www.quiltercheviot.com Open in urlscan Pro
2606:4700::6812:dd3d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.panaceaadviser.com/ebulletins/l.php?id=77cbfa7e74b7dc39c4e61333e4a877ab&rec=1358651
Effective URL:
https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm...
Submission: On March 24 via manual (March 24th 2021, 3:39:39 pm UTC) from GB

Summary HTTP 66 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6812:dd3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.quiltercheviot.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 28th 2021. Valid for: a year.

This is the only time www.quiltercheviot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.136.51.43 94.136.51.43	20738 (GD-EMEA-D...) (GD-EMEA-DC-LD5)
21	2606:4700::68... 2606:4700::6812:dd3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.159.101 13.226.159.101	16509 (AMAZON-02) (AMAZON-02)
6	13.226.159.59 13.226.159.59	16509 (AMAZON-02) (AMAZON-02)
1	13.226.135.59 13.226.135.59	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6811:9b64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.159.50 13.226.159.50	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.6 13.226.159.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:9a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.36.236.158 23.36.236.158	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:296::2db0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.135.56 13.226.135.56	16509 (AMAZON-02) (AMAZON-02)
66	23

1 94.136.51.43 (Leeds, United Kingdom) 1 redirects

ASN20738 (GD-EMEA-DC-LD5, DE)
PTR: ds7465.dedicated.turbodns.co.uk

links.panaceaadviser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6812:dd3d (United States)

ASN13335 (CLOUDFLARENET, US)

www.quiltercheviot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-101.dus51.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.159.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-59.dus51.r.cloudfront.net

widget.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.135.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-135-59.dus51.r.cloudfront.net

api-widget.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:9b64 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fundpress.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-50.dus51.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-6.dus51.r.cloudfront.net

wave.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:9a64 (United States)

ASN13335 (CLOUDFLARENET, US)

api-uk.kurtosys.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.236.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-236-158.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:296::2db0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.135.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-135-56.dus51.r.cloudfront.net

l9bjkkhaycw6f8f4.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	quiltercheviot.com www.quiltercheviot.com	1 MB
11	fundpress.io api.fundpress.io	223 KB
9	sndcdn.com widget.sndcdn.com i1.sndcdn.com wave.sndcdn.com	470 KB
4	google-analytics.com www.google-analytics.com	37 KB
3	google.com www.google.com	862 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	178 KB
3	soundcloud.com w.soundcloud.com api-widget.soundcloud.com l9bjkkhaycw6f8f4.soundcloud.com	4 KB
2	google.de www.google.de	214 B
2	doubleclick.net stats.g.doubleclick.net	522 B
2	kurtosys.app api-uk.kurtosys.app	108 KB
1	bluekai.com stags.bluekai.com	1 KB
1	clicktale.net cdnssl.clicktale.net	43 KB
1	bkrtx.com tags.bkrtx.com	16 KB
1	crazyegg.com script.crazyegg.com
1	googletagmanager.com www.googletagmanager.com	50 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	panaceaadviser.com 1 redirects links.panaceaadviser.com	626 B
66	17

	Domain	Requested by
21	www.quiltercheviot.com	www.quiltercheviot.com ajax.cloudflare.com
11	api.fundpress.io	ajax.cloudflare.com api.fundpress.io
6	widget.sndcdn.com	w.soundcloud.com widget.sndcdn.com
4	www.google-analytics.com	www.quiltercheviot.com www.google-analytics.com www.googletagmanager.com
3	www.google.com	ajax.cloudflare.com
2	www.google.de
2	stats.g.doubleclick.net	www.google-analytics.com
2	api-uk.kurtosys.app	api.fundpress.io
2	i1.sndcdn.com	w.soundcloud.com widget.sndcdn.com
2	fonts.gstatic.com	www.quiltercheviot.com
1	l9bjkkhaycw6f8f4.soundcloud.com	widget.sndcdn.com
1	stags.bluekai.com	tags.bkrtx.com
1	cdnssl.clicktale.net	www.quiltercheviot.com
1	tags.bkrtx.com	www.quiltercheviot.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.quiltercheviot.com
1	wave.sndcdn.com	widget.sndcdn.com
1	api-widget.soundcloud.com	widget.sndcdn.com
1	w.soundcloud.com	www.quiltercheviot.com
1	ajax.cloudflare.com	www.quiltercheviot.com
1	links.panaceaadviser.com	1 redirects
66	22

This site contains links to these domains. Also see Links.

Domain
media.quilter.com
qcclientsauthentication.flagstoneim.com
client.quiltercheviot.com
event.on24.com
www.linkedin.com
twitter.com
www.facebook.com
www.quilter.com

Subject Issuer	Validity	Valid
www.quiltercheviot.com Entrust Certification Authority - L1M	`2021-01-28` - `2022-01-28`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.fundpress.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.kurtosys.app DigiCert SHA2 Secure Server CA	`2020-06-10` - `2021-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-24`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
Frame ID: 094FFFC305C99BB97B73B25311BD5197
Requests: 49 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Frame ID: 5DD11695EA68E1604103FCFF8D82783F
Requests: 13 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/58483?ret=html&phint=__bk_t%3DDiary%20of%20a%20Fund%20Manager%20-%20Isolation%20Tank%20-%20Quilter%20Cheviot%20%7C%20Investment%20Management%20Services%20%7C%20Private%20Clients&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.quiltercheviot.com%2Fuk%2Fprivate-client%2Finsights%2Fdiary-of-a-fund-manager-isolation-tank%2F%3Futm_source%3Dbento-bulletin%26utm_medium%3Demail%26utm_campaign%3D140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune%26utm_content%3D140347&phint=__bk_v%3D3.1.9&limit=4&r=9704225
Frame ID: 1DEF9174DDC30D08F51472582D5D970D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.panaceaadviser.com/ebulletins/l.php?id=77cbfa7e74b7dc39c4e61333e4a877ab&rec=1358651 HTTP 302
https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_sourc... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

66
Requests

100 %
HTTPS

61 %
IPv6

17
Domains

22
Subdomains

23
IPs

4
Countries

2524 kB
Transfer

6995 kB
Size

3
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://media.quilter.com/search/
Title: Press

Search URL Search Domain Scan URL

URL: https://qcclientsauthentication.flagstoneim.com/
Title: Flagstone Cash Platform

Search URL Search Domain Scan URL

URL: https://client.quiltercheviot.com/client/app/login
Title: ONLINE PORTFOLIO LOGIN

Search URL Search Domain Scan URL

URL: https://event.on24.com/wcc/r/3021254/CC7F3363192636B4904C81A8BF04F7B5?partnerref=qc
Title: The Budget review

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/&title=Diary%20of%20a%20Fund%20Manager%20-%20Isolation%20Tank&summary=&source=https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/
Title:

Search URL Search Domain Scan URL

URL: https://client.quiltercheviot.com/
Title: Online Portfolio Login

Search URL Search Domain Scan URL

URL: https://www.quilter.com/modern-slavery-act/
Title: Modern Slavery Act

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.panaceaadviser.com/ebulletins/l.php?id=77cbfa7e74b7dc39c4e61333e4a877ab&rec=1358651 HTTP 302
https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/
Redirect Chain

https://links.panaceaadviser.com/ebulletins/l.php?id=77cbfa7e74b7dc39c4e61333e4a877ab&rec=1358651
https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-...

316 KB
31 KB

2112ms
1960ms

Document
text/html

2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cbfa879394a6246adcb866b9b30709c1f33c46781495d07559fb1216a449535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.quiltercheviot.com
:scheme: https
:path: /uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df896ef8b5524a2935bda27c846ab3b841616600352; expires=Fri, 23-Apr-21 15:39:12 GMT; path=/; domain=.www.quiltercheviot.com; HttpOnly; SameSite=Lax; Secure __cf_bm=84d34a0924ce26b5a4fbd9fe902516646205fbf0-1616600354-1800-AdQR9uywZnhP1UgMHYCEWKPDBu9IF1IaywyHtwspALFsxjmUMMVChf7+oi9RfowTqiZViLmmJCK5FEuQ7BBnSsXBuIHZGi+PlLOqii4ZnNcf; path=/; expires=Wed, 24-Mar-21 16:09:14 GMT; domain=.www.quiltercheviot.com; HttpOnly; Secure; SameSite=None
cf-ray: 6350fda91c6f4ec2-FRA
cache-control: max-age=300
last-modified: Wed, 24 Mar 2021 15:39:12
link: <https://ooovfymsme-prd.ksysweb.com/uk/private-client/?p=9206>; rel=shortlink
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
cf-request-id: 09067cddb000004ec236111000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-proxy-by: dxm-rewrite
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br

Redirect headers

Server: nginx
Date: Wed, 24 Mar 2021 15:39:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Set-Cookie: PHPSESSID=v1ot604gq5ao4kkgi7i6ehkf04; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
X-Powered-By: PleskLin

GET
H2 200 header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/ 1 MB
112 KB 618ms
617ms Stylesheet
text/css 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e655920cdd798f6a8dadeb10e57d0f02b19280ed3bcabfe8bd429da2430418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
cf-request-id: 09067ce56a00004ec2842d1000000001
x-proxy-by: dxm-rewrite
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Mar 2021 20:19:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605a4d36-108882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=3600, public
cf-ray: 6350fdb57eff4ec2-FRA
expires: Wed, 24 Mar 2021 16:39:14 GMT

GET
H2 200 qclogo.svg
www.quiltercheviot.com/uploads/2020/02/8fda9ddb263f658c1316f69f8f1e9e02/ 9 KB
3 KB 441ms
440ms Image
image/svg+xml 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/02/8fda9ddb263f658c1316f69f8f1e9e02/qclogo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec947f0d36fb9a46cb466875032552eab1c7191bd95f3fccdab49f0db5b8e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70505
vary: Accept-Encoding
cf-request-id: 09067ce56b00004ec27427b000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Feb 2020 09:26:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"96eeca429f175a3de72ce6aa94153182"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
cf-ray: 6350fdb57f024ec2-FRA
expires: Wed, 23 Mar 2022 20:04:09 GMT

GET
H2 200 qc250_roundel_rgb_white.png
www.quiltercheviot.com/uploads/2020/02/94051245a18b8f8d88cd7e4497e56419/ 45 KB
45 KB 509ms
508ms Image
image/png 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/02/94051245a18b8f8d88cd7e4497e56419/qc250_roundel_rgb_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64df14794fce1c390dfcbc6b1acfea04020e1e034f2e036b5ff3acf85a01ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 46345
cf-request-id: 09067ce56b00004ec2361af000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Mar 2021 07:50:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "057e428499106b38fc592b75c7966cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdb57f034ec2-FRA
expires: Thu, 24 Mar 2022 15:39:14 GMT

GET
H2 200 footer-84eb3946dfeb8d6707b854b30a60dbfbfa647277.min.css
www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/ 100 KB
17 KB 516ms
515ms Stylesheet
text/css 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/footer-84eb3946dfeb8d6707b854b30a60dbfbfa647277.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18d379a5a86559021c88a9370b6ad14f519e5d8489effd6ab66f0ebfdcaa0101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
cf-request-id: 09067ce59c00004ec22a9ab000000001
x-proxy-by: dxm-rewrite
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Mar 2021 10:41:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6059c5ea-18f69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=3600, public
cf-ray: 6350fdb5cfc44ec2-FRA
expires: Wed, 24 Mar 2021 16:39:14 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 43ms
15ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 09067ce5b600004e7aa8a09000000001
last-modified: Tue, 16 Mar 2021 22:16:23 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60512e37-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sErrWW%2BmVdpOnn0jBUw9geoDlKYdnG5YJvMvFupH08lLfHuwyVHqwsqf4nLTgRbBHQ4ToA4PNmXv889KwtNN473dEjn2jyn7mEDNxfDli%2F7HwEiirD92VlPJh17Az22S"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6350fdb5ee8b4e7a-FRA
expires: Fri, 26 Mar 2021 15:39:14 GMT

GET
H/1.1 200
OK / Show response
w.soundcloud.com/player/ Frame 5DD1 5 KB
3 KB 158ms
87ms Document
text/html 13.226.159.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-101.dus51.r.cloudfront.net

Software

am/2 /

Resource Hash

7b3766492e5380546cf4a46035060c8d9556a3766f166c8698f6b7e363204ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: w.soundcloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.quiltercheviot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.quiltercheviot.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Via: sssr, 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
P3P: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
Cache-Control: public, max-age=300
Date: Wed, 24 Mar 2021 15:39:14 GMT
Strict-Transport-Security: max-age=63072000
Server: am/2
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: AZ8sQbLITdMlhII-EJ_-xbIfU0WqJn-9qWWIE8x9cVM3TLQR7eVq7g==

GET
H2 200 widget-7-0dc9c4086ea9.js Show response
widget.sndcdn.com/ Frame 5DD1 8 KB
3 KB 114ms
31ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-7-0dc9c4086ea9.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b2ebc07ad8a8f5baa7be1bb048dbd7e3fa39a0be4323f39b94216e957910895

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:07:53 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3501082
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 13:06:52 GMT
server: AmazonS3
etag: W/"5e165364f54c875e110c6293f5fa73c3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 2kUjoAt2auW7muw2F1_0H6IluBMAaC-hrxPWTWkkIYjUeRmOILTiYg==

GET
H2 200 widget-8-5842af0eec73.js Show response
widget.sndcdn.com/ Frame 5DD1 2 KB
2 KB 114ms
32ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-8-5842af0eec73.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5059a04eba83615d3738f11e32fd806d873284ea0deda721dbce266817c1049c

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 10:37:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3733320
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Feb 2021 10:32:45 GMT
server: AmazonS3
etag: W/"df8186519e45a28a5e6fe41853737a5d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: WgTflWbkhK1W3F4YDsKWFvleD0p2ZM_f5-SEKe2aPG6LUzAXUzniGg==

GET
H2 200 widget-9-6301d869b37a.js Show response
widget.sndcdn.com/ Frame 5DD1 1 MB
304 KB 139ms
57ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-9-6301d869b37a.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed601892f484dfffb757d05a5dade2eac3fe24d4de94796f43343a8b95249b9d

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 10:37:15 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3733320
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Feb 2021 10:32:45 GMT
server: AmazonS3
etag: W/"8934d1acc515aefe03c381a66334742e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: IxPAFtiisueaeLFl_3Sz0bmr0E4Wp1QGnDZ7g16UM6ZLClO7QvLOOw==

GET
H2 200 financially-vulnerable-header-3.jpg
www.quiltercheviot.com/uploads/2020/04/6a488300c4017c490ff8ab1b623eed60/ 26 KB
26 KB 188ms
183ms Image
image/jpeg 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/04/6a488300c4017c490ff8ab1b623eed60/financially-vulnerable-header-3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b60c505f0fb540865e90fd00d27781088dc2b02581210d4a8d870c18e0209bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70472
cf-polished: origSize=40758
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 26401
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Apr 2020 07:49:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "eda9d6d5a5152944f1dddc5a6098b4fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000, public
cf-request-id: 09067ce81b00004ec28d207000000001
accept-ranges: bytes
cf-ray: 6350fdb9cfa74ec2-FRA
expires: Wed, 23 Mar 2022 20:04:43 GMT

GET
H2 200 gotham-book.woff2
www.quiltercheviot.com/uploads/2020/01/f2c47549c7484f32d65206183c70c620/ 31 KB
31 KB 298ms
297ms Font
application/octet-stream 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uploads/2020/01/f2c47549c7484f32d65206183c70c620/gotham-book.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9992b67c1633d6b8321adfa1edfe96515dbbfa0ac8dc520a1b470db2948a552c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 31852
cf-request-id: 09067ce81900004ec24cbf4000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Jan 2020 07:05:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "360e51e8fd6f7e0c980a3aec963c0b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdb9cfac4ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 gotham-medium.woff2
www.quiltercheviot.com/uploads/2020/01/c57beed6b7276abb22042d0555a13ee6/ 31 KB
31 KB 277ms
270ms Font
application/octet-stream 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uploads/2020/01/c57beed6b7276abb22042d0555a13ee6/gotham-medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5421634ccb3a55be105ccb5b805d0ab1b8c9480bfab9b21ea91da4cf4a3bb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 31868
cf-request-id: 09067ce82200004ec2809dd000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Jan 2020 07:41:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "677062f77c12f270450922d6b92aa439"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdb9cfc84ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame 5DD1 4 KB
4 KB 627ms
320ms Image
image/png 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 02:31:47 GMT
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
age: 3935249
x-cache: Hit from cloudfront
content-length: 3745
last-modified: Thu, 04 Feb 2021 15:57:24 GMT
server: AmazonS3
etag: "a1591e5274b36cfbae3e167dffe49970"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: dbayR4_s9IKk57lxBsc_UEVJ_T3FdOpqC1KXcDT6cI_QgTmsWfkgSA==

GET
H/1.1 200
OK 361310-90467-475027-11488 Show response
api-widget.soundcloud.com/assignments/ Frame 5DD1 511 B
1 KB 366ms
293ms XHR
application/json 13.226.135.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/assignments/361310-90467-475027-11488?layers=widget_listening&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1612866744

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6301d869b37a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.226.135.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-135-59.dus51.r.cloudfront.net

Software

am/2 /

Resource Hash

73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 15:39:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Miss from cloudfront
Access-Control-Allow-Methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 131
Access-Control-Allow-Origin: https://w.soundcloud.com
Referrer-Policy: no-referrer
Server: am/2
X-Frame-Options: DENY
Access-Control-Max-Age: 1728000
Strict-Transport-Security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: Date
Cache-Control: private, max-age=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: CgpQBK4Lf41VNbtm38I0-gJNavTwuJaGdrHFpq5Q7p1mnjWJAAjVUw==

GET
H2 200 diary-of-a-fund-manager-150321-hero-banner.jpg
www.quiltercheviot.com/uploads/2021/03/bbd3799261c3752d0263d216662155ec/ 174 KB
174 KB 332ms
311ms Image
image/jpeg 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2021/03/bbd3799261c3752d0263d216662155ec/diary-of-a-fund-manager-150321-hero-banner.jpg

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6c5e9b5b2bfe5a3f2b0e94f6006484bd6b0f86e468113092056f745c27040e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 177773
cf-request-id: 09067ceaad00004ec28433a000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Mar 2021 16:43:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "049307956744d1abf3b76c03a1ffa16a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdbde8514ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 overlay4.svg
www.quiltercheviot.com/uploads/2020/01/761f27ed2c1bd0e6bc38a9ac8c063329/ 3 KB
1 KB 248ms
230ms Image
image/svg+xml 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/01/761f27ed2c1bd0e6bc38a9ac8c063329/overlay4.svg

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21752a5f83f9c60bb8fe008f310d4d42e904dd8da9d26fcadf3aa8d7cc33c96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 29 Jan 2020 06:42:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e612ef04dcda02911427cebd9d08d69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-request-id: 09067ceaad00004ec246194000000001
cf-ray: 6350fdbde8534ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 dfm-newsletter-1024x340-1.jpg
www.quiltercheviot.com/uploads/2020/04/0215adfe585c4fd161f76fcf7f9ac9c5/ 19 KB
19 KB 319ms
317ms Image
image/jpeg 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/04/0215adfe585c4fd161f76fcf7f9ac9c5/dfm-newsletter-1024x340-1.jpg

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f931c51044ae5a42e82cac063cec67789d4f578b17824568afe0849b515435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 19482
cf-request-id: 09067ceaae00004ec28d240000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 Apr 2020 06:25:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bf374fd62ef85bbc5e5b433b807a341a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdbde8544ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 fa-solid-900.woff2
www.quiltercheviot.com/uk/private-client/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
75 KB 299ms
268ms Font
font/woff2 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uk/private-client/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Feb 2021 11:25:51 GMT
server: cloudflare
etag: "602cfd3f-12934"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6350fdbe69644ec2-FRA
content-length: 76084
cf-request-id: 09067ceaff00004ec273173000000001
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxM.woff
fonts.gstatic.com/s/roboto/v20/ 20 KB
20 KB 31ms
6ms Font
font/woff 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:17:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 580929
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20268
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:17:06 GMT

GET
H2 200 lato-light.woff2
www.quiltercheviot.com/uploads/2020/02/cd14fac091f935d8815751e8c8e81960/ 32 KB
32 KB 281ms
256ms Font
application/octet-stream 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uploads/2020/02/cd14fac091f935d8815751e8c8e81960/lato-light.woff2

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b7911f0c2cd42ee19af32261122ee0b2cd229d6266d26ddc4b7e0d5b28647ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 32308
cf-request-id: 09067ceaff00004ec2742f2000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Feb 2020 07:14:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "96b78ec9be61a9b1e91d455627636d53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdbe69674ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 S6uyw4BMUTPHjx4wWA.woff
fonts.gstatic.com/s/lato/v17/ 28 KB
28 KB 32ms
7ms Font
font/woff 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWA.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:19:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:48 GMT
server: sffe
age: 577161
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28660
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:19:54 GMT

GET
H2 200 fa-brands-400.woff2
www.quiltercheviot.com/uk/private-client/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
74 KB 318ms
294ms Font
font/woff2 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uk/private-client/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Feb 2021 11:25:51 GMT
server: cloudflare
etag: "602cfd3f-128a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6350fdbe69684ec2-FRA
content-length: 75936
cf-request-id: 09067ceb0000004ec22aa1f000000001
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 myriadpro-regular.woff2
www.quiltercheviot.com/uploads/2020/02/a7be94a0e7a52eb399f92b464fc670fd/ 36 KB
36 KB 408ms
384ms Font
application/octet-stream 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uploads/2020/02/a7be94a0e7a52eb399f92b464fc670fd/myriadpro-regular.woff2

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35fba9536f442db090ac799d899c08220093229f2ac3828cbab56fa4204303f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 36580
cf-request-id: 09067ceb0000004ec252045000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Feb 2020 07:35:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b1c6b42a7c41ba5cd90cd3f65cbc13d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdbe696b4ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 arialmt.woff2
www.quiltercheviot.com/uploads/2020/02/00fa16f050c8d05c580d0bd747920726/ 100 KB
100 KB 344ms
320ms Font
application/octet-stream 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/uploads/2020/02/00fa16f050c8d05c580d0bd747920726/arialmt.woff2

Requested by

Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323f571432198a77eace801d0734bb26edf5bdf8f813309cc525dee4296af8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-d1c1a2e36ccaac48e166af9d3ac212910cac1b0e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 102180
cf-request-id: 09067ceb0000004ec2a6199000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Feb 2020 10:06:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ef82d1a5c6f08558f6a8a65ddf8a7c60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdbe696c4ec2-FRA
expires: Thu, 24 Mar 2022 15:39:15 GMT

GET
H2 200 david_miller_hi-2048x2048.jpg
www.quiltercheviot.com/uploads/2020/03/a7bc83d2d601ab6ccfe6aef5153a3c8b/ 287 KB
287 KB 413ms
413ms Image
image/jpeg 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/03/a7bc83d2d601ab6ccfe6aef5153a3c8b/david_miller_hi-2048x2048.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76626ecedd70938eecd3f4982a018a9fca8373547a7b962e9c1bcf934cb88c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 293625
cf-request-id: 09067cec1c00004ec240ac0000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 05 Mar 2020 10:30:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9cfc9bbb4e51366237731a6954321c7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdc02d7d4ec2-FRA
expires: Thu, 24 Mar 2022 15:39:16 GMT

GET
H2 200 individual-15-300x86-1.jpg
www.quiltercheviot.com/uploads/2020/04/aa6299dfbae1122d845fc64155436ae2/ 6 KB
7 KB 352ms
348ms Image
image/jpeg 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quiltercheviot.com/uploads/2020/04/aa6299dfbae1122d845fc64155436ae2/individual-15-300x86-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbab4d44ad8263783aa6509d1f96a880ab8ef9651abb2708dd4f30e9e1e553e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 6602
cf-request-id: 09067cec2700004ec23c1dc000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Apr 2020 08:12:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "356697fcde620443f6ffc5bd18fae318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6350fdc03da14ec2-FRA
expires: Thu, 24 Mar 2022 15:39:16 GMT

GET
H2 200 footer-f16b8eadb6e82379fd31d185d98b416ce1a5c541.min.js Show response
www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/ 753 KB
179 KB 281ms
278ms Script
application/javascript 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/footer-f16b8eadb6e82379fd31d185d98b416ce1a5c541.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4681aeb73c064d16b7dde5d494ae396c8c83883baabac300b748eb2035916b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
cf-request-id: 09067cec2700004ec2501e2000000001
x-proxy-by: dxm-rewrite
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Mar 2021 10:44:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6059c676-bc464"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=3600, public
cf-ray: 6350fdc03d9f4ec2-FRA
expires: Wed, 24 Mar 2021 16:39:16 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
648 B 37ms
35ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=2.10.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43125fafc75357c9d1018fd7e006bb3b637b2bccb0debe95316ea31c06ccffe7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Wed, 24 Mar 2021 15:39:15 GMT

GET
H2 200 footer-0212c8c9c7d637b4b001cc971e3e3cb6770cdfcf.min.js Show response
www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/ 23 KB
7 KB 251ms
248ms Script
application/javascript 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/footer-0212c8c9c7d637b4b001cc971e3e3cb6770cdfcf.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04703d860e064c4f863b80626bffe4fb05cbd20b1c3419dbe812690f4fc4137f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
cf-request-id: 09067cec2700004ec28435d000000001
x-proxy-by: dxm-rewrite
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Mar 2021 10:44:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6059c676-5c1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=3600, public
cf-ray: 6350fdc03da04ec2-FRA
expires: Wed, 24 Mar 2021 16:39:16 GMT

GET
H2 200 main-ksys-app-attestation.js Show response
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/ 838 KB
214 KB 207ms
130ms Script
application/javascript 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed2433392974afde4b1b0a4ace1991cdf55d4d38eb29865e6a4a87ec09dd582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: type=applicationAsset,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e,applicationTemplateCode=ksys-app-attestation-v1.4.0,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e&fileName=main-ksys-app-attestation.js,applicationTemplateCode=ksys-app-attestation-v1.4.0&fileName=main-ksys-app-attestation.js
date: Wed, 24 Mar 2021 15:39:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-disposition: inline; filename="main-ksys-app-attestation.js"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 09067cec7200004a550f397000000001
last-modified: Fri, 18 Sep 2020 07:50:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-store
cf-ray: 6350fdc0b8b94a55-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

GET
H2 200 header-a83b9abb43350fd2b02373fe564fdc61d566afcc.min.js Show response
www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/ 184 KB
55 KB 282ms
280ms Script
application/javascript 2606:4700::6812:dd3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-a83b9abb43350fd2b02373fe564fdc61d566afcc.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dd3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b3cade0c92346f478094d23223a2a699061709dfc824f8832ab48c209d00a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
cf-request-id: 09067cec2e00004ec2a5384000000001
x-proxy-by: dxm-rewrite
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Mar 2021 10:41:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6059c5e9-2e024"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=3600, public
cf-ray: 6350fdc04dbe4ec2-FRA
expires: Wed, 24 Mar 2021 16:39:16 GMT

GET
H2 200 widget-0-9f8639071487.js Show response
widget.sndcdn.com/ Frame 5DD1 203 KB
56 KB 47ms
45ms Script
application/javascript 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-0-9f8639071487.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-5842af0eec73.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cea8b60f3cc7b39928da812930cd9a83fd6006233329b331f3dfebcbdfcfb82d

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 10:37:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3733320
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Feb 2021 10:32:45 GMT
server: AmazonS3
etag: W/"ae268e63316694088cbbc391c1dcd35c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: lYmeQsoswqRguJecKYK9QNzZ9ldg-0ehyYGXFLYuK9qX_wBGl6qamw==

GET
H2 200 avatars-000334595289-s0g1g3-t500x500.jpg
i1.sndcdn.com/ Frame 5DD1 48 KB
48 KB 124ms
42ms Image
image/jpeg 13.226.159.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/avatars-000334595289-s0g1g3-t500x500.jpg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-50.dus51.r.cloudfront.net
Software: /
Resource Hash: 5bac3628f7b984f8838802fd37307806209ab54b01a0709e7837690506ef440d

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:07:12 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
age: 772324
access-control-allow-methods: GET
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id: QCch5s4HxgMELjlsC8_zzjQh_s0ZKCQ2PrFIsvz1cy8mBdhB1Qt-DA==

GET
H2 200 share-b41e1876.svg
widget.sndcdn.com/assets/images/ Frame 5DD1 1 KB
1 KB 28ms
20ms Image
image/svg+xml 13.226.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/share-b41e1876.svg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F1007285608&show_artwork=false&maxwidth=800&maxheight=1000&dnt=1&auto_play=false&buying=false&liking=true&download=false&sharing=true&show_comments=false&show_playcount=false&show_user=true&color
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 01:08:52 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3594625
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Feb 2021 10:32:49 GMT
server: AmazonS3
etag: W/"9423d7e2eeb4c8673077486ceea2e516"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: niDAl2R6zgJp9gWOdTWMDAMuPxwcPX_ZlaG46vj7MGYcxZGwvPP0XA==

GET
DATA 200
OK truncated
/ Frame 5DD1 43 KB
43 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d

Request headers

Origin: https://w.soundcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 avatars-000334595289-s0g1g3-t500x500.jpg
i1.sndcdn.com/ Frame 5DD1 48 KB
48 KB 86ms
31ms Image
image/jpeg 13.226.159.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/avatars-000334595289-s0g1g3-t500x500.jpg
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-9f8639071487.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-50.dus51.r.cloudfront.net
Software: /
Resource Hash: 5bac3628f7b984f8838802fd37307806209ab54b01a0709e7837690506ef440d

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 17:07:12 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
age: 772325
access-control-allow-methods: GET
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id: -Xvbt4guZQZZZa621TBZItSKS0CEdSl16R9AWhKUX3A6LIhiqO3yrw==

GET
H/1.1 200
OK c6vPb8kEQ8mk_m.json Show response
wave.sndcdn.com/ Frame 5DD1 6 KB
3 KB 597ms
291ms XHR
application/json 13.226.159.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.sndcdn.com/c6vPb8kEQ8mk_m.json
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6301d869b37a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-6.dus51.r.cloudfront.net
Software: /
Resource Hash: 7d0874a90a6f5972a1d7ca7f2a81e7c993d779975bcd58c6b34702d48cd94168

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 15:39:17 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: DUS51-C1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=155520000
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
Content-Length: 2221
Via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cTa6YVnSShKW7porEbBQvMG9OOnwEvADTpcQnbmP3gBsNz6a7nusog==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
50 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2ZBL4Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

313d41b130d27782a255ab003a43f7672ee2ac54f6788a1c03d6567d391976cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51291
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Mar 2021 15:39:17 GMT

GET
H2 200 vendor-mobx.4.9.4-react.16.8.6-react-dom.16.8.6-styled-components.4.2.0.min.js Show response
api-uk.kurtosys.app/applicationManager/apps/ksys-app-assets/ 217 KB
68 KB 162ms
128ms Script
text/javascript 2606:4700::6811:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-uk.kurtosys.app/applicationManager/apps/ksys-app-assets/vendor-mobx.4.9.4-react.16.8.6-react-dom.16.8.6-styled-components.4.2.0.min.js?cache=%7B%22maxAge%22%3A604800%7D

Requested by

Host: api.fundpress.io
URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baeb8c0969d5bdf3dcbdce622f8807c2fec97fe74af35c5d0bd08e9314ddd382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: type=applicationAsset,applicationCode=ksys-app-assets,applicationCode=ksys-app-assets&fileName=vendor-mobx.4.9.4-react.16.8.6-react-dom.16.8.6-styled-components.4.2.0.min.js,fileName=vendor-mobx.4.9.4-react.16.8.6-react-dom.16.8.6-styled-components.4.2.0.min.js
date: Wed, 24 Mar 2021 15:39:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-disposition: inline; filename="vendor-mobx.4.9.4-react.16.8.6-react-dom.16.8.6-styled-components.4.2.0.min.js"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 09067cf29d00002c22c5269000000001
last-modified: Tue, 27 Aug 2019 06:30:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-store
cf-ray: 6350fdca9d6c2c22-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

GET
H2 200 ksys-app-template-v2.5.4.min.js Show response
api-uk.kurtosys.app/applicationManager/apps/ksys-app-assets/ 171 KB
40 KB 159ms
126ms Script
application/javascript 2606:4700::6811:9a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-uk.kurtosys.app/applicationManager/apps/ksys-app-assets/ksys-app-template-v2.5.4.min.js?cache=%7B%22maxAge%22%3A604800%7D

Requested by

Host: api.fundpress.io
URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923ee99f72653679ad9849fd7c801282a60f782429fa65e9ee22c00ce653dd63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: type=applicationAsset,applicationCode=ksys-app-assets,applicationCode=ksys-app-assets&fileName=ksys-app-template-v2.5.4.min.js,fileName=ksys-app-template-v2.5.4.min.js
date: Wed, 24 Mar 2021 15:39:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-disposition: inline; filename="ksys-app-template-v2.5.4.min.js"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 09067cf29d00002c22328a3000000001
last-modified: Fri, 15 May 2020 12:59:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-store
cf-ray: 6350fdca9d6e2c22-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 652
date: Wed, 24 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Mar 2021 17:28:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
73 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=992385953&t=pageview&_s=1&dl=https%3A%2F%2Fwww.quiltercheviot.com%2Fuk%2Fprivate-client%2Finsights%2Fdiary-of-a-fund-manager-isolation-tank%2F%3Futm_source%3Dbento-bulletin%26utm_medium%3Demail%26utm_campaign%3D140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune%26utm_content%3D140347&ul=en-us&de=UTF-8&dt=Diary%20of%20a%20Fund%20Manager%20-%20Isolation%20Tank%20-%20Quilter%20Cheviot%20%7C%20Investment%20Management%20Services%20%7C%20Private%20Clients&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=972798401&gjid=1929818339&cid=98941173.1616600358&tid=UA-41871604-1&_gid=1851428673.1616600358&_r=1&_slc=1&z=642574343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 15:39:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.quiltercheviot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 331 KB
130 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=2.10.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 14:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4983
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 14:16:14 GMT

GET
H2 410 1659.js
script.crazyegg.com/pages/scripts/0089/ 0
0 37ms
18ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0089/1659.js?449056
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2ZBL4Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 15:39:17 GMT
cf-cache-status: HIT
last-modified: Wed, 24 Mar 2021 14:18:14 GMT
server: cloudflare
age: 4863
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6350fdcbcce3dfad-FRA
content-length: 0
cf-request-id: 09067cf3620000dfada7906000000001

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 16ms
16ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=992385953&t=pageview&_s=1&dl=https%3A%2F%2Fwww.quiltercheviot.com%2Fuk%2Fprivate-client%2Finsights%2Fdiary-of-a-fund-manager-isolation-tank%2F%3Futm_source%3Dbento-bulletin%26utm_medium%3Demail%26utm_campaign%3D140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune%26utm_content%3D140347&ul=en-us&de=UTF-8&dt=Diary%20of%20a%20Fund%20Manager%20-%20Isolation%20Tank%20-%20Quilter%20Cheviot%20%7C%20Investment%20Management%20Services%20%7C%20Private%20Clients&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1307405831&gjid=415973411&cid=98941173.1616600358&tid=UA-41871604-1&_gid=1851428673.1616600358&_r=1&gtm=2wg3h0T2ZBL4Q&z=1714100827

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 15:39:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.quiltercheviot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2ZBL4Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 652
date: Wed, 24 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Mar 2021 17:28:25 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 102ms
39ms Script
application/javascript 23.36.236.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.36.236.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-236-158.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 19:39:43 GMT
Server: nginx/1.15.8
ETag: W/"601858ff-cae3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Wed, 24 Mar 2021 15:39:17 GMT
Connection: keep-alive
Content-Length: 16039
Expires: Wed, 31 Mar 2021 15:39:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-41871604-1&cid=98941173.1616600358&jid=1307405831&gjid=415973411&_gid=1851428673.1616600358&_u=aEDAAEABAAAAAC~&z=523224724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Mar 2021 15:39:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.quiltercheviot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2461248b-4062-467b-89f6-d501ae5fec32.js Show response
cdnssl.clicktale.net/www56/ptc/ 249 KB
43 KB 56ms
26ms Script
application/javascript 2a02:26f0:7100:296::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www56/ptc/2461248b-4062-467b-89f6-d501ae5fec32.js
Requested by: Host: www.quiltercheviot.com
URL: https://www.quiltercheviot.com/uk/private-client/insights/diary-of-a-fund-manager-isolation-tank/?utm_source=bento-bulletin&utm_medium=email&utm_campaign=140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune&utm_content=140347
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:296::2db0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccfb45588d07b34cf66b751f7bd9c348b7a560698d7fae49d6b5319a306ad069

Request headers

Origin: https://www.quiltercheviot.com
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uQT3Ru5Q9s4OUv0Lt3JcI25NKb8F5Pl0
content-encoding: br
last-modified: Tue, 23 Mar 2021 08:50:26 GMT
server: AmazonS3
x-amz-request-id: SPA8G12YR9S3NJBK
etag: "0fe9da1a5cd40210fb316b7aeed4273f"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Wed, 24 Mar 2021 15:39:18 GMT
accept-ranges: bytes
content-length: 43528
x-amz-id-2: xD4Qu+zpQWb9UYoZTa6X7SUQ5fcmbTNTkCxgysjik0SJCnk9RICfSj6OMh+33MdzLkuu8A9bOAc=
expires: Wed, 24 Mar 2021 15:49:18 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
429 B 91ms
23ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-41871604-1&cid=98941173.1616600358&jid=972798401&gjid=1929818339&_gid=1851428673.1616600358&_u=IEBAAEAAAAAAAC~&z=371025082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Mar 2021 15:39:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.quiltercheviot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 default
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/getApplicationAppConfig/ Frame 0
0 38ms
21ms Preflight
text/plain 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/getApplicationAppConfig/default

Protocol

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.quiltercheviot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Mar 2021 15:39:18 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: GET,POST
access-control-max-age: 120
x-ksys-cache-status: HIT
x-xss-protection: 1; mode=block
cf-request-id: 09067cf66800004eaaf70c0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6350fdd0aee64eaa-FRA

GET
H2 200 default Show response
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/getApplicationAppConfig/ 16 KB
3 KB 115ms
114ms XHR
application/json 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/getApplicationAppConfig/default

Requested by

Host: api.fundpress.io
URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834394700d26424310ac82113f4fc20b1a7e5a5934e6dc9a01ced9b46c01760d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

cache-tags: applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e&applicationConfigurationName=default,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e&applicationStyleName=default
date: Wed, 24 Mar 2021 15:39:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"3eb1-ULhfyUfYJwOu2OG0SU2ShYHb7Wk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
cf-request-id: 09067cf67e00004eaa163a0000000001
cf-ray: 6350fdd0cf284eaa-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-41871604-1&cid=98941173.1616600358&jid=972798401&_u=IEBAAEAAAAAAAC~&z=181618143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 15:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-41871604-1&cid=98941173.1616600358&jid=972798401&_u=IEBAAEAAAAAAAC~&z=181618143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 15:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 48ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-41871604-1&cid=98941173.1616600358&jid=1307405831&_u=aEDAAEABAAAAAC~&z=522610993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 15:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
41ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-41871604-1&cid=98941173.1616600358&jid=1307405831&_u=aEDAAEABAAAAAC~&z=522610993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 15:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set 58483 Show response
stags.bluekai.com/site/ Frame 1DEF 71 B
1 KB 267ms
189ms Document
text/html 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/58483?ret=html&phint=__bk_t%3DDiary%20of%20a%20Fund%20Manager%20-%20Isolation%20Tank%20-%20Quilter%20Cheviot%20%7C%20Investment%20Management%20Services%20%7C%20Private%20Clients&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.quiltercheviot.com%2Fuk%2Fprivate-client%2Finsights%2Fdiary-of-a-fund-manager-isolation-tank%2F%3Futm_source%3Dbento-bulletin%26utm_medium%3Demail%26utm_campaign%3D140347_bento-1220-how-to-show-the-value-of-financial-advice-it-s-worth-a-fortune%26utm_content%3D140347&phint=__bk_v%3D3.1.9&limit=4&r=9704225
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.quiltercheviot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.quiltercheviot.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: b732
Date: Wed, 24 Mar 2021 15:39:19 GMT
Connection: keep-alive
Set-Cookie: bkdc=phx; expires=Mon, 20-Sep-2021 15:39:19 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bkpa=KJhBD1+ryM9xdJoyzT9AaeCWPxVvNWmkPr621LAsgd9M+5KJIF45WWO/+F4otjk5OiHRq7qan7dNxvDiGhK2xA+kUjXrBuU8XRMud0Uj07UXun8P+Ytqet7ksEhfQr2fzaGumLFIMfuUVdGgG3jg66cOQ/fRufScbR15/J9OuyILVd9B4L9sy3wN6I1QYuRxM5yE7ikKZmJpgekVHcN/XgzA3di1T8MIpM0SZDESm1ma0Y0g4QRUpHVSWtQe7CUhIv35o9FUYuAbail1na7QUS0Q32x30S+/oQTrIQSRy/ZC7eCagRsxPd/0Pxt6s9NUyDMD+txMEudhqeZ2nkj8LSl7FIr1abMzvBQwPb+9eaJcZwC6SvP+DsGCttkU9AAW1EowSrnvBk3TElYVJZUl9zdnsMiqoI+6F2OGA1oiTzF25kPAtKR49nv6Ly==; expires=Mon, 20-Sep-2021 15:39:19 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=zIx99Y55VtYMnBR8; expires=Mon, 20-Sep-2021 15:39:19 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

GET
H2 200 getTheme Show response
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/applicationManager/ 213 B
333 B 131ms
130ms XHR
application/json 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/applicationManager/getTheme?type=apps&name=default

Requested by

Host: api.fundpress.io
URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffead03ac210d7492999d1ea84922355474e78a675d85abd6ceec305ba3dad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.quiltercheviot.com/
x-ksys-token: 8b64249d-e26d-418c-8749-2cb9abb85300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

cache-tags: type=theme,clientId=2002&themeName=default
date: Wed, 24 Mar 2021 15:39:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 09067cf83600004eaaf1192000000001
last-modified: Wed, 20 May 2020 17:39:48 GMT
server: cloudflare
etag: W/"d5-/3G4Wj5X3dtEO2dHRlNmHX0AzXc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-store
cf-ray: 6350fdd38d1d4eaa-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

POST
H2 200 listtranslations Show response
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/ 4 KB
821 B 131ms
131ms XHR
application/json 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/listtranslations

Requested by

Host: api.fundpress.io
URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c697b87511bae6107de2095eeadd9225a47d7d0094f48cecd8cbeba9bf9283f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.quiltercheviot.com/
x-ksys-token: 8b64249d-e26d-418c-8749-2cb9abb85300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 24 Mar 2021 15:39:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"1124-49V8QcFKN+laEklPp9/nn31YLXU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
cf-request-id: 09067cf83600004eaa1925a000000001
cf-ray: 6350fdd38d1a4eaa-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

POST
H2 200 listdisclaimers Show response
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/ 39 KB
2 KB 151ms
150ms XHR
application/json 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/listdisclaimers

Requested by

Host: api.fundpress.io
URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

defc8f16f5f336e223a59d42e0672ccb0973f1fb314ea4314eefe86e061a5d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.quiltercheviot.com/
x-ksys-token: 8b64249d-e26d-418c-8749-2cb9abb85300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 24 Mar 2021 15:39:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"9a6f-3zycwuC2fc/juixX7stlhj/XEZo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
cf-request-id: 09067cf8f200004eaa4d103000000001
cf-ray: 6350fdd4bfae4eaa-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

OPTIONS
H2 200 getTheme
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/applicationManager/ Frame 0
0 25ms
25ms Preflight
text/plain 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/applicationManager/getTheme?type=apps&name=default

Protocol

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-ksys-token
Origin: https://www.quiltercheviot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Mar 2021 15:39:18 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: GET,POST
access-control-max-age: 120
x-ksys-cache-status: HIT
x-xss-protection: 1; mode=block
cf-request-id: 09067cf81a00004eaaea22c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6350fdd35ccb4eaa-FRA

OPTIONS
H2 200 listtranslations
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/ Frame 0
0 19ms
19ms Preflight
text/plain 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/listtranslations

Protocol

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ksys-token
Origin: https://www.quiltercheviot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Mar 2021 15:39:18 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: GET,POST
access-control-max-age: 120
x-ksys-cache-status: HIT
x-xss-protection: 1; mode=block
cf-request-id: 09067cf82200004eaa1e31d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6350fdd36cdb4eaa-FRA

OPTIONS
H2 200 listdisclaimers
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/ Frame 0
0 19ms
19ms Preflight
text/plain 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/services/config/listdisclaimers

Protocol

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ksys-token
Origin: https://www.quiltercheviot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Mar 2021 15:39:19 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: GET,POST
access-control-max-age: 120
x-ksys-cache-status: HIT
x-xss-protection: 1; mode=block
cf-request-id: 09067cf8e000004eaa06908000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6350fdd49f604eaa-FRA

GET
H2 200 QClogo.svg
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/ 5 KB
3 KB 64ms
63ms Image
image/svg+xml 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/QClogo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a22d3b7fbddb3fc006b038e86fa88ab91a7a41618dac9620cc972b5d6688b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: type=applicationAsset,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e,applicationTemplateCode=ksys-app-attestation-v1.4.0,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e&fileName=QClogo.svg,applicationTemplateCode=ksys-app-attestation-v1.4.0&fileName=QClogo.svg
date: Wed, 24 Mar 2021 15:39:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-disposition: inline; filename="QClogo.svg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 09067cfa4900004a550bb10000000001
last-modified: Thu, 09 Apr 2020 11:01:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-store
cf-ray: 6350fdd6daad4a55-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

GET
H2 200 DropdownChevronIcon.svg
api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/ 353 B
605 B 115ms
114ms Image
image/svg+xml 2606:4700::6811:9b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/DropdownChevronIcon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8a8ac75635d90c96e5049b54897db3d8189a8860d5cb5c096bda6136b389d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.quiltercheviot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: type=applicationAsset,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e,applicationTemplateCode=ksys-app-attestation-v1.4.0,applicationCode=907740a9-cf2d-47bf-8d97-28b9f19deb6e&fileName=DropdownChevronIcon.svg,applicationTemplateCode=ksys-app-attestation-v1.4.0&fileName=DropdownChevronIcon.svg
date: Wed, 24 Mar 2021 15:39:19 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: DYNAMIC
content-disposition: inline; filename="DropdownChevronIcon.svg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 09067cfa4a00004a55faad4000000001
last-modified: Fri, 18 Sep 2020 07:50:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 120
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-store
cf-ray: 6350fdd6daaf4a55-FRA
access-control-allow-headers: X-KSYS-TOKEN, X-KSYS-API, X-KSYS-EXPERIMENTAL-TRANSLATION, X-Requested-With, Content-Type, Authorization, Accept

POST
H/1.1 200
OK me Show response
l9bjkkhaycw6f8f4.soundcloud.com/ Frame 5DD1 0
434 B 94ms
43ms XHR
application/json 13.226.135.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l9bjkkhaycw6f8f4.soundcloud.com/me

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6301d869b37a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.226.135.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-135-56.dus51.r.cloudfront.net

Software

am/2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 24 Mar 2021 15:39:21 GMT
Via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
Server: am/2
X-Amz-Cf-Pop: DUS51-C1
Strict-Transport-Security: max-age=63072000
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: Kc0WvkbiBAp1DgARldwtlSKnAjTyatPq8g88ZKWZCvQCLdNIBr7CQg==

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quiltercheviot.com/	1970-01-19 17:04:46	Name: _gid Value: GA1.2.1851428673.1616600358
.quiltercheviot.com/	1970-01-19 17:03:20	Name: _gat Value: 1
.quiltercheviot.com/	1970-01-20 10:34:32	Name: _ga Value: GA1.2.98941173.1616600358

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://widget.sndcdn.com/widget-9-6301d869b37a.js(Line 54) Message: SoundCloud Embed Player (api-web)
console-api	log	URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-a83b9abb43350fd2b02373fe564fdc61d566afcc.min.js(Line 21) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	warning	URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-a83b9abb43350fd2b02373fe564fdc61d566afcc.min.js(Line 23) Message: JQMIGRATE: 'ready' event is deprecated
console-api	log	URL: https://www.quiltercheviot.com/cache/sites/4/cache/fvm/1616496085/out/header-a83b9abb43350fd2b02373fe564fdc61d566afcc.min.js(Line 23) Message: console.trace
console-api	info	URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js(Line 1) Message: event triggered: ksys-app-loaded
console-api	info	URL: https://api.fundpress.io/applicationManager/apps/907740a9-cf2d-47bf-8d97-28b9f19deb6e/main-ksys-app-attestation.js(Line 1) Message: event triggered: ksys-apps-loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
api-uk.kurtosys.app
api-widget.soundcloud.com
api.fundpress.io
cdnssl.clicktale.net
fonts.gstatic.com
i1.sndcdn.com
l9bjkkhaycw6f8f4.soundcloud.com
links.panaceaadviser.com
script.crazyegg.com
stags.bluekai.com
stats.g.doubleclick.net
tags.bkrtx.com
w.soundcloud.com
wave.sndcdn.com
widget.sndcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.quiltercheviot.com
13.226.135.56
13.226.135.59
13.226.159.101
13.226.159.50
13.226.159.59
13.226.159.6
23.36.236.158
23.79.152.128
2606:4700::6810:a723
2606:4700::6811:9a64
2606:4700::6811:9b64
2606:4700::6812:dd3d
2606:4700::6813:9308
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:400c:c0b::9a
2a00:1450:400c:c0c::9b
2a02:26f0:7100:296::2db0
94.136.51.43
04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00
04703d860e064c4f863b80626bffe4fb05cbd20b1c3419dbe812690f4fc4137f
0b60c505f0fb540865e90fd00d27781088dc2b02581210d4a8d870c18e0209bb
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
18d379a5a86559021c88a9370b6ad14f519e5d8489effd6ab66f0ebfdcaa0101
1a22d3b7fbddb3fc006b038e86fa88ab91a7a41618dac9620cc972b5d6688b46
21752a5f83f9c60bb8fe008f310d4d42e904dd8da9d26fcadf3aa8d7cc33c96e
25e655920cdd798f6a8dadeb10e57d0f02b19280ed3bcabfe8bd429da2430418
2b7911f0c2cd42ee19af32261122ee0b2cd229d6266d26ddc4b7e0d5b28647ff
313d41b130d27782a255ab003a43f7672ee2ac54f6788a1c03d6567d391976cf
323f571432198a77eace801d0734bb26edf5bdf8f813309cc525dee4296af8ef
35fba9536f442db090ac799d899c08220093229f2ac3828cbab56fa4204303f3
3a8a8ac75635d90c96e5049b54897db3d8189a8860d5cb5c096bda6136b389d5
43125fafc75357c9d1018fd7e006bb3b637b2bccb0debe95316ea31c06ccffe7
4681aeb73c064d16b7dde5d494ae396c8c83883baabac300b748eb2035916b75
4b2ebc07ad8a8f5baa7be1bb048dbd7e3fa39a0be4323f39b94216e957910895
4b6c5e9b5b2bfe5a3f2b0e94f6006484bd6b0f86e468113092056f745c27040e
4cbfa879394a6246adcb866b9b30709c1f33c46781495d07559fb1216a449535
5059a04eba83615d3738f11e32fd806d873284ea0deda721dbce266817c1049c
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5bac3628f7b984f8838802fd37307806209ab54b01a0709e7837690506ef440d
73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7b3766492e5380546cf4a46035060c8d9556a3766f166c8698f6b7e363204ff5
7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65
7d0874a90a6f5972a1d7ca7f2a81e7c993d779975bcd58c6b34702d48cd94168
834394700d26424310ac82113f4fc20b1a7e5a5934e6dc9a01ced9b46c01760d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
923ee99f72653679ad9849fd7c801282a60f782429fa65e9ee22c00ce653dd63
9992b67c1633d6b8321adfa1edfe96515dbbfa0ac8dc520a1b470db2948a552c
9c697b87511bae6107de2095eeadd9225a47d7d0094f48cecd8cbeba9bf9283f
9ffead03ac210d7492999d1ea84922355474e78a675d85abd6ceec305ba3dad2
a9b3cade0c92346f478094d23223a2a699061709dfc824f8832ab48c209d00a2
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b5421634ccb3a55be105ccb5b805d0ab1b8c9480bfab9b21ea91da4cf4a3bb22
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
b76626ecedd70938eecd3f4982a018a9fca8373547a7b962e9c1bcf934cb88c4
baeb8c0969d5bdf3dcbdce622f8807c2fec97fe74af35c5d0bd08e9314ddd382
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d
bed2433392974afde4b1b0a4ace1991cdf55d4d38eb29865e6a4a87ec09dd582
c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684
ccfb45588d07b34cf66b751f7bd9c348b7a560698d7fae49d6b5319a306ad069
cea8b60f3cc7b39928da812930cd9a83fd6006233329b331f3dfebcbdfcfb82d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defc8f16f5f336e223a59d42e0672ccb0973f1fb314ea4314eefe86e061a5d6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f931c51044ae5a42e82cac063cec67789d4f578b17824568afe0849b515435
ec947f0d36fb9a46cb466875032552eab1c7191bd95f3fccdab49f0db5b8e4c7
ed601892f484dfffb757d05a5dade2eac3fe24d4de94796f43343a8b95249b9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64df14794fce1c390dfcbc6b1acfea04020e1e034f2e036b5ff3acf85a01ab2
fbab4d44ad8263783aa6509d1f96a880ab8ef9651abb2708dd4f30e9e1e553e9

www.quiltercheviot.com Open in urlscan Pro 2606:4700::6812:dd3d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

61 %IPv6

17 Domains

22 Subdomains

23 IPs

4 Countries

2524 kBTransfer

6995 kBSize

3 Cookies

9 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.quiltercheviot.com Open in urlscan Pro
2606:4700::6812:dd3d Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

61 %
IPv6

17
Domains

22
Subdomains

23
IPs

4
Countries

2524 kB
Transfer

6995 kB
Size

3
Cookies

66 HTTP transactions
1 data transactions