urlscan.io logo urlscan.io
SecurityTrails logo

www.quilterinvestors.com Open in urlscan Pro
2606:4700::6812:1e66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://engage.quilterinvestors.com/action/click/?id=2A45585166579P17894
Effective URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Submission: On March 16 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 48 HTTP transactions. The main IP is 2606:4700::6812:1e66, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.quilterinvestors.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 4th 2021. Valid for: a year.
This is the only time www.quilterinvestors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 217.68.19.132 15830 (EQUINIX-C...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a04:4e42:3::622 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 151.101.12.157 54113 (FASTLY)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:22::14 8068 (MICROSOFT...)
3 151.101.194.133 54113 (FASTLY)
1 104.244.42.5 13414 (TWITTER)
1 52.0.1.164 14618 (AMAZON-AES)
4 13.69.65.23 8075 (MICROSOFT...)
2 52.20.19.138 14618 (AMAZON-AES)
48 19
3    217.68.19.132 (United Kingdom)

ASN15830 (EQUINIX-CONNECT, GB)
PTR: stoneshot.com
engage.quilterinvestors.com
www.stoneshot.com
10    2606:4700::6812:1e66 (United States)

ASN13335 (CLOUDFLARENET, US)
www.quilterinvestors.com
7    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a04:4e42:3::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    2606:4700::6812:1276 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.episerver.net
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a02:26f0:1700:1b0::2db0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdnssl.clicktale.net
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:10c:582::25ea (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
embed-fastly.wistia.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    52.0.1.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-1-164.compute-1.amazonaws.com
distillery.wistia.com
4    13.69.65.23 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    52.20.19.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-19-138.compute-1.amazonaws.com
fg8vvsvnieiv3ej16jby.litix.io
Domain Requested by
10 www.quilterinvestors.com www.quilterinvestors.com
7 fast.wistia.com www.quilterinvestors.com
fast.wistia.com
7 cdn-ukwest.onetrust.com www.quilterinvestors.com
cdn-ukwest.onetrust.com
4 dc.services.visualstudio.com az416426.vo.msecnd.net
3 embed-fastly.wistia.com www.quilterinvestors.com
az416426.vo.msecnd.net
3 fonts.gstatic.com fonts.googleapis.com
2 fg8vvsvnieiv3ej16jby.litix.io az416426.vo.msecnd.net
2 px.ads.linkedin.com 1 redirects www.quilterinvestors.com
2 www.stoneshot.com www.quilterinvestors.com
1 distillery.wistia.com az416426.vo.msecnd.net
1 t.co www.quilterinvestors.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.quilterinvestors.com
1 static.ads-twitter.com www.quilterinvestors.com
1 cdnssl.clicktale.net www.quilterinvestors.com
1 az416426.vo.msecnd.net www.quilterinvestors.com
1 www.googletagmanager.com www.quilterinvestors.com
1 dl.episerver.net www.quilterinvestors.com
1 fonts.googleapis.com www.quilterinvestors.com
1 engage.quilterinvestors.com 1 redirects
48 20
Subject Issuer Validity Valid
www.quilterinvestors.com
Entrust Certification Authority - L1M		 2021-01-04 -
2022-01-29		 a year crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2020-05-21 -
2022-07-27		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-11 -
2021-05-07		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.stoneshot.com
Sectigo RSA Organization Validation Secure Server CA		 2020-09-23 -
2021-09-22		 a year crt.sh
*.clicktale.net
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-24		 a year crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
embed-fastly.wistia.com
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.wistia.com
Amazon		 2020-04-30 -
2021-05-30		 a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2021-03-09 -
2022-03-09		 a year crt.sh
*.litix.io
Amazon		 2020-11-27 -
2021-12-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Frame ID: 26C622E499927C59662B7BB9C7F412DF
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://engage.quilterinvestors.com/action/click/?id=2A45585166579P17894 HTTP 302
    https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

48
Requests

100 %
HTTPS

63 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

1194 kB
Transfer

3842 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://engage.quilterinvestors.com/action/click/?id=2A45585166579P17894 HTTP 302
    https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1323052&time=1615911775084&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemberurlid%3D2A45585166579P17894 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1323052%26time%3D1615911775084%26url%3Dhttps%253A%252F%252Fwww.quilterinvestors.com%252Fnews-and-views%252Fare-you-ready-for-the-income-recovery-challenge%252F%253Fmemberurlid%253D2A45585166579P17894%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1323052&time=1615911775084&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemberurlid%3D2A45585166579P17894&liSync=true

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/
Redirect Chain
  • http://engage.quilterinvestors.com/action/click/?id=2A45585166579P17894
  • https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607da83615c0f1d4cad8387018cf50bb5f5421eeb4a2c7218a660af8a05275a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.quilterinvestors.com
:scheme
https
:path
/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
content-length
11072
set-cookie
__cfduid=d84bfc87d10e4113acbd1d9aeec853fa61615911773; expires=Thu, 15-Apr-21 16:22:53 GMT; path=/; domain=.quilterinvestors.com; HttpOnly; SameSite=Lax TiPMix=49.8516075545231; path=/; HttpOnly; Domain=www.quilterinvestors.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=www.quilterinvestors.com; Max-Age=3600; Secure ASP.NET_SessionId=qfyw4iesgs5mrclq5roimbns; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=qfyw4iesgs5mrclq5roimbns; path=/; HttpOnly; SameSite=Lax LoginLink=#; expires=Fri, 11-Mar-2022 16:22:53 GMT; path=/; secure LoginTitle=; expires=Fri, 11-Mar-2022 16:22:53 GMT; path=/; secure LoginLinkTarget=_blank; expires=Fri, 11-Mar-2022 16:22:53 GMT; path=/; secure ARRAffinity=6ded3081dd2d6cad0ae75c8e86bc94d4b70b07ecd8cd87933120a00a3d4c8d60;Path=/;HttpOnly;Secure;Domain=www.quilterinvestors.com ARRAffinitySameSite=6ded3081dd2d6cad0ae75c8e86bc94d4b70b07ecd8cd87933120a00a3d4c8d60;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.quilterinvestors.com
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
access-control-expose-headers
Request-Context
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
cf-cache-status
DYNAMIC
cf-request-id
08dd71fd9f00004ee5a29de000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
630f52a8fc464ee5-FRA

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
x-frame-options
sameorigin
X-XSS-Protection
1; mode=block
X-Robots-Tag
noindex
Date
Tue, 16 Mar 2021 16:22:52 GMT
Content-Length
245
OtAutoBlock.js
cdn-ukwest.onetrust.com/consent/2bd7766e-a085-4901-8c5a-811ac5bd6f56/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/2bd7766e-a085-4901-8c5a-811ac5bd6f56/OtAutoBlock.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa6cbe23515cf7e05d657ca0cec521e2d56deaced86a99b256cd92f028f446a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
T2TKqdacNB1rzp3lqqTDPQ==
age
1522
content-length
1755
cf-request-id
08dd71ff9d00004a8c7919f000000001
x-ms-lease-status
unlocked
last-modified
Tue, 23 Feb 2021 15:04:29 GMT
server
cloudflare
etag
0x8D8D80C51E0B828
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5233b1b6-601e-0072-332e-1755a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52ac2bcb4a8c-FRA
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
DgCf/JQeR4+J+ZEYMfLA9Q==
age
1132
content-length
4211
cf-request-id
08dd71ff9d00004a8c0d225000000001
x-ms-lease-status
unlocked
last-modified
Tue, 23 Feb 2021 20:20:11 GMT
server
cloudflare
etag
0x8D8D8386C3D1101
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b7ce3198-301e-0025-10b6-15bc28000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52ac2bcd4a8c-FRA
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;700&display=swap
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ea37f76e22fc902c69a400e7302e93727d1463ce55cfe18f9bd9b146b25f1c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 16:22:54 GMT
server
ESF
date
Tue, 16 Mar 2021 16:22:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 16:22:54 GMT
global-v2.css
www.quilterinvestors.com/content/css/dist/ 		382 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab2beaaec88a8c3178dcfb28bdc0fdd15fa853c873ea1665eca151777f6b196
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
24
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Fri, 12 Feb 2021 16:02:44 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
"0ea957f581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd71ff8d00004ee5410e0000000001
cf-ray
630f52ac195d4ee5-FRA
expires
Wed, 17 Mar 2021 16:22:54 GMT
quilter-investors-final.svg
www.quilterinvestors.com/globalassets/logos/approved/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quilterinvestors.com/globalassets/logos/approved/quilter-investors-final.svg
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f9a8a7ae37030f92a3122546164f4c1dd05590715a3029f73c1f944e4ee58d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
17425
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Thu, 06 Feb 2020 08:37:20 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
W/"1D5DCC8A52C2000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
access-control-expose-headers
Request-Context
cache-control
public, max-age=25775
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd71fffb00004ee5509ef000000001
cf-ray
630f52acca5d4ee5-FRA
expires
Tue, 16 Mar 2021 23:32:29 GMT
djwnb5up5e.jsonp
fast.wistia.com/embed/medias/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/djwnb5up5e.jsonp
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
796672c78190cf87e272aafa4c38aba75fb68f9518b1b5fb296ad0737b46e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
x-player-privacy-mode
1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
24879
x-cache
HIT, MISS
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-encoding
br
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1823
x-request-id
46a525c515621b4bc7d4dc7a89e02a82
x-served-by
cache-dca17778-DCA, cache-fra19124-FRA
x-runtime
0.054939
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1615911774.203529,VS0,VE88
etag
W/"796672c78190cf87e272aafa4c38aba7"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
89
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 0
swatch
fast.wistia.com/embed/medias/djwnb5up5e/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/embed/medias/djwnb5up5e/swatch
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aef65a79ce3cb5c41fdd630259b7de8e907cc9d09c583dbde4b1ac4ef7b6db36
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
access-control-request-method
*
age
24879
x-cache
HIT, MISS
content-disposition
inline
content-length
3520
x-served-by
cache-dca17755-DCA, cache-fra19124-FRA
access-control-allow-origin
*, *
x-browser-version
89
last-modified
Tue, 09 Mar 2021 12:31:30 UTC
x-timer
S1615911774.203469,VS0,VE89
strict-transport-security
max-age=0
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control
public, no-cache, max-age=31466605
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 0
global-v2.js
www.quilterinvestors.com/scripts/ 		1015 KB
377 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quilterinvestors.com/scripts/global-v2.js?v=2.5.0.28969
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c39adf839b8103e57ce2b1b6a082ec5213bc6e449d767476588d3f29db8f4f30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
84452
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Fri, 12 Feb 2021 16:04:10 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
"079d8b2581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd71ffba00004ee56215e000000001
cf-ray
630f52ac59d24ee5-FRA
expires
Wed, 17 Mar 2021 16:22:54 GMT
find.js
dl.episerver.net/13.3.0/epi-util/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.episerver.net/13.3.0/epi-util/find.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8ff68c435c8cc1d6c09781a18a77b56ae8fac65aa921acbdd16acc8dbda630a4

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6759
x-powered-by
ASP.NET
content-length
2631
cf-request-id
08dd71ffda000005bf70138000000001
last-modified
Tue, 24 Nov 2020 21:14:58 GMT
server
cloudflare
etag
W/"5827-1606252498000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
630f52ac8eac05bf-FRA
expires
Wed, 17 Mar 2021 16:22:54 GMT
2bd7766e-a085-4901-8c5a-811ac5bd6f56.json
cdn-ukwest.onetrust.com/consent/2bd7766e-a085-4901-8c5a-811ac5bd6f56/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/2bd7766e-a085-4901-8c5a-811ac5bd6f56/2bd7766e-a085-4901-8c5a-811ac5bd6f56.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2faf19b64763054ab8b4ca54dc0cdb3b21dea9a0b73b4d4dc5e271c5e52de1f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
+nHvhPPIKOJpCOmPX/rf0A==
age
1521
content-length
1143
cf-request-id
08dd71ffd500004e9df63ee000000001
x-ms-lease-status
unlocked
last-modified
Tue, 23 Feb 2021 15:04:29 GMT
server
cloudflare
etag
0x8D8D80C51C9A825
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d549caa6-d01e-0042-1e58-190f8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52ac8ab94e9d-FRA
gtm.js
www.googletagmanager.com/ 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZT3ZJJ
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb204896550c75e4318c0c59346cc29ffb10db5637a4783bc156c3d6932b4c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38866
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 16:22:54 GMT
svg-sprite.svg
www.quilterinvestors.com/Content/images/v2/ 		26 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.quilterinvestors.com/Content/images/v2/svg-sprite.svg
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7325a717d8d88c92db5d9ba125a005de3c0c9fea5e740c7e59d144c6ed8c9670
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
17425
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Fri, 12 Feb 2021 16:03:10 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
W/"033158f581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd71fffb00004ee5a2a0b000000001
cf-ray
630f52acca5f4ee5-FRA
expires
Wed, 17 Mar 2021 16:22:54 GMT
chevron.svg
www.quilterinvestors.com/Content/Images/v2/ 		160 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quilterinvestors.com/Content/Images/v2/chevron.svg
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aed88be314c740b32f9eba9d1c3584f3701aec23a73403c0cb2c550957e1df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
17425
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Fri, 12 Feb 2021 16:02:00 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
W/"0c5c65581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd72000400004ee567b38000000001
cf-ray
630f52acda794ee5-FRA
expires
Wed, 17 Mar 2021 16:22:54 GMT
grey-quilt.png
www.quilterinvestors.com/Content/Images/v2/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quilterinvestors.com/Content/Images/v2/grey-quilt.png
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76303639e750a09bb57d84d0eb71e75fab1b8ba87c5618f49c565a40d62da096
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
17425
cf-polished
origFmt=png, origSize=23914
content-disposition
inline; filename="grey-quilt.webp"
strict-transport-security
max-age=31536000
content-length
18416
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
expires
Wed, 17 Mar 2021 16:22:54 GMT
last-modified
Fri, 12 Feb 2021 16:02:00 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
"0c5c65581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd72000400004ee55a071000000001
accept-ranges
bytes
cf-ray
630f52acda7c4ee5-FRA
cf-bgj
imgq:85,h2pri
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.quilterinvestors.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
483525
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 11 Mar 2022 02:04:09 GMT
j8_36_fAw7jrcalD7oKYNX0QfAnPUxvH9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v6/j8_36_fAw7jrcalD7oKYNX0QfAnPUxvH9JfGhA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46163ce90fa1757b839bf8621a75794fc97e533f258cc70cc93615202fbd0b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.quilterinvestors.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 12:42:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:50:50 GMT
server
sffe
age
358817
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19312
x-xss-protection
0
expires
Sat, 12 Mar 2022 12:42:37 GMT
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.13.0/ 		366 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
pY8Rr438h7Vb2adEFDW1VA==
age
942
content-length
82575
cf-request-id
08dd72011000004a8c118e0000000001
x-ms-lease-status
unlocked
last-modified
Tue, 02 Feb 2021 20:50:48 GMT
server
cloudflare
etag
0x8D8C7BC3853ED49
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
58a5fb39-a01e-004d-22b6-15e279000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52ae78ea4a8c-FRA
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1037
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Fri, 23 Oct 2020 22:12:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D877A0CD108633
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4a56cd94-101e-001f-0a7e-1a2462000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 16 Mar 2021 16:52:54 GMT
white-arrow.svg
www.quilterinvestors.com/Content/Images/v2/ 		194 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quilterinvestors.com/Content/Images/v2/white-arrow.svg
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbba84f0514495a06ca4c29c6ceaf847b43c31a849fd1f6333b9b921985c417
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/content/css/dist/global-v2.css?v=2.5.0.28969
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
17425
vary
Accept-Encoding
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Fri, 12 Feb 2021 16:02:00 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
W/"0c5c65581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd72014600004ee52fa72000000001
cf-ray
630f52aede064ee5-FRA
expires
Wed, 17 Mar 2021 16:22:54 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.quilterinvestors.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
79642
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:15:32 GMT
E-v1.js
fast.wistia.com/assets/external/ 		622 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js?_=1615911774699
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/scripts/global-v2.js?v=2.5.0.28969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c2fa7d4c1390bace4af8d92de17b17f97e9dc1620b412adebeeeea9d62fac79
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
br
vary
Accept-Encoding
age
1181
x-cache
HIT, HIT
content-length
115900
x-served-by
cache-dca17729-DCA, cache-fra19124-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Tue, 16 Mar 2021 15:50:57 GMT
x-timer
S1615911775.770835,VS0,VE0
etag
"6050d3e1-1c4bc"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 130
/
www.quilterinvestors.com/api/rolesandregions/getroles/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.quilterinvestors.com/api/rolesandregions/getroles/
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/scripts/global-v2.js?v=2.5.0.28969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5457221ea184cb0699f2cbe4d1051defa355f3672b3d2fced25443eaafc8eaab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
Accept-Encoding
content-length
1419
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
pragma
no-cache
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd72023700004ee5980ba000000001
cf-ray
630f52b058a54ee5-FRA
expires
-1
hero-reveal-green.json
www.quilterinvestors.com/content/data/ 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quilterinvestors.com/content/data/hero-reveal-green.json
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/scripts/global-v2.js?v=2.5.0.28969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39415cf4f31c31ec421aafae09741146942fcb376a6710dbb7685e19a9da3df4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
Accept-Encoding
content-length
2421
x-xss-protection
1; mode=block
request-context
appId=cid-v1:516679c6-118b-4e9d-8418-b496a1a36b4c
last-modified
Fri, 12 Feb 2021 16:02:34 GMT
server
cloudflare
x-frame-options
ALLOW-FROM *.oldmutualwealth.co.uk
etag
"09a079581d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-expose-headers
Request-Context
cache-control
max-age=86400
content-security-policy
frame-ancestors 'self' *.oldmutualwealth.co.uk
cf-request-id
08dd72024300004ee55f379000000001
accept-ranges
bytes
cf-ray
630f52b068d44ee5-FRA
en.json
cdn-ukwest.onetrust.com/consent/2bd7766e-a085-4901-8c5a-811ac5bd6f56/2a1d9692-7037-435e-bf0a-ab89749a5463/ 		30 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/2bd7766e-a085-4901-8c5a-811ac5bd6f56/2a1d9692-7037-435e-bf0a-ab89749a5463/en.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdb533b10fc9c170930b49bd0bda9e14989484a6d81b1620a759f7ce38f7ba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
bOM85jqZFBIdOk4SVWub8g==
age
1509
content-length
7903
cf-request-id
08dd72029a00004e9dd2a9e000000001
x-ms-lease-status
unlocked
last-modified
Tue, 23 Feb 2021 15:04:29 GMT
server
cloudflare
etag
0x8D8D80C51FF9248
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ed0cee73-d01e-0049-4658-1917fb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52b0fa824e9d-FRA
track
www.stoneshot.com/action/js/ 		59 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stoneshot.com/action/js/track
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.68.19.132 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
stoneshot.com
Software
/
Resource Hash
1d16db6ed8a2cd3e1b94d66f78a85d22cb765e31c2c3539ac6dd88e828ee051e
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 12:10:48 GMT
x-frame-options
sameorigin
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
x-robots-tag
noindex
content-length
26293
expires
Tue, 15 Mar 2022 12:10:48 GMT
6b3706cd-fac9-48b4-8bf0-25910f1e2300.js
cdnssl.clicktale.net/www56/ptc/ 		249 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnssl.clicktale.net/www56/ptc/6b3706cd-fac9-48b4-8bf0-25910f1e2300.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b0::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb83ebfefd42ba135e861bb167bbfee9c01e441261024f9b729c24d7e1a7b488

Request headers

Origin
https://www.quilterinvestors.com
Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
HrSvW2iEQLyWksuV1gtEQwZh8VfsFiB.
content-encoding
br
last-modified
Thu, 11 Mar 2021 13:46:46 GMT
server
AmazonS3
x-amz-request-id
DYW3BBSFHW7R5B6F
etag
"8c545ccba69fe8632a9741ad0eeddc71"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
date
Tue, 16 Mar 2021 16:22:54 GMT
accept-ranges
bytes
content-length
43612
x-amz-id-2
/ArHiz8UJbkmXPXLRiu14in3M+3IB+Uwwyxf7x9oevMo9ZLT/2+BkUg5lnkqUrmOohGYkhxaXVg=
expires
Tue, 16 Mar 2021 16:32:54 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:55 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
59035
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1615911775.015512,VS0,VE0
x-served-by
cache-fra19182-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 16:22:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=31453
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
otCenterRounded.json
cdn-ukwest.onetrust.com/scripttemplates/6.13.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.13.0/assets/otCenterRounded.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:55 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
L0sZwKqEvb9GD/IAcZBCVQ==
age
2458
content-length
2421
cf-request-id
08dd72032600004e9d5838d000000001
x-ms-lease-status
unlocked
last-modified
Tue, 02 Feb 2021 20:50:35 GMT
server
cloudflare
etag
0x8D8C7BC30AE34AD
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
48afc4db-101e-0010-24b6-15127d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52b1dc0a4e9d-FRA
otPcCenter.json
cdn-ukwest.onetrust.com/scripttemplates/6.13.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.13.0/assets/v2/otPcCenter.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Mar 2021 16:22:55 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
X6D86gIa8XOVqm7r1Vfyzg==
age
6532
content-length
11379
cf-request-id
08dd72032a00004e9dcaa8d000000001
x-ms-lease-status
unlocked
last-modified
Tue, 02 Feb 2021 20:50:37 GMT
server
cloudflare
etag
0x8D8C7BC31A728C0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
69dee232-801e-0051-7bb6-153a6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
630f52b1dc174e9d-FRA
wistia-mux.js
fast.wistia.com/assets/external/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js?_=1615911774699
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3dd8763f56616f1ba8aa1306d66c7912abf55a6dd3f22638118b128555f44a6d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:55 GMT
content-encoding
br
vary
Accept-Encoding
age
1181
x-cache
HIT, HIT
content-length
25128
x-served-by
cache-dca17767-DCA, cache-fra19124-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Tue, 16 Mar 2021 15:50:57 GMT
x-timer
S1615911775.030971,VS0,VE0
etag
"6050d3e1-6228"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 57
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1323052&time=1615911775084&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemb...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1323052%26time%3D1615911775084%26url%3Dhttps%253A%252F%252Fwww.quilterinvestors.c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1323052&time=1615911775084&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemb...
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1323052&time=1615911775084&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemberurlid%3D2A45585166579P17894&liSync=true
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:55 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
lLmL4jLfbBYQPpt1ZysAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
KBoY1zLfbBawVETbxyoAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: 4137519FABAE48F8A73353E9B54F2B90 Ref B: VIEEDGE1307 Ref C: 2021-03-16T16:22:55Z
date
Tue, 16 Mar 2021 16:22:54 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1323052&time=1615911775084&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemberurlid%3D2A45585166579P17894&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Origin
https://www.quilterinvestors.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
919298d9bf36ce52f6917b828553c8de.webp
embed-fastly.wistia.com/deliveries/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-fastly.wistia.com/deliveries/919298d9bf36ce52f6917b828553c8de.webp?image_crop_resized=1920x1080
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
922ae651b819d2dcc900f741794fa5ec058fb91dc3d0e98a6df8da9da33b4f49

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:55 GMT
via
1.1 varnish, 1.1 varnish
age
24698
edge-cache-tag
919298d9bf36ce52f6917b828553c8de
access-control-request-method
*
x-cache-hits
1, 1
x-cache
HIT, HIT
content-length
46074
x-served-by
cache-dca17727-DCA, cache-hhn4021-HHN
last-modified
Tue, 09 Mar 2021 12:31:30 UTC
x-timer
S1615911775.488411,VS0,VE1
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline
cache-control
max-age=31536000
accept-ranges
bytes
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Visit
www.stoneshot.com/action/ 		807 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.stoneshot.com/action/Visit?action_name=Are%20you%20ready%20for%20the%20income%20recovery%20challenge%3F%20%7C%20Quilter%20Investors&idsite=a5a84c842bfb4e73a36aa4e726676a45&rec=1&r=583543&h=17&m=22&s=55&url=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemberurlid%3D2A45585166579P17894&_id=b3d7a95b3f12b304&_idts=1615911775&_idvc=1&_idn=0&_refts=0&_viewts=1615911775&send_image=1&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22memberurlid%22%2C%222A45585166579P17894%22%5D%7D&gt_ms=482&pv_id=pQU8Lx
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.68.19.132 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
stoneshot.com
Software
/
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:54 GMT
cache-control
private
x-robots-tag
noindex
content-length
807
x-frame-options
sameorigin
content-type
image/gif
adsct
t.co/i/ 		43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o2603&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.quilterinvestors.com%2Fnews-and-views%2Fare-you-ready-for-the-income-recovery-challenge%2F%3Fmemberurlid%3D2A45585166579P17894
Requested by
Host: www.quilterinvestors.com
URL: https://www.quilterinvestors.com/news-and-views/are-you-ready-for-the-income-recovery-challenge/?memberurlid=2A45585166579P17894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Tue, 16 Mar 2021 16:22:55 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
abd82eab0b6ef70fe97a73b9caf5e08d
x-transaction
00b6ed6a003958ef
expires
Tue, 31 Mar 1981 05:00:00 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		52 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js?_=1615911774699
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
611ed8702702aff2d8034ca4451c200ac9fba65b55c08cefa14a6ff01a2834f0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:56 GMT
content-encoding
br
vary
Accept-Encoding
age
1181
x-cache
HIT, HIT
content-length
9638
x-served-by
cache-dca17743-DCA, cache-fra19124-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Tue, 16 Mar 2021 15:50:57 GMT
x-timer
S1615911776.075431,VS0,VE0
etag
"6050d3e1-25a6"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 90
hls_video.js
fast.wistia.com/assets/external/engines/ 		303 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js?_=1615911774699
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3de640b8b8d6369aa4c2f730a2e89de3265653451f7445c6389765f65609949c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:56 GMT
content-encoding
br
vary
Accept-Encoding
age
1182
x-cache
HIT, HIT
content-length
66638
x-served-by
cache-dca17738-DCA, cache-fra19124-FRA
access-control-allow-origin
*
x-browser-version
89
last-modified
Tue, 16 Mar 2021 15:50:57 GMT
x-timer
S1615911776.081102,VS0,VE0
etag
"6050d3e1-1044e"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 68
x
distillery.wistia.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.1.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-1-164.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Mar 2021 16:22:56 GMT
cache-control
max-age=0, private, must-revalidate
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.quilterinvestors.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 16:22:55 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d415c02e936bb733fad68019e6f4540ae65dc28a74a5924549c8498bc64affee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.quilterinvestors.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
93687E72-EA44-44F4-91DB-9A5C7C7E2A4C
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 16:22:56 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
blank.gif
fast.wistia.com/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Origin
https://www.quilterinvestors.com
Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:56 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
1182
x-cache
HIT, HIT
x-cache-hits
1, 50
content-length
1214
x-served-by
cache-dca17775-DCA, cache-fra19180-FRA
x-browser-version
89
last-modified
Tue, 16 Mar 2021 15:31:09 GMT
x-timer
S1615911776.170461,VS0,VE0
etag
"6050cf3d-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
98efc050f2375349531b492bb858eff48817d5b4.m3u8
embed-fastly.wistia.com/deliveries/ 		3 KB
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-fastly.wistia.com/deliveries/98efc050f2375349531b492bb858eff48817d5b4.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f61df8cd32edc2b6afcc33438fcd0b462e18bb4e2fcad8de91df774a6f9e9f3e

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:56 GMT
content-encoding
gzip
age
24697
edge-cache-tag
98efc050f2375349531b492bb858eff48817d5b4
access-control-request-method
*
x-cache
HIT, HIT
content-length
302
via
1.1 varnish, 1.1 varnish
x-served-by
cache-dca17781-DCA, cache-hhn4068-HHN
expires
Wed, 16 Mar 2022 09:31:19 GMT
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
x-timer
S1615911776.329224,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1, 1
seg-1-v1-a1.ts
embed-fastly.wistia.com/deliveries/98efc050f2375349531b492bb858eff48817d5b4.m3u8/ 		130 KB
130 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-fastly.wistia.com/deliveries/98efc050f2375349531b492bb858eff48817d5b4.m3u8/seg-1-v1-a1.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36e631e2cb1872b5b80349693db0be93b434b0e580815c352c8e7da74b813924

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:56 GMT
via
1.1 varnish, 1.1 varnish
age
24697
edge-cache-tag
98efc050f2375349531b492bb858eff48817d5b4
access-control-request-method
*
x-cache
HIT, HIT
content-length
132728
x-served-by
cache-dca12927-DCA, cache-hhn4068-HHN
expires
Wed, 16 Mar 2022 09:31:19 GMT
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
x-timer
S1615911776.388909,VS0,VE1
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1, 1
/
fg8vvsvnieiv3ej16jby.litix.io/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.19.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-19-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.quilterinvestors.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 16 Mar 2021 16:23:01 GMT
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
POST, GET
/
fg8vvsvnieiv3ej16jby.litix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol
HTTP/1.1
Server
52.20.19.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-19-138.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.quilterinvestors.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Date
Tue, 16 Mar 2021 16:23:01 GMT
Content-Length
0
Connection
keep-alive
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.quilterinvestors.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 16:23:10 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d415c02e936bb733fad68019e6f4540ae65dc28a74a5924549c8498bc64affee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.quilterinvestors.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
434FDEA0-F126-425C-B12B-B3962C58FE86
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 16:23:11 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| appInsights object| otStubData function| setImmediate function| clearImmediate object| regeneratorRuntime function| $ function| jQuery boolean| RESPONSIVE_AUTOSIZE boolean| RESPONSIVE_CAROUSEL boolean| RESPONSIVE_CONDITIONAL boolean| RESPONSIVE_DISMISS boolean| RESPONSIVE_DROPDOWN boolean| RESPONSIVE_MODAL boolean| RESPONSIVE_NAVIGATION boolean| RESPONSIVE_TABLE boolean| RESPONSIVE_TABS function| findAnAdviserBootstrap function| findAnAdviserSearchClick function| findAnAdviserDetailsClick function| findAnAdviserBackClick function| FindApi object| api object| google_tag_manager object| wistiajsonp-/embed/medias/djwnb5up5e.jsonp object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| menu undefined| submit function| getUrlVars object| vars object| _paq boolean| clickTaleTagInjected function| twq string| _linkedin_partner_id object| _linkedin_data_partner_ids object| AI object| Microsoft function| __extends function| _endsWith object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| Optanon object| OneTrust function| lintrk boolean| _already_called_lintrk object| CS_CONF function| csDate object| csJSON function| csArray function| csString function| csURL function| csNodechildNodes function| csNodehasChildNodes function| csNodeparentNode boolean| CSIframeReady object| CSPureWindow object| CSPathComputation object| _uxa object| platform object| twttr object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.oldmutualwealth.co.uk
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.oldmutualwealth.co.uk
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn-ukwest.onetrust.com
cdnssl.clicktale.net
dc.services.visualstudio.com
distillery.wistia.com
dl.episerver.net
embed-fastly.wistia.com
engage.quilterinvestors.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
t.co
www.googletagmanager.com
www.linkedin.com
www.quilterinvestors.com
www.stoneshot.com
104.244.42.5
13.69.65.23
151.101.12.157
151.101.194.133
217.68.19.132
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b844
2606:4700::6812:1276
2606:4700::6812:1e66
2620:119:50e1:101::6cae:b25
2620:1ec:22::14
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:829::200a
2a02:26f0:10c:582::25ea
2a02:26f0:1700:1b0::2db0
2a04:4e42:3::622
52.0.1.164
52.20.19.138
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
1d16db6ed8a2cd3e1b94d66f78a85d22cb765e31c2c3539ac6dd88e828ee051e
1fbba84f0514495a06ca4c29c6ceaf847b43c31a849fd1f6333b9b921985c417
2ea37f76e22fc902c69a400e7302e93727d1463ce55cfe18f9bd9b146b25f1c1
2fa6cbe23515cf7e05d657ca0cec521e2d56deaced86a99b256cd92f028f446a
2faf19b64763054ab8b4ca54dc0cdb3b21dea9a0b73b4d4dc5e271c5e52de1f4
36e631e2cb1872b5b80349693db0be93b434b0e580815c352c8e7da74b813924
39415cf4f31c31ec421aafae09741146942fcb376a6710dbb7685e19a9da3df4
3dd8763f56616f1ba8aa1306d66c7912abf55a6dd3f22638118b128555f44a6d
3de640b8b8d6369aa4c2f730a2e89de3265653451f7445c6389765f65609949c
3fdb533b10fc9c170930b49bd0bda9e14989484a6d81b1620a759f7ce38f7ba0
46163ce90fa1757b839bf8621a75794fc97e533f258cc70cc93615202fbd0b38
4c2fa7d4c1390bace4af8d92de17b17f97e9dc1620b412adebeeeea9d62fac79
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5457221ea184cb0699f2cbe4d1051defa355f3672b3d2fced25443eaafc8eaab
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
607da83615c0f1d4cad8387018cf50bb5f5421eeb4a2c7218a660af8a05275a3
611ed8702702aff2d8034ca4451c200ac9fba65b55c08cefa14a6ff01a2834f0
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7325a717d8d88c92db5d9ba125a005de3c0c9fea5e740c7e59d144c6ed8c9670
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
76303639e750a09bb57d84d0eb71e75fab1b8ba87c5618f49c565a40d62da096
796672c78190cf87e272aafa4c38aba75fb68f9518b1b5fb296ad0737b46e4c7
8ff68c435c8cc1d6c09781a18a77b56ae8fac65aa921acbdd16acc8dbda630a4
922ae651b819d2dcc900f741794fa5ec058fb91dc3d0e98a6df8da9da33b4f49
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aef65a79ce3cb5c41fdd630259b7de8e907cc9d09c583dbde4b1ac4ef7b6db36
b1aed88be314c740b32f9eba9d1c3584f3701aec23a73403c0cb2c550957e1df
bb204896550c75e4318c0c59346cc29ffb10db5637a4783bc156c3d6932b4c7f
c39adf839b8103e57ce2b1b6a082ec5213bc6e449d767476588d3f29db8f4f30
c4f9a8a7ae37030f92a3122546164f4c1dd05590715a3029f73c1f944e4ee58d
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
cb83ebfefd42ba135e861bb167bbfee9c01e441261024f9b729c24d7e1a7b488
d415c02e936bb733fad68019e6f4540ae65dc28a74a5924549c8498bc64affee
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f61df8cd32edc2b6afcc33438fcd0b462e18bb4e2fcad8de91df774a6f9e9f3e
fab2beaaec88a8c3178dcfb28bdc0fdd15fa853c873ea1665eca151777f6b196
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf