urlscan.io logo urlscan.io
SecurityTrails logo

coverdirect.com Open in urlscan Pro
66.155.17.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ddlnk.net/2NL3-1ALEE-8M5H4P-UB3QU-1/c.aspx
Effective URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_...
Submission: On July 06 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 18 domains to perform 46 HTTP transactions. The main IP is 66.155.17.143, located in Portsmouth, United Kingdom and belongs to COGECO-PEER1, CA. The main domain is coverdirect.com.
TLS certificate: Issued by R3 on June 29th 2022. Valid for: 3 months.
This is the only time coverdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.16.209.86 13335 (CLOUDFLAR...)
4 66.155.17.143 13768 (COGECO-PEER1)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 34.96.102.137 15169 (GOOGLE)
1 143.204.89.56 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:401... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
2 143.204.89.128 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 108.157.4.45 16509 (AMAZON-02)
1 2 151.139.128.11 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.84 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2001:1af8:402... 60781 (LEASEWEB-...)
46 21
1    104.16.209.86 (None, )

ASN13335 (CLOUDFLARENET, US)
ddlnk.net
4    66.155.17.143 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
coverdirect.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    143.204.89.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-56.fra50.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4014:80b::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    143.204.89.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-128.fra50.r.cloudfront.net
rum.uptime.com
1    2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net
script.hotjar.com
2    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
cdn.mouseflow.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net
vars.hotjar.com
3    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:1af8:4020:a058::20:44 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
o2.mouseflow.com
Apex Domain
Subdomains		 Transfer
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 450
114 KB
4 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 5995
o2.mouseflow.com — Cisco Umbrella Rank: 41723
55 KB
4 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5299
50 KB
4 coverdirect.com
coverdirect.com
99 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5448
763 B
3 google.com
www.google.com — Cisco Umbrella Rank: 8
763 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
4 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
67 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
126 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
500 B
2 uptime.com
rum.uptime.com — Cisco Umbrella Rank: 47991
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
1 gstatic.com
fonts.gstatic.com
37 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 766
466 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 ddlnk.net
ddlnk.net — Cisco Umbrella Rank: 130679
805 B
46 18
Domain Requested by
7 cdn.cookielaw.org coverdirect.com
cdn.cookielaw.org
4 dev.visualwebsiteoptimizer.com coverdirect.com
dev.visualwebsiteoptimizer.com
4 coverdirect.com coverdirect.com
3 www.google.de coverdirect.com
3 www.google.com coverdirect.com
3 www.googletagmanager.com coverdirect.com
www.googletagmanager.com
2 o2.mouseflow.com cdn.mouseflow.com
2 www.facebook.com coverdirect.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 cdn.mouseflow.com 1 redirects coverdirect.com
2 rum.uptime.com coverdirect.com
rum.uptime.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com coverdirect.com
2 connect.facebook.net coverdirect.com
connect.facebook.net
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 script.hotjar.com static.hotjar.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com coverdirect.com
1 ddlnk.net 1 redirects
46 22

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
coverdirect.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-16 -
2022-07-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
uptime.com
Amazon		 2022-04-08 -
2023-05-07		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-12 -
2022-09-14		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Frame ID: 4493B403ADC42428712B4CA27D01ABE5
Requests: 44 HTTP requests in this frame

Frame: https://coverdirect.com/click?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3%2c1ALEE%2c8M5H4P%2c51PC1%2c1&pageurl=http://coverdirect.com/over-50-life-insurance/apply
Frame ID: 31861D6FD891731AA447F5031918447A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: EF880CBDDAEF06DE17F12192B28D7807
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Over 50 Life Insurance, No Medical Questions | Cover DirectCover Direct LogoCover Direct LogoBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://ddlnk.net/2NL3-1ALEE-8M5H4P-UB3QU-1/c.aspx HTTP 302
    https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

46
Requests

98 %
HTTPS

59 %
IPv6

18
Domains

22
Subdomains

21
IPs

7
Countries

704 kB
Transfer

2151 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ddlnk.net/2NL3-1ALEE-8M5H4P-UB3QU-1/c.aspx HTTP 302
    https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773.js HTTP 301
  • https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773_eu.js

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request apply
coverdirect.com/over-50-life-insurance/
Redirect Chain
  • https://ddlnk.net/2NL3-1ALEE-8M5H4P-UB3QU-1/c.aspx
  • https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2...
87 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.155.17.143 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d353670b6b4fc8e37ac146166df6d97001424dfc27801e554c4629a5422d546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection : 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
br
Content-Length
35398
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 20:49:48 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Powered-By
ASP.NET
X-XSS-Protection
: 1;mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
726b3581ccf99975-FRA
content-length
0
date
Wed, 06 Jul 2022 20:49:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://coverdirect.com:443/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
server
cloudflare
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4m3LBpuQ5au3un+sbdTm6g==
age
1446
vary
Accept-Encoding
content-length
6922
x-ms-lease-status
unlocked
last-modified
Mon, 04 Jul 2022 02:38:02 GMT
server
cloudflare
etag
0x8DA5D66372E5D82
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75a9b1d0-a01e-0097-1652-8fbb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726b3583a97c01f0-ZRH
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-56325776-8
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4857b0570bb887780aac4069681d6e5686f448fa0a0ea8b2ab7fbd25a1700f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40374
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Jul 2022 20:49:48 GMT
app.css
coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/ 		37 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/app.css?17
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.155.17.143 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25ab8dd7a367d8edfeb6256741e7eb894e654d7cdea3be48f121e258f9ba372b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection : 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 20:49:48 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Length
12425
X-XSS-Protection
: 1;mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 25 Nov 2021 10:26:10 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
DENY
ETag
"a22e43dde6e1d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Accept-Ranges
bytes
apply.js
coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/ 		101 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/apply.js?18
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.155.17.143 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48ae6dfc75fa61931956819ae5cbb22d98331f326afb95b94e98586db5d00f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection : 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 20:49:48 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Length
51717
X-XSS-Protection
: 1;mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 25 Nov 2021 10:26:10 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
DENY
ETag
"a22e43dde6e1d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
f875247b-6d63-42c0-927a-849ea7b510b3.json
cdn.cookielaw.org/consent/f875247b-6d63-42c0-927a-849ea7b510b3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f875247b-6d63-42c0-927a-849ea7b510b3/f875247b-6d63-42c0-927a-849ea7b510b3.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920ad3837b00a4a93f08c6a244e6880a674c9cb2a447c70cfee3674d221d3446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TLApPyz0sFEVZXit6nQfLA==
vary
Accept-Encoding
content-length
1356
x-ms-lease-status
unlocked
last-modified
Tue, 17 Aug 2021 13:23:54 GMT
server
cloudflare
etag
0x8D961824305318F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a5d74672-801e-0161-1b4a-c6da6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726b3583fd26cc46-ZRH
expires
Thu, 07 Jul 2022 00:49:48 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=554247&u=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&f=1&r=0.7464330876025651
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
41dc961c35813fcc9656ce82552d8bb62098b8724bb84e85767a74561856c431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Jul 2022 20:49:48 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
hotjar-2336830.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2336830.js?sv=6
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-56.fra50.r.cloudfront.net
Software
/
Resource Hash
d32dc8efc82e76c6ea57a0cf4ff67b41c502f8bb636d8579fe4ccaad2d7eae32
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/703fc64b21b601fd024163f84b509234
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
7PJNXEyO97HUIlRt19asOI1CWApKS6DtYh1fsZ3RSBrJ61mN6ff0Gg==
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
RN5giXGbRxirk4a/NJsJGgiQ2z5T5UN3ZArsdzImLyXcQdN58YKgztecV4Q+4wcGLDfKAMIXCxAy9ERBx0o+Mg==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Wed, 06 Jul 2022 20:49:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ 		7 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:400,700,900&display=swap
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/app.css?17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80b::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48c8fb15351d5260f852d33b9e18d35195dc0e52570688c5aad18efbf8c0e352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/app.css?17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 20:49:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 20:49:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 20:49:48 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700,900&display=swap
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/app.css?17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80b::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50355a02fbe982af7e3417c67e65aba9f7ffca56abcb5025a52178ccd7098367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/areas/over50lifeinsurance/views/Apply/assets/dist/app.css?17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 20:49:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 20:49:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 20:49:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56325776-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6299
date
Wed, 06 Jul 2022 19:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 06 Jul 2022 21:04:49 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-654988943&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56325776-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ec15fd9115e4a2c3291da39ea78220dbb4e40c8c42a0fa022c758618a62bf25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43982
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Jul 2022 20:49:48 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-655007200&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56325776-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d38e4a9b7518ceba5311070ee96bf27f98725ec020959ba22858b473ac32773a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43982
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Jul 2022 20:49:48 GMT
tag-a43b9d9ac6e298127119dde1bf8c6d27.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		168 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-a43b9d9ac6e298127119dde1bf8c6d27.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=554247&u=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&f=1&r=0.7464330876025651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
ee70be130e56c536b42409f26b0cb95eae69fd33017e9e4079f9d19b7d27ef24

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Origin
https://coverdirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:47 GMT
content-encoding
br
last-modified
Tue, 05 Jul 2022 11:48:41 GMT
server
gfra1
etag
"62c42519-bcc3"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48323
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=554247&d=coverdirect.com&u=D57FFC9EDC4790AA789CB990F88F60671&h=c17da172281eade98715c564d206a54f&t=false&r=0.7902704560177007
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
472992216973225
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/472992216973225?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35b263ed747025e9faa6420d2c679d9d7ddbb670b716b68a65bcd12b75306b5f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
HG5Xxk9BowpcF+glwq9ibRwCRbKmt9oCqkNByVZXJ89BShbyVXI/RTO21Bc5XYc0c5yuq1NRIHj3Rm3/sOC42w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 06 Jul 2022 20:49:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1657140588341
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-655007200&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15163
x-xss-protection
0
server
cafe
etag
11137310801552021614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Jul 2022 20:49:48 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=939289736&t=pageview&_s=1&dl=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&ul=en-us&de=UTF-8&dt=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=662977128&gjid=369187853&cid=1382730920.1657140588&tid=UA-56325776-8&_gid=566353263.1657140588&_r=1&gtm=2ou6t0&z=2017573058
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://coverdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
rum.uptime.com/static/rum/compiled/ 		979 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum.uptime.com/static/rum/compiled/rum.js
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-128.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6131063f3529c3fdcc666f58f6eb86f7f29050258c728abbc01bd76fecefbbc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 03:29:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 12:09:59 GMT
server
nginx
age
407999
etag
"62bc4117-3d3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
979
x-amz-cf-id
Aujx1-c6ABybyx07IK8baUSqFmR9Nx8QQ2rcxyVQmbTYTGQ7h3pAYQ==
expires
Sat, 09 Jul 2022 03:29:49 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
726b35849962cc4e-ZRH
access-control-allow-headers
Content-Type
modules.eaa59710f7e60ac1d235.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.eaa59710f7e60ac1d235.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2336830.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-45.dus51.r.cloudfront.net
Software
/
Resource Hash
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
216462
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64077
access-control-allow-origin
*
last-modified
Mon, 04 Jul 2022 08:41:34 GMT
etag
"db52ab3b370d0f21f8ed961bf7934556"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
eUbsxFRTA7eIRvKy-1HjtNlAIkMLoeSf6tnEBMtoqZkxHpwk7VHpTA==
d5d723c7-71fe-4adf-a811-5e8ba5364773_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773.js
  • https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773_eu.js
186 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773_eu.js
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
2bf31ccb8a9af3eba4b715ec37e0d58f75aa01b582202aa2c36b188528803e54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 06:01:07 GMT
server
etag
"27f1c2736b8fd81:0"
x-hw
1657140588.cds259.lo4.hn,1657140588.cds007.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
55198

Redirect headers

date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 06:01:02 GMT
server
etag
"94bae9706b8fd81:0"
location
https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773_eu.js
x-hw
1657140588.cds259.lo4.hn,1657140588.cds214.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773.js
content-length
55197
click
coverdirect.com/ Frame 3186 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://coverdirect.com/click?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3%2c1ALEE%2c8M5H4P%2c51PC1%2c1&pageurl=http://coverdirect.com/over-50-life-insurance/apply
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.155.17.143 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection : 1;mode=block

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
br
Content-Length
111
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 20:49:48 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Powered-By
ASP.NET
X-XSS-Protection
: 1;mode=block
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://coverdirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:07:32 GMT
x-content-type-options
nosniff
age
99736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:07:32 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56325776-8&cid=1382730920.1657140588&jid=662977128&gjid=369187853&_gid=566353263.1657140588&_u=YEBAAUAAAAAAAC~&z=495577944
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 06 Jul 2022 20:49:48 GMT
content-type
text/plain
access-control-allow-origin
https://coverdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		859 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=554247&settings_type=1&vn=7.0&r=0.49882298388265633
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-a43b9d9ac6e298127119dde1bf8c6d27.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
357d0551298a3c73c50002c7d67ce5afa1c61db63c3fad89ce0e95cb712b3671

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:47 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/655007200/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655007200/?random=1657140588286&cv=9&fst=1657140588286&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&tiba=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c134aeae6952217ce184455e14df0ee3c4104364cc750d83c3c008217e98b4da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/654988943/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/654988943/?random=1657140588290&cv=9&fst=1657140588290&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&tiba=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26071d394437dc4aef226d3d2c27b5e40329b6817fa4c8d1faa8419d00f3e271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.22.0/ 		311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Uj6Yo16pL9bm0y1nKKjJjg==
age
22538533
vary
Accept-Encoding
content-length
75930
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:18 GMT
server
cloudflare
etag
0x8D962BA8ADAEF03
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
85964eb7-701e-0059-196c-c4dd60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726b35850bd901f0-ZRH
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame EF88 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2336830.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-84.fra60.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
479389
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 07:39:59 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-id
nwugjDb_Vf3Zr0VWnOXO9TMJ_Fu1crIwmZVt9H5i6IjsSqXe8A6UoA==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56325776-8&cid=1382730920.1657140588&jid=662977128&_u=YEBAAUAAAAAAAC~&z=516013354
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56325776-8&cid=1382730920.1657140588&jid=662977128&_u=YEBAAUAAAAAAAC~&z=516013354
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/654988943/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/654988943/?random=1657140588290&cv=9&fst=1657137600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&tiba=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&async=1&fmt=3&is_vtc=1&random=3105815161&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/654988943/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/654988943/?random=1657140588290&cv=9&fst=1657137600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&tiba=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&async=1&fmt=3&is_vtc=1&random=3105815161&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/655007200/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/655007200/?random=1657140588286&cv=9&fst=1657137600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&tiba=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&async=1&fmt=3&is_vtc=1&random=121165742&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/655007200/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/655007200/?random=1657140588286&cv=9&fst=1657137600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&tiba=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&async=1&fmt=3&is_vtc=1&random=121165742&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/f875247b-6d63-42c0-927a-849ea7b510b3/585499a8-3afa-48a1-931e-15d951f71484/ 		46 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f875247b-6d63-42c0-927a-849ea7b510b3/585499a8-3afa-48a1-931e-15d951f71484/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43db8ceaef23d0d6ccebdc19781f695bb49a5abfbfb142a9cf41739428c59452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
omAwvI1rmwiq1vHFSMvFGQ==
vary
Accept-Encoding
content-length
12506
x-ms-lease-status
unlocked
last-modified
Tue, 17 Aug 2021 13:23:57 GMT
server
cloudflare
etag
0x8D9618244DAE65F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bacd8be6-d01e-0076-6134-5a5c5a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726b35855eadcc46-ZRH
expires
Thu, 07 Jul 2022 00:49:48 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=472992216973225&ev=PageView&dl=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&rl=&if=false&ts=1657140588400&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657140588398.742358298&it=1657140588185&coo=false&rqm=GET
Requested by
Host: coverdirect.com
URL: https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 06 Jul 2022 20:49:48 GMT
init
o2.mouseflow.com/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o2.mouseflow.com/init?v=17.68&p=d5d723c7-71fe-4adf-a811-5e8ba5364773&s=48e68646731c66f8f5837eec2a3baf5e&page=070648048c1f6979fcf4471a1738d0a9acfefccb&ret=0&u=dc5947a6dd6391d4daba09d465022299&href=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&url=%2Fover-50-life-insurance%2Fapply&ref=&title=Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct&res=1600x1200&tz=0&to=0&dnt=0&ori=&dw=1600&dh=1200&time=342&pxr=1&gdpr=1&vars=utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:1af8:4020:a058::20:44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:48 GMT
server
Mouseflow
x-recorder
rec-14-eu
content-type
text/plain; charset=Windows-1252
access-control-allow-origin
https://coverdirect.com
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
expires
-1
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
f7jaPIyjQ/a2xpowJkv7AQ==
vary
Accept-Encoding
content-length
2568
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:12 GMT
server
cloudflare
etag
0x8D962BA87450E42
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e6d579cc-101e-0120-17bb-48f27f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726b3585cf26cc46-ZRH
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49f1fe168324ed0f76fbbab536b991c992296cd48da5ce9dd8bc8ea55e2ef946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pBbNBWblMGxcYZJi8CLm5g==
vary
Accept-Encoding
content-length
11457
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:12 GMT
server
cloudflare
etag
0x8D962BA87A0FB3C
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
808c76fe-f01e-0043-334a-4af20f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
726b3585cf28cc46-ZRH
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 20:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
F/Fs54+x9bQK/ULkNRp4fA==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6ba8adcb-a01e-011b-5d46-01b021000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
726b3585cf2acc46-ZRH
record-data
rum.uptime.com/rum/ 		16 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum.uptime.com/rum/record-data
Requested by
Host: rum.uptime.com
URL: https://rum.uptime.com/static/rum/compiled/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-128.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e8dc051cac81ea5e30899600db6c085894f31a248ab46ace77d3b1756d58e730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Jul 2022 20:49:48 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
referrer-policy
same-origin
server
nginx
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
vary
Origin, Cookie
content-length
16
x-content-type-options
nosniff
x-amz-cf-id
BT9sASssci1HFjdyOEY2tE8NcLW81PtFxdd3vUcSF3cx8ZQdxyiIgg==
expires
Wed, 06 Jul 2022 20:49:48 GMT
html
o2.mouseflow.com/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o2.mouseflow.com/html?website=d5d723c7-71fe-4adf-a811-5e8ba5364773&session=48e68646731c66f8f5837eec2a3baf5e&page=070648048c1f6979fcf4471a1738d0a9acfefccb&gz=1
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/d5d723c7-71fe-4adf-a811-5e8ba5364773.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:1af8:4020:a058::20:44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 20:49:49 GMT
server
Mouseflow
x-recorder
rec-10-eu
content-type
text/plain; charset=Windows-1252
access-control-allow-origin
https://coverdirect.com
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
expires
-1
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=472992216973225&ev=Microdata&dl=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&rl=&if=false&ts=1657140589904&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Over%2050%20Life%20Insurance%2C%20No%20Medical%20Questions%20%7C%20Cover%20Direct%22%2C%22meta%3Adescription%22%3A%22Apply%20for%20an%20Over%2050s%20Life%20Insurance%20policy%20with%20no%20medical%20questions%20asked.%20Find%20the%20best%20Over%2050%20policy%20for%20you.%20Get%20a%20Free%20Online%20Quote%20Today.%20Read%20more%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657140588398.742358298&it=1657140588185&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coverdirect.com/over-50-life-insurance/apply?sid=LEADS104&cid=1006&lid=&e_s=SUB_1&e_fa=cd-net&e_fn=Heather_CD&e_t=RLCDT03A&e_th=CD&e_sg=multi&e_c=sameday&e_sd=06-07-2022&affsubid1=RL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM&affsubid2=ageselector&affsubid3=RLCDT03A&affsubid4=multi&utm_source=dotmailer&utm_medium=email&utm_term=royallondon&dm_i=2NL3,1ALEE,8M5H4P,51PC1,1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:49:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 06 Jul 2022 20:49:49 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| OneTrustStub function| OptanonWrapper function| gtag object| dataLayer number| settings_timer number| _vwo_settings_timer object| _vwo_code function| hj object| _hjSettings function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWOOmni object| gaplugins object| gaGlobal object| gaData object| _uptime_rum object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _mfq object| webpackChunkcoverdirect_page_default function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow object| Optanon object| OneTrust

23 Cookies

Domain/Path Name / Value
.ddlnk.net/ Name: __cf_bm
Value: 5yNatLh5pRgeoXDEhOIRGpeBjx47TSy3lnQ2sXDUwIY-1657140587-0-AbVBh2YknPYKD0AJvnZ6ZddFximL8mAdQ7NfI+1VAHEeCT9mTU3Xsor5Xu0MbXCXHRzuGK/WRjV53U80kKrWwBs=
ddlnk.net/ Name: __cflb
Value: 0H28vbka3Tp63XFuYsqHHrawjcNu2NcmDRomLTtL8kc
coverdirect.com/ Name: ASP.NET_SessionId
Value: fh10wcmjv0gffbnyqt23dj1q
coverdirect.com/ Name: SERVERID
Value: DC1-MMG-FWEB04
.coverdirect.com/ Name: _vwo_uuid_v2
Value: D57FFC9EDC4790AA789CB990F88F60671|c17da172281eade98715c564d206a54f
.coverdirect.com/ Name: _gcl_au
Value: 1.1.786964357.1657140588
.coverdirect.com/ Name: _ga
Value: GA1.2.1382730920.1657140588
.coverdirect.com/ Name: _gid
Value: GA1.2.566353263.1657140588
.coverdirect.com/ Name: _gat_gtag_UA_56325776_8
Value: 1
.coverdirect.com/ Name: _vis_opt_s
Value: 1%7C
.coverdirect.com/ Name: _vis_opt_test_cookie
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.coverdirect.com/ Name: cd-user-id
Value: 482555
.coverdirect.com/ Name: _fbp
Value: fb.1.1657140588398.742358298
.coverdirect.com/ Name: mf_user
Value: dc5947a6dd6391d4daba09d465022299|
.coverdirect.com/ Name: _hjSessionUser_2336830
Value: eyJpZCI6Ijk0NzkwNDMyLTRjMzktNWM3OS04ZTY5LWI0Y2E3MzcyMDM3ZiIsImNyZWF0ZWQiOjE2NTcxNDA1ODgzMTMsImV4aXN0aW5nIjpmYWxzZX0=
.coverdirect.com/ Name: _hjFirstSeen
Value: 1
coverdirect.com/ Name: _hjIncludedInSessionSample
Value: 0
.coverdirect.com/ Name: _hjSession_2336830
Value: eyJpZCI6IjNjMDU1ZTA4LTE1YzMtNDczMy05MDQxLWNkZjUzMDUzOTFiMSIsImNyZWF0ZWQiOjE2NTcxNDA1ODg0MTUsImluU2FtcGxlIjpmYWxzZX0=
.coverdirect.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.facebook.com/ Name: fr
Value: 0VfJbL0fEj61FSbSS..BixfVs...1.0.BixfVs.
.coverdirect.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jul+06+2022+20%3A49%3A48+GMT%2B0000+(GMT)&version=6.22.0&isIABGlobal=false&hosts=&consentId=9f91ff5c-7eb0-47a1-8d3c-cf107149da2a&interactionCount=0&landingPath=https%3A%2F%2Fcoverdirect.com%2Fover-50-life-insurance%2Fapply%3Fsid%3DLEADS104%26cid%3D1006%26lid%3D%26e_s%3DSUB_1%26e_fa%3Dcd-net%26e_fn%3DHeather_CD%26e_t%3DRLCDT03A%26e_th%3DCD%26e_sg%3Dmulti%26e_c%3Dsameday%26e_sd%3D06-07-2022%26affsubid1%3DRL-O50S-2022.07.06-MEDDEC-RLCDT03A-WEDS-AM%26affsubid2%3Dageselector%26affsubid3%3DRLCDT03A%26affsubid4%3Dmulti%26utm_source%3Ddotmailer%26utm_medium%3Demail%26utm_term%3Droyallondon%26dm_i%3D2NL3%2C1ALEE%2C8M5H4P%2C51PC1%2C1&groups=C0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0001%3A1
.coverdirect.com/ Name: mf_d5d723c7-71fe-4adf-a811-5e8ba5364773
Value: 48e68646731c66f8f5837eec2a3baf5e|070648048c1f6979fcf4471a1738d0a9acfefccb.-6435042096.1657140588406|1657140588404|2071166924_2906204973.1889642278_96619420.833459293_-1172949025|0|||0|17.68|91.66192

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://coverdirect.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection : 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cdn.mouseflow.com
connect.facebook.net
coverdirect.com
ddlnk.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
o2.mouseflow.com
rum.uptime.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.209.86
108.157.4.45
142.250.185.162
143.204.89.128
143.204.89.56
151.139.128.11
18.66.139.84
2001:1af8:4020:a058::20:44
2001:4860:4802:34::178
2606:4700:4400::ac40:929e
2606:4700::6810:9440
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9c
2a00:1450:4014:80b::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.96.102.137
66.155.17.143
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
25ab8dd7a367d8edfeb6256741e7eb894e654d7cdea3be48f121e258f9ba372b
26071d394437dc4aef226d3d2c27b5e40329b6817fa4c8d1faa8419d00f3e271
2bf31ccb8a9af3eba4b715ec37e0d58f75aa01b582202aa2c36b188528803e54
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
357d0551298a3c73c50002c7d67ce5afa1c61db63c3fad89ce0e95cb712b3671
35b263ed747025e9faa6420d2c679d9d7ddbb670b716b68a65bcd12b75306b5f
41dc961c35813fcc9656ce82552d8bb62098b8724bb84e85767a74561856c431
43db8ceaef23d0d6ccebdc19781f695bb49a5abfbfb142a9cf41739428c59452
4857b0570bb887780aac4069681d6e5686f448fa0a0ea8b2ab7fbd25a1700f8c
48ae6dfc75fa61931956819ae5cbb22d98331f326afb95b94e98586db5d00f4d
48c8fb15351d5260f852d33b9e18d35195dc0e52570688c5aad18efbf8c0e352
49f1fe168324ed0f76fbbab536b991c992296cd48da5ce9dd8bc8ea55e2ef946
4d353670b6b4fc8e37ac146166df6d97001424dfc27801e554c4629a5422d546
50355a02fbe982af7e3417c67e65aba9f7ffca56abcb5025a52178ccd7098367
6131063f3529c3fdcc666f58f6eb86f7f29050258c728abbc01bd76fecefbbc9
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
7ec15fd9115e4a2c3291da39ea78220dbb4e40c8c42a0fa022c758618a62bf25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
920ad3837b00a4a93f08c6a244e6880a674c9cb2a447c70cfee3674d221d3446
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
c134aeae6952217ce184455e14df0ee3c4104364cc750d83c3c008217e98b4da
d32dc8efc82e76c6ea57a0cf4ff67b41c502f8bb636d8579fe4ccaad2d7eae32
d38e4a9b7518ceba5311070ee96bf27f98725ec020959ba22858b473ac32773a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dc051cac81ea5e30899600db6c085894f31a248ab46ace77d3b1756d58e730
ee70be130e56c536b42409f26b0cb95eae69fd33017e9e4079f9d19b7d27ef24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f