKXBRd1f5S5mfoG5TEqeDK-h6A==

Redirect headers

Date
Sat, 25 Sep 2021 00:32:12 GMT
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Zq6pPmtvsUuOqL11t8ajp8kZ3vxLgKkHKiLFLV73ngzCkBN5gOZEwA==
pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecollege.org-the-facts%3F__xtblog_...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecolle...
  • https://pixel.quantserve.com/pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecoll...
35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecollege.org-the-facts%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-811085978-1632529932209;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1632529932209;tzo=0;ogl=
Requested by
Host: valleypimple7.xtgem.com
URL: http://valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23274690-investment-banker-onlinecollege.org-the-facts?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://valleypimple7.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 00:32:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1108031722;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fvalleypimple7.xtgem.com%2F__xt_blog%2F__xtblog_entry%2F__xtblog_entry%2F23274690-investment-banker-onlinecollege.org-the-facts%3F__xtblog_block_id%3D1%23xt_blog;uht=2;fpan=1;fpa=P0-811085978-1632529932209;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=xtgem.com;je=0;sr=1600x1200x24;dst=0;et=1632529932209;tzo=0;ogl=
Date
Sat, 25 Sep 2021 00:32:12 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Sun, 26 Sep 2021 00:32:12 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| pubcidCookie

7 Cookies

Domain/Path Name / Value
valleypimple7.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name: _dlt
Value: 1
.xtgem.com/ Name: _xta_uid
Value: e2bfdd23667373ce495d00e12829caeb
.xtgem.com/ Name: _xta_vid
Value: ef0b3eac9f9bdf5eee646418161d503b-1632529931
.quantserve.com/ Name: mc
Value: 614e6e0c-4c228-0bb22-99ee2
.xtgem.com/ Name: __qca
Value: P0-811085978-1632529932209
www.efinancialcareers.com/ Name: AWSALBCORS
Value: gFxRed2Skp3QeALWaR39Xuk1dPlkvY/g268+nBnuS2rKUBwszlHtZjLgPwocTl/n/cpF/e3u+X6Pzk4Er4m/COEF1YLoTlGyRRlG9ylrusKLv5KvHog0L9vHnPEj