www.hallensteins.com Open in urlscan Pro
151.101.114.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hallensteins.com/
Submission: On September 15 via manual (September 15th 2021, 3:41:30 pm UTC) from NZ — Scanned from DE

Summary HTTP 117 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 29 domains to perform 117 HTTP transactions. The main IP is 151.101.114.132, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.hallensteins.com.
TLS certificate: Issued by R3 on September 11th 2021. Valid for: 3 months.

This is the only time www.hallensteins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
5	23.32.238.210 23.32.238.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	94.31.29.128 94.31.29.128	6461 (ZAYO-6461) (ZAYO-6461)
1	104.109.64.186 104.109.64.186	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.178.8 142.250.178.8	15169 (GOOGLE) (GOOGLE)
1	52.222.180.41 52.222.180.41	16509 (AMAZON-02) (AMAZON-02)
1	151.139.237.160 151.139.237.160	33438 (HIGHWINDS2) (HIGHWINDS2)
3	3.230.29.177 3.230.29.177	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.16.234 172.217.16.234	15169 (GOOGLE) (GOOGLE)
4	216.58.212.206 216.58.212.206	15169 (GOOGLE) (GOOGLE)
3	185.60.218.24 185.60.218.24	32934 (FACEBOOK) (FACEBOOK)
3 6	172.217.169.38 172.217.169.38	15169 (GOOGLE) (GOOGLE)
1	52.222.186.127 52.222.186.127	16509 (AMAZON-02) (AMAZON-02)
2	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	95.101.27.78 95.101.27.78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	40.82.218.196 40.82.218.196	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.230.206.79 54.230.206.79	16509 (AMAZON-02) (AMAZON-02)
1	151.139.245.9 151.139.245.9	33438 (HIGHWINDS2) (HIGHWINDS2)
1	52.222.186.56 52.222.186.56	16509 (AMAZON-02) (AMAZON-02)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
2	142.250.200.14 142.250.200.14	15169 (GOOGLE) (GOOGLE)
1	54.230.206.101 54.230.206.101	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.196 216.58.212.196	15169 (GOOGLE) (GOOGLE)
1	35.156.119.246 35.156.119.246	16509 (AMAZON-02) (AMAZON-02)
2	52.222.179.22 52.222.179.22	16509 (AMAZON-02) (AMAZON-02)
1	52.222.186.52 52.222.186.52	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.194 216.58.212.194	15169 (GOOGLE) (GOOGLE)
2	188.125.89.204 188.125.89.204	10310 (YAHOO-1) (YAHOO-1)
1	142.250.178.2 142.250.178.2	15169 (GOOGLE) (GOOGLE)
1	34.117.30.199 34.117.30.199	15169 (GOOGLE) (GOOGLE)
1	18.185.10.202 18.185.10.202	16509 (AMAZON-02) (AMAZON-02)
1	99.81.42.58 99.81.42.58	16509 (AMAZON-02) (AMAZON-02)
2	185.60.218.35 185.60.218.35	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.250.121.115 34.250.121.115	16509 (AMAZON-02) (AMAZON-02)
117	38

36 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.hallensteins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.32.238.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-210.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 94.31.29.128 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

api.getcandid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.64.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-64-186.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.180.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-180-41.ham50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.160 (United States)

ASN33438 (HIGHWINDS2, US)

content-getcandid.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.230.29.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-29-177.compute-1.amazonaws.com

candid-io.site44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.206 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f206.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.169.38 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lhr48s08-in-f6.1e100.net

8724567.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10770498.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10770501.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.186.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-127.ham50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.27.78 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-78.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.82.218.196 (Sydney, Australia) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: commissionfactory.com

t.cfjump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cfjump.hallensteins.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.206.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-79.ham50.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.245.9 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.186.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-56.ham50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.200.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.206.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-101.ham50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.196 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.119.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-246.eu-central-1.compute.amazonaws.com

recommender.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.179.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-22.ham50.r.cloudfront.net

static.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.186.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-186-52.ham50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s27-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.89.204 (United Kingdom)

ASN10310 (YAHOO-1, US)
PTR: e1-ha.ycpi.via.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.30.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.30.117.34.bc.googleusercontent.com

webchannel-content.eservice.emarsys.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.10.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-10-202.eu-central-1.compute.amazonaws.com

recommender-eu.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.42.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-42-58.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.121.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-121-115.eu-west-1.compute.amazonaws.com

ws19.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	hallensteins.com www.hallensteins.com	3 MB
20	getcandid.com api.getcandid.com	380 KB
7	doubleclick.net 3 redirects 8724567.fls.doubleclick.net 10770498.fls.doubleclick.net 10770501.fls.doubleclick.net stats.g.doubleclick.net	4 KB
6	typekit.net use.typekit.net p.typekit.net	70 KB
5	scarabresearch.com cdn.scarabresearch.com recommender.scarabresearch.com static.scarabresearch.com recommender-eu.scarabresearch.com	93 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws19.hotjar.com	63 KB
4	google.com www.google.com adservice.google.com	2 KB
4	tiktok.com analytics.tiktok.com	86 KB
4	google-analytics.com www.google-analytics.com	41 KB
3	bing.com bat.bing.com	9 KB
3	facebook.net connect.facebook.net	134 KB
3	site44.com candid-io.site44.com	4 KB
2	facebook.com www.facebook.com	404 B
2	yimg.com s.yimg.com	7 KB
2	youtube.com www.youtube.com	45 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	yahoo.com sp.analytics.yahoo.com	964 B
1	hotjar.io vc.hotjar.io	258 B
1	emarsys.net webchannel-content.eservice.emarsys.net	285 B
1	google.de adservice.google.de	931 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	quantcount.com rules.quantcount.com	2 KB
1	pushalert.co cdn.pushalert.co	47 KB
1	hallensteins.com.au cfjump.hallensteins.com.au	2 KB
1	cfjump.com 1 redirects t.cfjump.com	194 B
1	googleapis.com ajax.googleapis.com	30 KB
1	netdna-ssl.com content-getcandid.netdna-ssl.com	5 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	12 KB
1	googletagmanager.com www.googletagmanager.com	68 KB
117	29

	Domain	Requested by
36	www.hallensteins.com	www.hallensteins.com
20	api.getcandid.com	www.hallensteins.com api.getcandid.com ajax.googleapis.com
5	use.typekit.net	www.hallensteins.com use.typekit.net
4	analytics.tiktok.com	www.hallensteins.com analytics.tiktok.com
4	www.google-analytics.com	api.getcandid.com www.googletagmanager.com www.google-analytics.com www.hallensteins.com
3	adservice.google.com	8724567.fls.doubleclick.net 10770501.fls.doubleclick.net 10770498.fls.doubleclick.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.hallensteins.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	candid-io.site44.com	api.getcandid.com
2	www.facebook.com	www.hallensteins.com
2	s.yimg.com	10770498.fls.doubleclick.net s.yimg.com
2	static.scarabresearch.com	cdn.scarabresearch.com
2	www.youtube.com	www.hallensteins.com www.youtube.com
2	10770501.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10770498.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	8724567.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	ws19.hotjar.com	www.datadoghq-browser-agent.com
1	sp.analytics.yahoo.com	www.hallensteins.com
1	vc.hotjar.io	www.datadoghq-browser-agent.com
1	in.hotjar.com	www.datadoghq-browser-agent.com
1	recommender-eu.scarabresearch.com	www.datadoghq-browser-agent.com
1	webchannel-content.eservice.emarsys.net	www.datadoghq-browser-agent.com
1	adservice.google.de	adservice.google.com
1	vars.hotjar.com	static.hotjar.com
1	recommender.scarabresearch.com	www.datadoghq-browser-agent.com
1	pixel.quantserve.com	www.hallensteins.com
1	www.google.com	www.hallensteins.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	maxcdn.bootstrapcdn.com	ajax.googleapis.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.pushalert.co	www.hallensteins.com
1	cdn.scarabresearch.com	www.hallensteins.com
1	cfjump.hallensteins.com.au	www.hallensteins.com
1	t.cfjump.com	1 redirects
1	secure.quantserve.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ajax.googleapis.com	api.getcandid.com
1	content-getcandid.netdna-ssl.com	api.getcandid.com
1	www.datadoghq-browser-agent.com	www.hallensteins.com
1	www.googletagmanager.com	www.hallensteins.com
1	p.typekit.net	use.typekit.net
117	42

This site contains links to these domains. Also see Links.

Domain
www.getcandid.com
m.me
www.surveymonkey.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com
www.glassons.com

Subject Issuer	Validity	Valid
*.hallensteins.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
www.getcandid.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-25` - `2022-01-21`	5 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
*.site44.com R3	`2021-09-14` - `2021-12-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
cfjump.hallensteins.com.au R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
*.scarabresearch.com Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
*.pushalert.co Sectigo RSA Organization Validation Secure Server CA	`2021-04-13` - `2022-05-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
webchannel-content.eservice.emarsys.net R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.hallensteins.com/
Frame ID: 3AE46B6013410684002C0563B2931BA3
Requests: 89 HTTP requests in this frame

Frame: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Frame ID: A8D91ACCDF3FE23FF8FBF5830DA824BA
Requests: 20 HTTP requests in this frame

Frame: https://8724567.fls.doubleclick.net/activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
Frame ID: ADF4B228096C7F6EEA5C230953A7FF3E
Requests: 1 HTTP requests in this frame

Frame: https://10770498.fls.doubleclick.net/activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
Frame ID: E4F18C2F278E8F83F34B318EEA8BF0CA
Requests: 5 HTTP requests in this frame

Frame: https://10770501.fls.doubleclick.net/activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
Frame ID: 46B598106D03C4CF42AF2A45AE3AC249
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 1950A108883742A534C646534947F046
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
Frame ID: 210E4851163F1582A52FE7D0320633DC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
Frame ID: 5A0F9C87B91117C5BBDBAB37213DD45A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Men's Clothes Online | Hallenstein Brothers NZ

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

117
Requests

100 %
HTTPS

0 %
IPv6

29
Domains

42
Subdomains

38
IPs

7
Countries

4629 kB
Transfer

8527 kB
Size

33
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.getcandid.com/stream/gallery/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&zone=true

Search URL Search Domain Scan URL

URL: https://www.getcandid.com/products/?utm_source=widget&id=bfc1dca0-6717-4281-85cb-7eb5f67fca83
Title: Powered by Candid

Search URL Search Domain Scan URL

URL: https://m.me/Hallensteins?ref=w14418552
Title: Subscribe in Messenger

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/r/M9HNK62
Title: Join Our Feedback Sessions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Hallensteins
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/HallensteinBros
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hallensteinbrothers/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HallensteinBros
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hallensteinbrothers
Title: Tiktok

Search URL Search Domain Scan URL

URL: https://www.glassons.com/nz
Title: Shop Glassons

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://8724567.fls.doubleclick.net/activityi;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F HTTP 302
https://8724567.fls.doubleclick.net/activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Request Chain 64

https://10770498.fls.doubleclick.net/activityi;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F HTTP 302
https://10770498.fls.doubleclick.net/activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Request Chain 65

https://10770501.fls.doubleclick.net/activityi;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F HTTP 302
https://10770501.fls.doubleclick.net/activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Request Chain 67

https://t.cfjump.com/tag/11005 HTTP 302
https://cfjump.hallensteins.com.au/tag/11005

117 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.hallensteins.com/ 311 KB
56 KB 929ms
897ms Document
text/html 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

28467cbd6c05ce27d0463575d3b347584508cc2a549f42f2e437ffbb3eb7d534

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.hallensteins.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html;charset=UTF-8
set-cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; path=/; secure; HttpOnly cs_psuserhash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly cs_pagestab=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly cs_expandedpages=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly pscartkey=ff93a64b7ec9c30fcce536e5c5824136; expires=Fri, 15-Oct-2021 15:41:21 GMT; Max-Age=2592000; path=/; secure; HttpOnly bp_welcome=6142142198ac9; expires=Mon, 14-Mar-2022 15:41:21 GMT; Max-Age=15552000; path=/ landedpage=%2F; expires=Sat, 16-Oct-2021 02:14:41 GMT; Max-Age=2630000; path=/ currentregion=17; expires=Wed, 15-Sep-2021 16:41:21 GMT; Max-Age=3600; path=/; secure; HttpOnly csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; expires=Wed, 15-Sep-2021 16:11:21 GMT; Max-Age=1800; path=/; secure; HttpOnly csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; expires=Wed, 15-Sep-2021 16:11:21 GMT; Max-Age=1800; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 15 Sep 2021 15:41:21 GMT
x-served-by: cache-akl10325-AKL, cache-hhn4072-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1631720481.918327,VS0,VE891
vary: Accept-Encoding
strict-transport-security: max-age=300

GET
H2 200 2381619066
www.hallensteins.com/static/css/ 604 KB
131 KB 7ms
7ms Stylesheet
text/css 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d89afc68e39edd5a4609fadecb276acfa3efbb327d8cd59efea20bef3089183d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1100306
x-cache: HIT, HIT
x-cache-hits: 4, 509
vary: Accept-Encoding
content-length: 133954
x-xss-protection: 1; mode=block
x-served-by: cache-akl10332-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.836045,VS0,VE0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/css;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Sun, 03 Oct 2021 11:02:55 +1300

GET
H2 200 evk5kft.css
use.typekit.net/ 5 KB
1 KB 184ms
138ms Stylesheet
text/css 23.32.238.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/evk5kft.css

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.238.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-32-238-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d59f2aa9ec1859fd55b207dc1868e133d037f8e1954b60d1b49296bb51a17d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 15 Sep 2021 15:41:22 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 844

GET
H2 200 flag-international.svg
www.hallensteins.com/content/images/ 2 KB
1 KB 288ms
288ms Image
image/svg+xml 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/images/flag-international.svg

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

251d3356fd63a1395d963870890e7170f871d502bd4279d85d9cc71bbc8b159a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/images/flag-international.svg
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 6kl4ExkoIPSFLh7k3ulqgDWzMfUMT0rF
content-encoding: gzip
etag: "c12ad937d776eebaa5ae567c17a96c77"
age: 2418
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 697
x-amz-id-2: ckTKNHfKmsh/iiNM0Cs9Je9khFk0T3IZUDzkRZDLK855Y4UoF2UoMUTTz6joBG+dW2Z7Sv9HSUY=
x-served-by: cache-syd10139-SYD, cache-hhn4072-HHN
last-modified: Wed, 14 Apr 2021 09:08:12 GMT
server: AmazonS3
x-timer: S1631720482.855004,VS0,VE281
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: AZ4MC8CERDR1R45V
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1, 1

GET
H2 200 flag-nz.svg
www.hallensteins.com/content/images/ 3 KB
1 KB 282ms
279ms Image
image/svg+xml 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/images/flag-nz.svg

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dce4dd92f69c9fb964bc8f5eb8d082aa9018083d7005325dd35da6f073f49e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/images/flag-nz.svg
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: i6FHL5jDATExWlIWewvTJj5WKE5lByak
content-encoding: gzip
etag: "ad098d1b550af9276392dad90838795c"
age: 3212
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 848
x-amz-id-2: MrP0BMfDSPYLw2rRqFlPmM6Jb5n4aqoMGEZJkiQnFEDBd14H6HfJY04yFogENoPYncipTlC5F3s=
x-served-by: cache-syd10175-SYD, cache-hhn4072-HHN
last-modified: Wed, 14 Apr 2021 09:08:12 GMT
server: AmazonS3
x-timer: S1631720482.103782,VS0,VE270
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: F05TD8A3KX8JWW3T
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1, 1

GET
H2 200 flag-au.svg
www.hallensteins.com/content/images/ 1 KB
938 B 906ms
903ms Image
image/svg+xml 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/images/flag-au.svg

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a14645b125a6456184a0d31833d55ca3b8e70500c40b24fbda0ad031c8cf842

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/images/flag-au.svg
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: FXtsquW4xkS.WoQkff3.04pJsjix3ZDX
content-encoding: gzip
etag: "352b006fb10a1f05cf1b1a966357a3ca"
age: 667
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 617
x-amz-id-2: O1oogOfXX8QIxoQqIw4NVOjSKDOs20vl8tHOgfUSWq+Ncsb34YYAef7rDT1oBDzTYvR8XAMG0aU=
x-served-by: cache-syd10172-SYD, cache-hhn4072-HHN
last-modified: Wed, 14 Apr 2021 09:08:12 GMT
server: AmazonS3
x-timer: S1631720482.103803,VS0,VE878
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2SJ07CF9J448AYCK
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 2, 1

GET
H2 200 flag-us.svg
www.hallensteins.com/content/images/ 4 KB
967 B 291ms
288ms Image
image/svg+xml 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/images/flag-us.svg

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf114cd7fe5b2ca7fe0e4434ddb52bf75c0955ff3625ec749855938925c25c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/images/flag-us.svg
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 2zLbHSERBa7akM_eONzAfaZnM8ZlGJDc
content-encoding: gzip
etag: "03784386dde13cea60ef1f8144333241"
age: 3211
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 706
x-amz-id-2: HD5Q/zW2mFfMdLgrroB0YizhEMSb6c0/Eag45HJDuNzJ2DTAG7cE/HQYAVFCAnPHh6GMGo49xEo=
x-served-by: cache-syd10148-SYD, cache-hhn4072-HHN
last-modified: Wed, 14 Apr 2021 09:08:12 GMT
server: AmazonS3
x-timer: S1631720482.103836,VS0,VE279
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0KNRRQJFED67JPKK
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 2, 1

GET
H2 200 header-logo2.png
www.hallensteins.com/content/images/ 3 KB
3 KB 291ms
289ms Image
image/png 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/images/header-logo2.png?width=104

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a2b45862d3f643ab36ae5d23caeaac01093f5058cad1cf19de46e056da174d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/images/header-logo2.png?width=104
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: udcUb1HmNjpIHKzJ7ShjvY8DD39Y2eZg
via: 1.1 varnish, 1.1 varnish
etag: "YLO/3/+C8bXz+JYbQ2Du3epnnCoHSOYufKOdEb0pwCE"
age: 2003
x-cache: HIT, HIT
fastly-io-info: ifsz=13578 idim=600x231 ifmt=png ofsz=3113 odim=104x40 ofmt=png
fastly-stats: io=1
content-length: 3113
x-amz-id-2: u87om6VkxSrRQIzpuo0RbfGqDGR9DVQikEmTUuqqjwvyNd5LdCJsHR4Adtk5v2XfFoino0btWG0=
x-served-by: cache-syd10165-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.104231,VS0,VE280
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: RB25BRRSZWGWM7X9
accept-ranges: bytes
content-type: image/png
x-cache-hits: 2, 1

GET
H2 200 widget.js Show response
api.getcandid.com/scripts/ 54 KB
17 KB 54ms
6ms Script
application/javascript 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/scripts/widget.js
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 252db5ca3c86e63cca75583837273fc663e7a5dd8b130f23e78184663e34ea21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 15:19:52 GMT
server: NetDNA-cache/2.2
etag: W/"0dcf3575685d71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1200
accept-ranges: bytes
content-length: 16705

GET
H2 200 jquery-3.5.1.min.js Show response
www.hallensteins.com/_ps/external/jquery/3/ 87 KB
35 KB 9ms
9ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/jquery/3/jquery-3.5.1.min.js?1602810719

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/jquery/3/jquery-3.5.1.min.js?1602810719
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5363
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 36067
x-xss-protection: 1; mode=block
x-served-by: cache-akl10333-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:11:59 GMT
server: nginx
x-timer: S1631720482.093757,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f35f-15d84"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 vue.min.js Show response
www.hallensteins.com/_ps/external/vue/2/ 84 KB
36 KB 12ms
7ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/vue/2/vue.min.js?1602810720

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/vue/2/vue.min.js?1602810720
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3849
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 36244
x-xss-protection: 1; mode=block
x-served-by: cache-akl10327-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:12:00 GMT
server: nginx
x-timer: S1631720482.098195,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f360-151b4"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 19, 1

GET
H2 200 vuex.min.js Show response
www.hallensteins.com/_ps/external/vuex/3/ 9 KB
3 KB 13ms
8ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/vuex/3/vuex.min.js?1602810720

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d5094dd1c902e23973f750d98b13d9c53bfdbd8a5c0664bbb0aec703cc459850

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/vuex/3/vuex.min.js?1602810720
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3849
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3351
x-xss-protection: 1; mode=block
x-served-by: cache-akl10331-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:12:00 GMT
server: nginx
x-timer: S1631720482.099354,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f360-2570"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 enquire.min.js Show response
www.hallensteins.com/_ps/external/enquire/ 2 KB
1 KB 12ms
7ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/enquire/enquire.min.js?1602810718

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/enquire/enquire.min.js?1602810718
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4746
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1058
x-xss-protection: 1; mode=block
x-served-by: cache-akl10331-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:11:58 GMT
server: nginx
x-timer: S1631720482.099596,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f35e-8ce"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 slick.min.js Show response
www.hallensteins.com/_ps/external/slick/ 41 KB
12 KB 13ms
8ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/slick/slick.min.js?1602810719

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/slick/slick.min.js?1602810719
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3850
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 12554
x-xss-protection: 1; mode=block
x-served-by: cache-akl10330-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:11:59 GMT
server: nginx
x-timer: S1631720482.099664,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f35f-a3e1"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 lazysizes.min.js Show response
www.hallensteins.com/_ps/external/lazysizes/ 7 KB
3 KB 13ms
9ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/lazysizes/lazysizes.min.js?1602810719

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

237a2dc9f211a15d1ab64350b592da3f86a69e69103aad182b947944505de7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/lazysizes/lazysizes.min.js?1602810719
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3344
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3343
x-xss-protection: 1; mode=block
x-served-by: cache-akl10320-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:11:59 GMT
server: nginx
x-timer: S1631720482.099628,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f35f-1a78"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 imagesloaded.pkgd.min.js Show response
www.hallensteins.com/_ps/external/imagesloaded/ 5 KB
2 KB 13ms
9ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/external/imagesloaded/imagesloaded.pkgd.min.js?1602810719

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/external/imagesloaded/imagesloaded.pkgd.min.js?1602810719
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4746
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1985
x-xss-protection: 1; mode=block
x-served-by: cache-akl10323-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:11:59 GMT
server: nginx
x-timer: S1631720482.100212,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"5f88f35f-15da"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 1604356218 Show response
www.hallensteins.com/sidebar-js/ 1 KB
639 B 14ms
10ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/sidebar-js/1604356218

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

22ba7e618ed66aec977a8c983baf5e905c0910ec22c3e352241c3d2c31db88ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sidebar-js/1604356218
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 795763
x-cache: HIT, HIT
x-cache-hits: 42, 1
vary: Accept-Encoding
content-length: 453
x-xss-protection: 1; mode=block
x-served-by: cache-akl10335-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.100353,VS0,VE2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 23:38:39 +1300

GET
H2 200 1603931440 Show response
www.hallensteins.com/core-vue-js/ 534 B
537 B 271ms
267ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/core-vue-js/1603931440

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3bf352f9fc3b7c2c78fbb464808eb45e34416edfab3c3ef22b6c37517d70682b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /core-vue-js/1603931440
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 795254
x-cache: HIT, HIT
x-cache-hits: 29, 1
vary: Accept-Encoding
content-length: 273
x-xss-protection: 1; mode=block
x-served-by: cache-akl10328-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.100390,VS0,VE259
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 23:47:07 +1300

GET
H2 200 3240760153 Show response
www.hallensteins.com/static/js/ 80 KB
28 KB 271ms
267ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/static/js/3240760153?eNqNi0EOgCAMBJ/iC6BP8gAbUyIFaUvi7+XowYPHmczQ3pVSE4MYKRsWDIRyOcYd+ukHi8bKEotu9B1PR8g8kIwnNHrNP4bUam+y/Ht4AOhxNWs=

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e374085b30db7ef3a22b1d1977759bea29e17df6fc91dcc8a7c06ee515152892

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/js/3240760153?eNqNi0EOgCAMBJ/iC6BP8gAbUyIFaUvi7+XowYPHmczQ3pVSE4MYKRsWDIRyOcYd+ukHi8bKEotu9B1PR8g8kIwnNHrNP4bUam+y/Ht4AOhxNWs=
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1868152
x-cache: HIT, HIT
x-cache-hits: 696, 1
vary: Accept-Encoding
content-length: 28113
x-xss-protection: 1; mode=block
x-served-by: cache-akl10322-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.100457,VS0,VE259
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Fri, 24 Sep 2021 12:45:30 +1200

GET
H2 200 peppercontent.js Show response
www.hallensteins.com/_ps/js/ 24 KB
5 KB 13ms
9ms Script
application/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/js/peppercontent.js?1614893666

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

15800534b81463417ec4f4292d0c1ccb7a31c3dd549e75948f31938baa1ab188

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /_ps/js/peppercontent.js?1614893666
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4746
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 4777
x-xss-protection: 1; mode=block
x-served-by: cache-akl10325-AKL, cache-hhn4072-HHN
last-modified: Thu, 04 Mar 2021 21:34:26 GMT
server: nginx
x-timer: S1631720482.100494,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"60415262-5f95"
strict-transport-security: max-age=300
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 1524152976 Show response
www.hallensteins.com/static/js/ 141 KB
45 KB 17ms
14ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/static/js/1524152976?eNrTjy8o1k/OzytJzSvRL84sSdUvSC0oSC1KzkhNzs4vLdFLz8lPSswp1svNzNPLKpbXJ6Q+ObGoBKoYAGBXIyQ=

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f87b71af65cc15195ae7c084a52db3f419f9f09c001a5be4bb58bcae96cc5d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/js/1524152976?eNrTjy8o1k/OzytJzSvRL84sSdUvSC0oSC1KzkhNzs4vLdFLz8lPSswp1svNzNPLKpbXJ6Q+ObGoBKoYAGBXIyQ=
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1868151
x-cache: HIT, HIT
x-cache-hits: 7539, 1
vary: Accept-Encoding
content-length: 46410
x-xss-protection: 1; mode=block
x-served-by: cache-akl10323-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103549,VS0,VE3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Fri, 24 Sep 2021 12:45:30 +1200

GET
H2 200 1628135889 Show response
www.hallensteins.com/global-vue-js/ 18 KB
6 KB 16ms
13ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/global-vue-js/1628135889

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b29ef11c14132a7dcc1bd0be024fdbf4075494a9cb7f19a4cf64b359d8d26cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /global-vue-js/1628135889
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 992589
x-cache: HIT, HIT
x-cache-hits: 3, 1
vary: Accept-Encoding
content-length: 5460
x-xss-protection: 1; mode=block
x-served-by: cache-akl10327-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103576,VS0,VE3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Mon, 04 Oct 2021 16:58:12 +1300

GET
H2 200 1626734986 Show response
www.hallensteins.com/typeahead-vue-js/ 5 KB
2 KB 15ms
12ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/typeahead-vue-js/1626734986

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

87376e11fa53930e64bb71db963c806ba207d45b5fe529d0fec90e19be5cedaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /typeahead-vue-js/1626734986
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2393492
x-cache: HIT, HIT
x-cache-hits: 266, 1
vary: Accept-Encoding
content-length: 1439
x-xss-protection: 1; mode=block
x-served-by: cache-akl10331-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103611,VS0,VE2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Sat, 18 Sep 2021 10:49:50 +1200

GET
H2 200 1630557825 Show response
www.hallensteins.com/javascript/ 24 KB
7 KB 14ms
11ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/javascript/1630557825

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

25c07f476b46d8cd9881341f65aadbb05b0ec83b1ad55dfc1a573165be1ed115

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /javascript/1630557825
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1162653
x-cache: HIT, HIT
x-cache-hits: 2449, 1
vary: Accept-Encoding
content-length: 7091
x-xss-protection: 1; mode=block
x-served-by: cache-akl10328-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103647,VS0,VE2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Sat, 02 Oct 2021 17:43:48 +1300

GET
H2 200 1600393037 Show response
www.hallensteins.com/stories-js/ 6 KB
2 KB 17ms
13ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/stories-js/1600393037

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ee014c446ea4163ce669e5c96d2661761dd4d86f6b320b8f37c39aaef218a21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /stories-js/1600393037
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 795311
x-cache: HIT, HIT
x-cache-hits: 29, 1
vary: Accept-Encoding
content-length: 2029
x-xss-protection: 1; mode=block
x-served-by: cache-akl10332-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103741,VS0,VE3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 23:46:10 +1300

GET
H2 200 1622591483 Show response
www.hallensteins.com/datalayer-js/ 6 KB
2 KB 15ms
12ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/datalayer-js/1622591483

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

805c36b8be51e1792fa216a1c3c9034da25da902d53508d7debd009d60cdb377

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /datalayer-js/1622591483
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 687802
x-cache: HIT, HIT
x-cache-hits: 5, 1
vary: Accept-Encoding
content-length: 1652
x-xss-protection: 1; mode=block
x-served-by: cache-akl10335-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103717,VS0,VE2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Fri, 08 Oct 2021 05:37:59 +1300

GET
H2 200 1606338318 Show response
www.hallensteins.com/promo-timer-javascript/ 2 KB
839 B 16ms
13ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/promo-timer-javascript/1606338318

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c332b20131761788dc90a84ef0b7ab5572c691c92a2b47bb6ccb26cbb82578b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /promo-timer-javascript/1606338318
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58053
x-cache: HIT, HIT
x-cache-hits: 12, 1
vary: Accept-Encoding
content-length: 656
x-xss-protection: 1; mode=block
x-served-by: cache-akl10332-AKL, cache-hhn4072-HHN
server: nginx
x-timer: S1631720482.103747,VS0,VE3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-type: text/javascript;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 12:33:49 +1300

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 71ms
20ms Stylesheet
text/css 104.109.64.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=evk5kft&ht=tk&f=24349.24350.24351.24354.24355.43307.43311&a=15472819&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
68 KB 103ms
51ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

60fb24964d309ec98fa46ae669047aad18e5b40607156cf656e0f7184568ca50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68956
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 15:41:22 GMT

GET
H2 200 datadog-logs.js Show response
www.datadoghq-browser-agent.com/ 33 KB
12 KB 100ms
17ms Script
application/javascript 52.222.180.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.180.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-180-41.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 15:01:20 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: W/"9eb57181f3149e3310d96317ef9188ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 64cab3aa5eaf0c5f28d762c526424858.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-id: fTMLpKdhbVFI5R0ImaKZGH6U3pYDtvHfBCg1La-tN79getWeXMcr3Q==

GET
H2 200 l
use.typekit.net/af/403911/00000000000000003b9b3880/27/ 18 KB
18 KB 31ms
7ms Font
application/font-woff2 23.32.238.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 44ecdeeb04d9cb6de9d76ebc9f8ab716a7f6b2f08a01f179a462e008debfcb07

Request headers

Referer: https://use.typekit.net/evk5kft.css
Origin: https://www.hallensteins.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
server: nginx
etag: "112e33239582b68be657159b85f4e16e5ce72672"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18000

GET
H2 200 l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/ 18 KB
18 KB 32ms
9ms Font
application/font-woff2 23.32.238.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6d670e22647964b1b3663c0b34b6531a12a6f7d36dc232570af7d84b9458df0b

Request headers

Referer: https://use.typekit.net/evk5kft.css
Origin: https://www.hallensteins.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
server: nginx
etag: "e120da2743159d9bd5b6acbf951b869a1a6b1a4e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18068

GET
H2 200 fa-light-300.woff2
www.hallensteins.com/_ps/fonts/ 186 KB
186 KB 11ms
10ms Font
application/octet-stream 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/fonts/fa-light-300.woff2

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

69885c352b73c062750dd828a00cb617eea070cd1053590cedd947a7b5d5b152

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-fetch-mode: cors
origin: https://www.hallensteins.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f
:path: /_ps/fonts/fa-light-300.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Origin: https://www.hallensteins.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 2104535
x-cache: HIT, HIT
x-cache-hits: 6, 1
content-length: 190452
x-served-by: cache-akl10330-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:12:00 GMT
server: nginx
x-timer: S1631720482.116674,VS0,VE4
etag: "5f88f360-2e7f4"
strict-transport-security: max-age=300
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 21 Sep 2021 07:05:46 GMT

GET
H2 200 l
use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/ 13 KB
14 KB 31ms
7ms Font
application/font-woff2 23.32.238.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 597596d0c7eec4aa77fc4c84e278b9de7643ea0b3e2bf29255b5623bf86c9fbf

Request headers

Referer: https://use.typekit.net/evk5kft.css
Origin: https://www.hallensteins.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
server: nginx
etag: "6c6a600f247a71e5bec38230436a588f0aed8849"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13684

GET
H2 200 keen-tracker.3.0.7.min.js Show response
content-getcandid.netdna-ssl.com/scripts/ 15 KB
5 KB 29ms
6ms Script
application/x-javascript 151.139.237.160
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://content-getcandid.netdna-ssl.com/scripts/keen-tracker.3.0.7.min.js
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/scripts/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.237.160 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2fea746535da5c2b49962de51d3cc58076fc1b0b6b30fea75dbf23b799d5acdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2015 15:11:22 GMT
server: NetDNA-cache/2.2
etag: W/"56702d9a-3ab2"
content-type: application/x-javascript
cache-control: max-age=43200
expires: Thu, 16 Sep 2021 03:41:22 GMT

GET
H2 200 widget.css
api.getcandid.com/content/ 63 KB
13 KB 6ms
6ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/content/widget.css
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/scripts/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6cc9016bb910517a41c6ccc36f8745a699a587adce4c1cb48c26f7007e4d027d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 20:40:16 GMT
server: NetDNA-cache/2.2
etag: "038557b84dd71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 13223

GET
H2 200 /
api.getcandid.com/stream/css/ 632 B
390 B 6ms
6ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/stream/css/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cache=true
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/scripts/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a31198242402c51ca7411fe72e3b2cb71ed04df82c69538a64d8cd8d62dd6c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
server: NetDNA-cache/2.2
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public, max-age=604800
content-length: 240

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/ 19 KB
19 KB 9ms
9ms Font
application/font-woff2 23.32.238.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6d07f2bd9333a310ea876e4676048abd7ea845fa6181f3742603b8a2fe174b12

Request headers

Referer: https://use.typekit.net/evk5kft.css
Origin: https://www.hallensteins.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
server: nginx
etag: "43ec342caef431ba8b8d52f92baa84f25627c043"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19620

GET
H2 200 blank.png
api.getcandid.com/images/ 95 B
275 B 6ms
5ms Image
image/png 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/images/blank.png
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Thu, 20 May 2021 20:40:26 GMT
server: NetDNA-cache/2.2
etag: "019fb5cb84dd71:0"
x-cache: HIT
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 95

GET
H2 200 fa-brands-400.woff2
www.hallensteins.com/_ps/fonts/ 76 KB
76 KB 37ms
37ms Font
application/octet-stream 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hallensteins.com/_ps/fonts/fa-brands-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

479a88b36a9e0fd38bdfd22e19701576cd6cb01f36a21ce9935ad6a2d746e620

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-fetch-mode: cors
origin: https://www.hallensteins.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
:path: /_ps/fonts/fa-brands-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Origin: https://www.hallensteins.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 1468478
x-cache: HIT, HIT
x-cache-hits: 1810, 1
content-length: 77452
x-served-by: cache-akl10329-AKL, cache-hhn4072-HHN
last-modified: Fri, 16 Oct 2020 01:12:00 GMT
server: nginx
x-timer: S1631720482.181591,VS0,VE3
etag: "5f88f360-12e8c"
strict-transport-security: max-age=300
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 30 Jul 2021 15:46:37 GMT

GET
H2 200 / Show response
api.getcandid.com/stream/frame/ Frame A8D9 42 KB
9 KB 6ms
6ms Document
text/html 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 77b49cb3f836bf6eae175661ca89bc6fecb86bf6e290cd22a3e142a1b35871f1

Request headers

:method: GET
:authority: api.getcandid.com
:scheme: https
:path: /stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hallensteins.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-type: text/html; charset=utf-8
content-length: 8760
cache-control: public, max-age=5400
content-encoding: gzip
vary: Accept-Encoding
server: NetDNA-cache/2.2
x-cache: HIT

GET
H/1.1 200
OK close.png
candid-io.site44.com/images/themes/minimal/ 3 KB
3 KB 396ms
92ms Image
image/png 3.230.29.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://candid-io.site44.com/images/themes/minimal/close.png
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/content/widget.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.29.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-29-177.compute-1.amazonaws.com
Software: /
Resource Hash: 62d7bc5c73e98aa632102959d7542a4ac88b687fe4a58ee66af81fd4a30b0a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 04:19:15 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 25 Jun 2016 21:07:55 GMT
Age: 127327
ETag: "8cba297cb72864ef22a57b57e1e3518f"
X-Varnish: 18442887 40
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5
Content-Length: 3007

GET
H/1.1 200
OK previous.svg
candid-io.site44.com/images/themes/minimal/ 198 B
591 B 412ms
97ms Image
image/svg+xml 3.230.29.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://candid-io.site44.com/images/themes/minimal/previous.svg
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/content/widget.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.29.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-29-177.compute-1.amazonaws.com
Software: /
Resource Hash: 0f648e56cb856fc4168c85c0ed18417523fe87dd923d4708cdb1114b8defb8d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 04:19:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Mar 2017 10:39:46 GMT
Age: 127327
ETag: W/"fc9ff507e3ca9ba7a01aca69d93d675c"
Vary: Accept-Encoding
X-Varnish: 19204989 32805
Via: 1.1 varnish-v4
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Content-Length: 148
Keep-Alive: timeout=5

GET
H/1.1 200
OK next.svg
candid-io.site44.com/images/themes/minimal/ 178 B
583 B 413ms
97ms Image
image/svg+xml 3.230.29.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://candid-io.site44.com/images/themes/minimal/next.svg
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/content/widget.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.29.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-29-177.compute-1.amazonaws.com
Software: /
Resource Hash: b568382d881699fdbebcaa0ce9f5b3bf62eceac86b9a03319fa96116863b64e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 04:19:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Mar 2017 10:38:10 GMT
Age: 127327
ETag: W/"95a81c5f9aa7d1cac73f55e2c48b93ac"
Vary: Accept-Encoding
X-Varnish: 18884898 65544
Via: 1.1 varnish-v4
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Content-Length: 140
Keep-Alive: timeout=5

GET
H2 200 0207504001631504430.jpg
www.hallensteins.com/content/blocks/ 282 KB
283 KB 470ms
467ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0207504001631504430.jpg?width=1600

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2c51471c32b6610d8ece9e3f4f7d4ad7df2ce71a207c44ab0d5c2f62cc9db00

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0207504001631504430.jpg?width=1600
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: BgXoD8M6HVND4SP1U3c03bYaiEauY9Ri
via: 1.1 varnish, 1.1 varnish
etag: "dIXORHu+HQPwGuZTgG7ENz9OdviILJZ/sZBZwBHC4hs"
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=1801175 idim=3900x1735 ifmt=jpeg ofsz=289049 odim=1600x712 ofmt=jpeg
fastly-stats: io=1
content-length: 289049
x-amz-id-2: kejmWn4MU5fcdhofo70W20JdMEXzb7XFtMVLUsMojMHyNqcKyG52cGz8mNPnsVf4xuFto4t0BoM=
x-served-by: cache-syd10162-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.198933,VS0,VE461
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: RHTWRN0NZYCXP08V
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 0857206001631657725.jpg
www.hallensteins.com/content/blocks/ 285 KB
286 KB 1955ms
1952ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0857206001631657725.jpg?width=800&fit=crop

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

509bc045397670f0e752b2d1d0a0b56785a0d8110c66472c29876c2e50bb9dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0857206001631657725.jpg?width=800&fit=crop
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: bcfzZwizqB7RX2a8vXyW30gxkAwytVrq
via: 1.1 varnish, 1.1 varnish
etag: "SWXonbzTl0cc5nTfU67bVV63CJY4ahRCGXohn1bCrGI"
age: 1
x-cache: MISS, MISS
fastly-io-info: ifsz=1198776 idim=1480x1800 ifmt=jpeg ofsz=292351 odim=1480x1800 ofmt=jpeg
fastly-stats: io=1
content-length: 292351
x-amz-id-2: YQHFLLaGr7w4LQ8ToXK0pkIJybfgGd7dSUYvSSeXPI5ZemVyecagDn+UBUa/as1HQAWmqRL6+ts=
x-served-by: cache-syd10142-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.199032,VS0,VE1946
date: Wed, 15 Sep 2021 15:41:24 GMT
strict-transport-security: max-age=300
x-amz-request-id: PDDNPRFAT5WXV4EJ
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 0, 0

GET
H2 200 0778714001631505513.jpg
www.hallensteins.com/content/blocks/ 527 KB
527 KB 1728ms
1725ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0778714001631505513.jpg?width=800&fit=crop

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

306750573bcafebae85dbe9f61f7f5e84b11d68dd33684fafc8afe3a5bda3344

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0778714001631505513.jpg?width=800&fit=crop
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3njwfE8pKeyQxMFRcY3tQ3HkUpK25VwV
via: 1.1 varnish, 1.1 varnish
etag: "v5DqqcjWXLuejbmBjZiwE/KL3YrxXiE5aYMm513s3ck"
age: 1
x-cache: HIT, MISS
fastly-io-info: ifsz=1838219 idim=1480x1800 ifmt=jpeg ofsz=539392 odim=1480x1800 ofmt=jpeg
fastly-stats: io=1
content-length: 539392
x-amz-id-2: 572SApCkO/MAHd5alJDo9h3LIyyt6psxlorAGJFqFNIG7vQtPNf/qNBapbO8xzc6sATkf6VzFx4=
x-served-by: cache-syd10156-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.199169,VS0,VE1715
date: Wed, 15 Sep 2021 15:41:23 GMT
strict-transport-security: max-age=300
x-amz-request-id: Y4SCV10S5VY4E4VS
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 0660610001631649454.jpg
www.hallensteins.com/content/blocks/ 231 KB
231 KB 778ms
775ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0660610001631649454.jpg?width=1600

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3a51c2073f0f18463b3c112f59b8610d9d1bdc3e0dec9fca7e83fc7cf8d41397

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0660610001631649454.jpg?width=1600
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3EbaZReun1861kJov8evZNdbF__Jmd_h
via: 1.1 varnish, 1.1 varnish
etag: "yUpefMX61KZnSHLFiBhH3+44pG0rsroU49oyAEblYMU"
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=1521749 idim=3900x1735 ifmt=jpeg ofsz=236554 odim=1600x712 ofmt=jpeg
fastly-stats: io=1
content-length: 236554
x-amz-id-2: p01HVpZeYxxaVth+D0UCsEbStqkX+o7L1/R59EA1/IAg612OhXbYYmihhFrTZDtUDNgPMEsqyd4=
x-served-by: cache-syd10171-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.199111,VS0,VE765
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: C7BPWREZZF4TXYPX
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 0453037001631507107.jpg
www.hallensteins.com/content/blocks/ 632 KB
633 KB 807ms
804ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0453037001631507107.jpg?width=800&fit=crop

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a9bac1202be4aa997a8bc74e78a38d2807e31cdfafad1e54ed0e9a7f2a394b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0453037001631507107.jpg?width=800&fit=crop
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: lHmQ4Zl28QnVMSJv.4vdQGawaDVS8IUn
via: 1.1 varnish, 1.1 varnish
etag: "bEPe5UWEwLBI+B1HdJB4UGb9rSahGQpuewWK8bpUG7k"
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=2149727 idim=1480x1800 ifmt=jpeg ofsz=647138 odim=1480x1800 ofmt=jpeg
fastly-stats: io=1
content-length: 647138
x-amz-id-2: mANMKsx+CmmcngnoXIcNc4q2kCWGnQAd36yjiJuGnIW7jvR/Z7XpZODfqGng4BTVCbkvToc14Ic=
x-served-by: cache-syd10156-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.200049,VS0,VE784
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: PYQKCDWR18E3C37G
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 0929181001631507147.jpg
www.hallensteins.com/content/blocks/ 507 KB
507 KB 592ms
589ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0929181001631507147.jpg?width=800&fit=crop

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3758c900204958e3fe10d7195f28e32e85356be676c359192f0fe03a13688731

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0929181001631507147.jpg?width=800&fit=crop
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: VDhOB194zEDwlMBY3aiDjEdWvbvMePsj
via: 1.1 varnish, 1.1 varnish
etag: "2r7sJ2euEb0S505SmyTrXIWvsIbx2vcbOzxdyeJOCyY"
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=1847120 idim=1480x1800 ifmt=jpeg ofsz=519045 odim=1480x1800 ofmt=jpeg
fastly-stats: io=1
content-length: 519045
x-amz-id-2: U/kaMLttaaoU8zEDFZRLYJljISd/NsX1kCv5wTlL3QHuXYTLC4JQCBYTpQjsSxnAd0BqT1E/caQ=
x-served-by: cache-syd10122-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.199993,VS0,VE583
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: Y4S5B2SQSF5BTQNH
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 0705630001631505183.jpg
www.hallensteins.com/content/blocks/ 133 KB
134 KB 1239ms
1237ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0705630001631505183.jpg?width=1600

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d4cebe52f763079c9cfdd8a90624a1f7996715dadd54ae07167868b6e9c9a82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0705630001631505183.jpg?width=1600
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: OgUMx9lChTvDb48wLo.Fae7MAjGGag2R
via: 1.1 varnish, 1.1 varnish
etag: "PnwolXXvu/o3i6oTKxopmNYX806SfprqDWhf/Mvyk6o"
age: 0
x-cache: HIT, MISS
fastly-io-info: ifsz=1361843 idim=3900x1735 ifmt=jpeg ofsz=136509 odim=1600x712 ofmt=jpeg
fastly-stats: io=1
content-length: 136509
x-amz-id-2: hYovRCIixrArro+HKflI1ILofaNSlbRVuE7finODPVYBjVPLN6KnTgWG68JMSlU9Qxn353xWG4U=
x-served-by: cache-syd10171-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.200156,VS0,VE1231
date: Wed, 15 Sep 2021 15:41:23 GMT
strict-transport-security: max-age=300
x-amz-request-id: RGE49FYV0W1B8KJ2
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 0337621001631649637.jpg
www.hallensteins.com/content/blocks/ 89 KB
89 KB 435ms
433ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0337621001631649637.jpg?width=800&fit=crop

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c9abd840adfc01f6174b8f42f398099fed751f0db27a13549b466f93e25d7204

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0337621001631649637.jpg?width=800&fit=crop
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: TjJpgrt4LI3EDyzpyFCNvxCScxOVDdur
via: 1.1 varnish, 1.1 varnish
etag: "TiFDF31MB1y9wPOGXmvPq3Lv89CPmlJFbG+wZPOwKiw"
age: 0
x-cache: MISS, MISS
fastly-io-info: ifsz=409625 idim=1480x500 ifmt=jpeg ofsz=91062 odim=1480x500 ofmt=jpeg
fastly-stats: io=1
content-length: 91062
x-amz-id-2: 2fEUMoNo2ZTcsBUwwwys5/6MJiWnjO09cq+Vn9sCQJO0GIwkWKtglhGiYM28ObqRsqeaPGQsYlo=
x-served-by: cache-syd10151-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.200071,VS0,VE427
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: G7B5GH1GA6NDSBVW
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 0, 0

GET
H2 200 0409033001631649686.jpg
www.hallensteins.com/content/blocks/ 168 KB
168 KB 772ms
770ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hallensteins.com/content/blocks/0409033001631649686.jpg?width=800&fit=crop

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f99901005c46d58704c42d90749a7651bbd4d5cefabcbcee2eaf7016762c0c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /content/blocks/0409033001631649686.jpg?width=800&fit=crop
pragma: no-cache
cookie: PHPSESSID=02731aa2104710fd17177ac33f912a71; pscartkey=ff93a64b7ec9c30fcce536e5c5824136; bp_welcome=6142142198ac9; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=06bdfb403bae918f108212a39ff7560f; candid_userid=fd3085a7-eac6-4fe7-8364-45daf6412cd1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hallensteins.com
referer: https://www.hallensteins.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: ZsU3pT4qbHOf4.cYI5JKFDOnwwTUOhiS
via: 1.1 varnish, 1.1 varnish
etag: "zThbw+jajxxz9PBnk0da25Qya9yb/z11dH0Wbq7rgbA"
age: 0
x-cache: MISS, MISS
fastly-io-info: ifsz=276475 idim=1480x500 ifmt=jpeg ofsz=172049 odim=1480x500 ofmt=jpeg
fastly-stats: io=1
content-length: 172049
x-amz-id-2: 3nD1AREPztf2g5cQ32waMkfwK7FPgRcaAG/zq5/i+3J0vBUedBdGZLvKF/t/OWjjjF0V4LUMGOM=
x-served-by: cache-syd10138-SYD, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1631720482.200160,VS0,VE763
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: VK3CA5GWQT5TPEEF
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 0, 0

GET
H2 200 /
api.getcandid.com/stream/css/ Frame A8D9 842 B
520 B 7ms
6ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/stream/css/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&type=default&cache=true
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7b6255c8f48581b79ce9bf5c5fffda31769e49218247a7ee429666c6c31ab786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
server: NetDNA-cache/2.2
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public, max-age=604800
content-length: 370

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame A8D9 85 KB
30 KB 67ms
18ms Script
text/javascript 172.217.16.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 15 Sep 2022 14:38:17 GMT

GET
H2 200 widget.frame.js Show response
api.getcandid.com/scripts/ Frame A8D9 50 KB
17 KB 7ms
6ms Script
application/javascript 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/scripts/widget.frame.js
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 18528d0b511e777346ea84e27ab52427091b56f52df6ce96028dc404593a799d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 20:40:28 GMT
server: NetDNA-cache/2.2
etag: "0462c5eb84dd71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 17315

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A8D9 48 KB
20 KB 70ms
19ms Script
text/javascript 216.58.212.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.206 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s21-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 7153
date: Wed, 15 Sep 2021 13:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 15:42:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 58ms
37ms Script
text/javascript 216.58.212.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.206 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s21-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 7153
date: Wed, 15 Sep 2021 13:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 15:42:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 110ms
34ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 33cLMVDhvxRG7M/o8DYfIgZ3t92POfrj8MWT8eQ8vucOqofAjD8tme7z3Xfb/8NIr+tSI5AsT+lTflQ4I259Mg==
x-fb-trip-id: 1082456386
x-frame-options: DENY
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F Show response
8724567.fls.doubleclick.net/ Frame ADF4
Redirect Chain

https://8724567.fls.doubleclick.net/activityi;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
https://8724567.fls.doubleclick.net/activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%...

491 B
565 B

30ms
29ms

Document
text/html

172.217.169.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8724567.fls.doubleclick.net/activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f6.1e100.net

Software

cafe /

Resource Hash

2e42ab0aad2d026c47939544b40f3e3d98a753437e4492f078c2564c6a7a345a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8724567.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hallensteins.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 15:56:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8724567.fls.doubleclick.net/activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hotjar-2456165.js Show response
static.hotjar.com/c/ 5 KB
2 KB 97ms
58ms Script
application/javascript 52.222.186.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2456165.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.186.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-186-127.ham50.r.cloudfront.net

Software

Resource Hash

b4761c3773fe75a5d98638d5c9b5c10b1fc0dbe8b293ecada93ea02d480f41bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: HAM50-C2
etag: W/6223a34b3bc0c769a29e36ac62936b42
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: _YF787TBEAg9czCaKxzJUXDkaSwTN81IuWLJlgixQqKHFhQvW3RNDA==
via: 1.1 63c9a084de27504ef34be3673921d01e.cloudfront.net (CloudFront)

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 38ms
9ms Script
application/javascript 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 22 Sep 2021 15:41:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 124ms
47ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:21 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: B5F5BA5815AA49168543092FE79D6FE3 Ref B: PRG01EDGE1108 Ref C: 2021-09-15T15:41:22Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3

200

activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%... Show response
10770498.fls.doubleclick.net/ Frame E4F1
Redirect Chain

https://10770498.fls.doubleclick.net/activityi;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=N...
https://10770498.fls.doubleclick.net/activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%...

1 KB
759 B

50ms
50ms

Document
text/html

172.217.169.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10770498.fls.doubleclick.net/activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f6.1e100.net

Software

cafe /

Resource Hash

34dfa37b554c6989063f43167486e2089ef4c01c3614f9b9abdf696de5af4115

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10770498.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hallensteins.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
expires: Wed, 15 Sep 2021 15:41:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 734
x-xss-protection: 0
set-cookie: IDE=AHWqTUkq2fOQ-PhhgbLU-QTopas3tWYM3DmLxoFG_E650g6V5ASfe3chsbgY8C3Krj0; expires=Mon, 10-Oct-2022 15:41:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10770498.fls.doubleclick.net/activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F Show response
10770501.fls.doubleclick.net/ Frame 46B5
Redirect Chain

https://10770501.fls.doubleclick.net/activityi;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
https://10770501.fls.doubleclick.net/activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fww...

397 B
352 B

42ms
42ms

Document
text/html

172.217.169.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10770501.fls.doubleclick.net/activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f7ea415e3bee19d89ac67bee0fdf537e30b653af27fcf661b2ac233c42efe61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10770501.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hallensteins.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
expires: Wed, 15 Sep 2021 15:41:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 327
x-xss-protection: 0
set-cookie: IDE=AHWqTUlYFp2myE77odQ_aSY1i07fwySOOlz0E7rgscOmT48sXlKS6Q2pW4t3GSohbpg; expires=Mon, 10-Oct-2022 15:41:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10770501.fls.doubleclick.net/activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
34 KB 244ms
177ms Script
application/javascript 95.101.27.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7a119b1ed3613700098cbfecb98055a9d5dc77fd1381e688d8859475517699dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id: 66cf766.1bd4eb5e
date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-41-186-100.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-78.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 170,92.123.107.78
server-timing: cdn-cache; desc=MISS, edge; dur=132, origin; dur=38, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202109151541220102450241070C4DEB80
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.41.186.100
x-tt-trace-host: 01df3d80b276477d41655f0e56cb894fdfc1aec727ea1fd4e1938485162cb20fbe6b75ccde82d4852dc90df6f9aaae5fb40a1719449c866bbb33b28e7d548f41f98cba5e90c0fbc1256b68f84b20b518dd01b8dd5cf90f406ba346d4b4e6e91d0b469b5f7042e443b8342465a8b2f26666
expires: Wed, 15 Sep 2021 15:41:22 GMT

GET
H2

200

11005 Show response
cfjump.hallensteins.com.au/tag/
Redirect Chain

https://t.cfjump.com/tag/11005
https://cfjump.hallensteins.com.au/tag/11005

4 KB
2 KB

1982ms
259ms

Script
application/javascript

40.82.218.196
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cfjump.hallensteins.com.au/tag/11005

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

40.82.218.196 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

commissionfactory.com

Software

Resource Hash

817bcc64027a521696b606d3eb7f7468aaf217b559285b32f7ba83c1758050c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
date: Wed, 15 Sep 2021 15:41:21 GMT
vary: Accept-Encoding
p3p: policyref="https://t.cfjump.com/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, max-age=900
content-type: application/javascript; charset=utf-8
content-length: 1480

Redirect headers

location: https://cfjump.hallensteins.com.au/tag/11005
strict-transport-security: max-age=300
cache-control: private, max-age=900
p3p: policyref="https://t.cfjump.com/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI STA"
date: Wed, 15 Sep 2021 15:41:19 GMT
content-length: 161
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/1AE20C822AC62EDF/ 105 KB
25 KB 96ms
27ms Script
application/javascript 54.230.206.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/1AE20C822AC62EDF/scarab-v2.js
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-79.ham50.r.cloudfront.net
Software: /
Resource Hash: c73ebbcd436cf420db05cc8a0bd0352ab94f8140b92821b7626186b177885073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 15:41:22 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: HAM50-C3
ETag: "08045871ac4f0693a6b1a6001608d559--gzip"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=utf-8
Via: 1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
Cache-Control: max-age=3600,public
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Amz-Cf-Id: ETHEIIR9XCUIGzECFvY5Q5e-ZB4SezuJuxKi1cheiF1fhuDXnItVgg==

GET
H2 200 integrate_92bd9af3e8af02bcf2cc8b70a557e34b.js Show response
cdn.pushalert.co/ 213 KB
47 KB 61ms
14ms Script
application/javascript 151.139.245.9
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushalert.co/integrate_92bd9af3e8af02bcf2cc8b70a557e34b.js

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.245.9 , United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

nginx /

Resource Hash

d49d3dc921021d1c55cb5830e061b93aabd3b7a25f20d96bef0271e6f1c58ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Aug 2021 01:59:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=8640000, public
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H2 200 rules-p-DqpuXXZHgBTPd.js Show response
rules.quantcount.com/ 8 KB
2 KB 66ms
22ms Script
application/javascript 52.222.186.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-DqpuXXZHgBTPd.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-56.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c1b76cec679e849c947bd9ea85ed8a8d911eb6578989e7d9fed68a0b33ef1e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 23 Mar 2021 02:44:13 GMT
server: AmazonS3
etag: W/"c47dbb90633a340aa3eaaa118d299998"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: ua3GhW7bNe6lq6eW27l9-BhQ-bQOQ5qQJB__0UI4dM_BSRaLAFlW_Q==

GET
H2 200 / Show response
api.getcandid.com/stream/page/ Frame A8D9 95 KB
10 KB 286ms
285ms XHR
application/json 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/stream/page/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&pageSize=40&approvalFilter=Approved&sort=Random&cache=true
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ea6c192deb3bf5729d6ab241643b0ac735b6c65cfa62caf072e3b42e78862c16

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
server: NetDNA-cache/2.2
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 5400
cache-control: public, max-age=900
x-cache: EXPIRED
access-control-allow-headers: Accept, Content-Type, X-Requested-With
content-length: 9702

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A8D9 30 KB
7 KB 75ms
29ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 12564536
cdn-cachedat: 2021-04-23 07:08:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ec580bd8b923316e0940945df3d5dddc
cf-ray: 68f2f576f9c4f9e6-PRG
cdn-requestcountrycode: CZ
cdn-requestpullsuccess: True

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 19ms
18ms Script
text/javascript 216.58.212.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.206 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s21-in-f206.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Sep 2021 16:10:58 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
464 B 69ms
21ms XHR
text/plain 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-6541133-1&cid=1126611507.1631720482&jid=2137783764&gjid=1235642650&_gid=619473521.1631720482&_u=aGBAgEALAAAAAE~&z=790641459

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hallensteins.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Sep 2021 15:41:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.hallensteins.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
28ms Image
image/gif 216.58.212.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1004603064&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hallensteins.com%2F&ul=en-us&de=UTF-8&dt=Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=2137783764&gjid=1235642650&cid=1126611507.1631720482&tid=UA-6541133-1&_gid=619473521.1631720482&gtm=2wg9d057GHJ5X&promo1id=pc_contentpagedetail_746&promo1nm=HP-NZ-ROGUE-MAIN&promo2id=pc_contentpagedetail_757&promo2nm=HP-NZ-ROGUE-SWEATS&promo3id=pc_contentpagedetail_756&promo3nm=HP-NZ-ROGUE-SHORTS&promo4id=pc_contentpagedetail_1331&promo4nm=HP-NZ-ROGUE-NEW&promo5id=pc_contentpagedetail_1302&promo5nm=HP-NZ-ROGUE-DENIM&promo6id=pc_contentpagedetail_1301&promo6nm=HP-NZ-ROGUE-PREMIUM-TEES&promo7id=pc_contentpagedetail_749&promo7nm=HP-NZ-ROGUE-ORGANIC&promo8id=pc_contentpagedetail_751&promo8nm=HP-ROGUE-CHINOS&promo9id=pc_contentpagedetail_753&promo9nm=HP-ROGUE-TRACKPANTS&promo10id=pc_contentpagedetail_752&promo10nm=HP-ROGUE-POLOS&promo11id=pc_contentpagedetail_754&promo11nm=HP-ROGUE-SHIRTS&promo12id=pc_contentpagedetail_755&promo12nm=HP-ROGUE-SUITING&promo13id=pc_contentpagedetail_758&promo13nm=HP-NZ-ROGUE-SALE&promo14id=pc_contentpagedetail_1332&promo14nm=HP-NZ-GIFT-CARDS&promo15id=pc_contentpagedetail_1333&promo15nm=HP-NZ-RAF&z=284811242

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.206 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s21-in-f206.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 09:27:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22409
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 86ms
34ms Script
text/javascript 142.250.200.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/_ps/js/peppercontent.js?1614893666

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f14.1e100.net

Software

ESF /

Resource Hash

1d58ec10678df035f4fd517509f207848056cc21dfb1066c40508368942cda9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Wed, 15 Sep 2021 15:41:22 GMT

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ 221 KB
59 KB 53ms
14ms Script
application/javascript 54.230.206.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2456165.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.206.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-206-101.ham50.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5CYQ1VW-jezPP8NIOPmplhhEgVf57xsvEjORVIUncaexLrUuPyMD2Q==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 81ms
32ms Image
image/gif 216.58.212.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-6541133-1&cid=1126611507.1631720482&jid=2137783764&_u=aGBAgEALAAAAAE~&z=412760828

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.196 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s21-in-f196.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 15:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 74ms
36ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

56dc4c4ae3fbb32f792c424bad74b95f3ff0b4100778401303ecace1de61de4f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20787
x-xss-protection: 0
pragma: public
x-fb-debug: Itf9M5ULV0qQAgs2lhm+Ojic+5PwA7ZhRLig8sD8MGJTQ3nCAOp3mYc970MgCli5BglzDkiTug/Pr7vfBWrf6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 693440617384565 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 224ms
187ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/693440617384565?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

6bd24dd2eaeb72e59ad21d0604ec7810e2a61d267299cc606268897d8c5c42cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: E20kVx7qps7q8ON/+4ESXfuLsSXITALnBpHVFJfwIrTjv1Ng8QN0wRZIfjNaQGLFj1yC61kb4SeMAnNuvK749w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel;r=2080083606;event=refresh;labels=_fp.event.NZ%20Homepage;source=gtm;rf=0;a=p-DqpuXXZHgBTPd;url=https%3A%2F%2Fwww.hallensteins.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1010822934-1631720482...
pixel.quantserve.com/ 35 B
371 B 18ms
10ms Image
image/gif 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2080083606;event=refresh;labels=_fp.event.NZ%20Homepage;source=gtm;rf=0;a=p-DqpuXXZHgBTPd;url=https%3A%2F%2Fwww.hallensteins.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1010822934-1631720482559;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=hallensteins.com;je=0;sr=1600x1200x24;dst=0;et=1631720482559;tzo=0;ogl=type.website%2Ctitle.Men's%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ%2Cdescription.Shop%20online%20at%20Hallenstein%20Brothers%252E%20New%20Zealand's%20home%20of%20menswear%252E%20Find%20the%20la%2Cimage.https%3A%2F%2Fwww%252Ehallensteins%252Ecom%2Fcontent%2Fimages%2Fog_image%252Ejpg%2Curl.https%3A%2F%2Fwww%252Ehallensteins%252Ecom%2F

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 15:41:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK / Show response
recommender.scarabresearch.com/merchants/1AE20C822AC62EDF/ 89 B
650 B 42ms
8ms XHR
application/json 35.156.119.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/merchants/1AE20C822AC62EDF/?pv=680348126&xp=1&cv=1&ca=&cp=1&t=ff93a64b7ec9c30fcce536e5c5824136
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.119.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-119-246.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f38ca9685fe215cddc0485c7bfa156f6cd2a271b0bd38e199ab8a2d277ed2b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 15:41:22 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Vary: Accept-Encoding, User-Agent
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.hallensteins.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 89
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK wploader.js Show response
static.scarabresearch.com/wpjs/ 31 KB
32 KB 52ms
14ms Script
application/javascript 52.222.179.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wploader.js?ts=2697
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/1AE20C822AC62EDF/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5805ce164c47e942df156a619dab2d1e99248d7797aca8d2ad6e93468916572d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 20:19:12 GMT
Via: 1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 06 Sep 2021 14:00:48 GMT
Server: AmazonS3
Age: 69731
ETag: "2578352498f3bb8bbb61c7f37ddf2ffe"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Pop: HAM50-C1
Accept-Ranges: bytes
Content-Length: 31907
X-Amz-Cf-Id: SmnlN11PMlKcz2sQVwrZkddheW-FBqZfDfw2JD-KtuoetFoMTbDjHA==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/ 135 KB
44 KB 78ms
25ms Script
text/javascript 142.250.200.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1256b7e2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f14.1e100.net

Software

sffe /

Resource Hash

da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 15:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44724
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:13:02 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 15:30:23 GMT

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 1950 2 KB
1 KB 53ms
13ms Document
text/html 52.222.186.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2456165.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.186.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-186-52.ham50.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hallensteins.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: 7oTEb7U__hFKDKAQxyt5uakgSZaH6ID21-99y9uTGxUSg18shN2_xQ==
age: 4934177

GET
H2 204 5216135.js Show response
bat.bing.com/p/action/ 0
110 B 160ms
160ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5216135.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Sep 2021 15:41:21 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: D702930304064D9F84B6D3B57EA15603 Ref B: PRG01EDGE1108 Ref C: 2021-09-15T15:41:22Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 46ms
45ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5216135&tm=gtm002&Ver=2&mid=d07e3844-ab6f-42f7-ac56-d392adf5e3f8&sid=60df7740163b11ecb9c68b1404a9acc5&vid=60dfcb70163b11ec9c425d045203c65c&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ&p=https%3A%2F%2Fwww.hallensteins.com%2F&r=&lt=1632&evt=pageLoad&msclkid=N&sv=1&rn=325018
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 15 Sep 2021 15:41:21 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 66B6FD83FF7C4806AB349F8639D9118D Ref B: PRG01EDGE1108 Ref C: 2021-09-15T15:41:22Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 210E 490 B
878 B 83ms
33ms Document
text/html 216.58.212.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Requested by

Host: 8724567.fls.doubleclick.net
URL: https://8724567.fls.doubleclick.net/activityi;dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s27-in-f2.1e100.net

Software

cafe /

Resource Hash

864b8e9543cceed89e765fb8cce04614ec76a992158cbbf2f77d0652bf7b7df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8724567.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8724567.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=*;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
adservice.google.com/ddm/fls/z/ Frame 46B5 42 B
107 B 84ms
34ms Image
image/gif 216.58.212.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=*;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Requested by

Host: 10770501.fls.doubleclick.net
URL: https://10770501.fls.doubleclick.net/activityi;dc_pre=CN3B572ogfMCFWwTBgAd44cHqQ;src=10770501;type=broad0;cat=omg_r0;ord=1469432019019;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s27-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10770501.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 15:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=*;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=...
adservice.google.com/ddm/fls/z/ Frame E4F1 42 B
118 B 83ms
34ms Image
image/gif 216.58.212.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=*;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Requested by

Host: 10770498.fls.doubleclick.net
URL: https://10770498.fls.doubleclick.net/activityi;dc_pre=CJeB572ogfMCFZOH1QodvFMPpg;src=10770498;type=broad0;cat=rt_ha0;ord=7397981708757;gtm=2wg9d0;auiddc=2031385354.1631720482;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F;u3=;u4=New%20Zealand;u15=undefined;~oref=https%3A%2F%2Fwww.hallensteins.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.194 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s27-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10770498.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 15:41:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame E4F1 15 KB
6 KB 95ms
23ms Script
application/javascript 188.125.89.204
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.89.204 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

e1-ha.ycpi.via.yahoo.com

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10770498.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 15 Sep 2021 15:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2126
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: bXyRDRhUtuhC4hI8rp+mCrI5k72Ujv4zsnzLYO8R52H+gYCuSou7WHc0okijzpsbrpDh0DLQlK0=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: MHHR7B8BNK30BR5H
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 187ms
187ms Script
application/javascript 95.101.27.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id: 44c2fa1c.1bd4ed93
date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-41-186-196.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-78.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 180,92.123.107.78
server-timing: cdn-cache; desc=MISS, edge; dur=142, origin; dur=38, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20210915154122010245015136554D3EF8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.41.186.196
x-tt-trace-host: 01df3d80b276477d41655f0e56cb894fdfc1aec727ea1fd4e1938485162cb20fbed0ef83bf0cd06c786a4bc231d07e1fbd2e9d6d2b9c5c239214bd98bf1c5617fd9f4c8cb93e72a361bcd2a910c915abda4c34231b16b70a5cbac109f0dda66d0c03203810e474903fd5c1d002261aa4d7
expires: Wed, 15 Sep 2021 15:41:22 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 181ms
181ms Script
application/javascript 95.101.27.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BP2RJVQOIAS4I7M02R0G&hostname=www.hallensteins.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: edce1b919ae20aa8cc927cd1c7d55280bab15d34f6db2e40628aa8d507b8bb7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id: 25636d80.1bd4edd8
date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-41-186-102.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-78.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 170,92.123.107.78
server-timing: cdn-cache; desc=MISS, edge; dur=135, origin; dur=37, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 20210915154122010245045213284B378D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,23.41.186.102
x-tt-trace-host: 01df3d80b276477d41655f0e56cb894fdfc1aec727ea1fd4e1938485162cb20fbe8a88bc5e3cae1d823a8a8ce7c108db2d52c9056d369202fe45b34647ccac9143293f37da8ced8af50db02f32898242a4006d81a0a58d8bdad829af2b68757e858c8d3af3e3101857ebd2ca20f87bc682
expires: Wed, 15 Sep 2021 15:41:22 GMT

GET
H2 200 / Show response
api.getcandid.com/stream/tags/ Frame A8D9 21 KB
2 KB 306ms
306ms XHR
application/json 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/stream/tags/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&format=json&cache=true&filter=ls_tshirts,joggers,tees,10001900-orange,sweatshirts,college,sweats,shorts,pants,ss_tshirts,10001850-washed-black,10001095-washed-tan,jacket,10001289-purple-heather,10001800-black,denim,10001267-cadrona-blue,graphic_tees,baggy,10001380-blue,sweatpants,10001499-natural,knitwear,grunge,merino,puffer,10001781-off-white,ss_shirts,10001385-solid-black,10001289-black,10001268-washed-black,10001528-snow,ls_shirts,printed_shirts,10001911-off-white,candid_suggested,10002005-multi,10002006-multi
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b8ea381f3a7ffc635587e8379af22527db455f347de6107612b6521a924a692b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
server: NetDNA-cache/2.2
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 5400
cache-control: public, max-age=5400
x-cache: EXPIRED
access-control-allow-headers: Accept, Content-Type, X-Requested-With
content-length: 2224

GET
H2 200 blank.png
api.getcandid.com/images/ Frame A8D9 95 B
275 B 6ms
5ms Image
image/png 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/images/blank.png
Requested by: Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Thu, 20 May 2021 20:40:26 GMT
server: NetDNA-cache/2.2
etag: "019fb5cb84dd71:0"
x-cache: HIT
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 95

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17872281362535388_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 47 KB
48 KB 8ms
7ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17872281362535388_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0157822689a0bcc41b8d7bf7db024cb2d2fb137677bd198c51543b01f92d330f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Thu, 09 Sep 2021 22:02:24 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 48464
expires: Mon, 14 Mar 2022 22:02:24 GMT

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17986035886382231_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 51 KB
51 KB 13ms
12ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17986035886382231_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c2047ef5f9c3c621a5fd0c4bd0c1e7cd9f2f2ff1d29a937a556cd0305a7bd327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 22:24:15 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 52343
expires: Thu, 10 Mar 2022 22:24:15 GMT

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17884107170344014_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 38 KB
38 KB 15ms
14ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17884107170344014_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: edd4e02f687a6044c64d8a517022f54add7a03a5827d821c486395be73506d29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 21:49:15 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 38962
expires: Thu, 10 Mar 2022 21:49:15 GMT

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17903952143062626_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 33 KB
33 KB 18ms
17ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17903952143062626_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a6948eb260426609402297550173c8ff43a00053d25730dcbd35c53239ac4798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Mon, 13 Sep 2021 10:52:31 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 33631
expires: Fri, 18 Mar 2022 10:52:31 GMT

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_18007214365349790_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 49 KB
49 KB 19ms
18ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_18007214365349790_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c39f476b5b93c43dd02abeac4d545239963a4be1d5215d5c2a50567b9c4978d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Mon, 13 Sep 2021 10:52:31 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 50376
expires: Fri, 18 Mar 2022 10:52:31 GMT

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17883861161477230_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 41 KB
41 KB 19ms
19ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17883861161477230_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3208ccca3d8ab3ae7e5ad17495f56b4dc49ed51ab76c2a374b27e79c6af309b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 21:49:15 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 41554
expires: Thu, 10 Mar 2022 21:49:15 GMT

GET
H2 200 %2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17884247522271377_standard.jpg
api.getcandid.com/image/h/ Frame A8D9 50 KB
51 KB 19ms
19ms Image
image/jpeg 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17884247522271377_standard.jpg?w=300
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 149503d95b1791cc19746bb96055d090654d93a500de7da715ae2244e70558d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 21:49:15 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=16070400
content-length: 51496
expires: Thu, 10 Mar 2022 21:49:15 GMT

GET
DATA 200
OK truncated
/ Frame A8D9 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68feb7e27b5930a15b5523bdfe697322b10b27bf5c721dadf42a077197277e35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bfc1dca0-6717-4281-85cb-7eb5f67fca83_17883504920302704_standard.mp4
api.getcandid.com/v/h/a/stream-media/ Frame A8D9 448 KB
0 6ms
6ms Media
video/mp4 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/v/h/a/stream-media/bfc1dca0-6717-4281-85cb-7eb5f67fca83_17883504920302704_standard.mp4
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 21:49:05 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: video/mp4
cache-control: public, max-age=16070400
content-length: 1141775
expires: Thu, 10 Mar 2022 21:49:05 GMT

GET
H2 200 bfc1dca0-6717-4281-85cb-7eb5f67fca83_17850763376593800_standard.mp4
api.getcandid.com/v/h/a/stream-media/ Frame A8D9 384 KB
0 16ms
16ms Media
video/mp4 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/v/h/a/stream-media/bfc1dca0-6717-4281-85cb-7eb5f67fca83_17850763376593800_standard.mp4
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 21:49:05 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: video/mp4
cache-control: public, max-age=16070400
content-length: 516933
expires: Thu, 10 Mar 2022 21:49:05 GMT

GET
H2 200 bfc1dca0-6717-4281-85cb-7eb5f67fca83_17902786967065645_standard.mp4
api.getcandid.com/v/h/a/stream-media/ Frame A8D9 256 KB
0 16ms
16ms Media
video/mp4 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getcandid.com/v/h/a/stream-media/bfc1dca0-6717-4281-85cb-7eb5f67fca83_17902786967065645_standard.mp4
Requested by: Host: www.hallensteins.com
URL: https://www.hallensteins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Sun, 05 Sep 2021 22:24:15 GMT
server: NetDNA-cache/2.2
x-cache: HIT
content-type: video/mp4
cache-control: public, max-age=16070400
content-length: 817872
expires: Thu, 10 Mar 2022 22:24:15 GMT

GET
H/1.1 200
OK wpes6.js Show response
static.scarabresearch.com/wpjs/ 109 KB
35 KB 14ms
14ms Script
application/javascript 52.222.179.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2697
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/1AE20C822AC62EDF/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff37e550740ba950e857ac9f385d4e4aa54f6354e06db92d72e8c63869be4295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 00:11:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 06 Sep 2021 14:00:53 GMT
Server: AmazonS3
Age: 55800
ETag: W/"ee3fb38d732105d736aec4aca173eae4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HAM50-C1
X-Amz-Cf-Id: _fMT9ePZl-Yy9nEVSVP506Vj1dGyP60ea8H1InC-p4bjECAqqt6sWQ==

GET
H2 200 10160026.json Show response
s.yimg.com/wi/config/ Frame E4F1 2 B
484 B 170ms
127ms XHR
application/json 188.125.89.204
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10160026.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.89.204 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

e1-ha.ycpi.via.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10770498.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: JMGMPXHS31MZ5XZ9
x-amz-id-2: s57nE/TQhlHBGgdlqzl3Q/Rcia9wqGAzcpptmBBu8gr8Y6pcHMcwP7i3Mh4o/JGbkpJiJkXhz/w=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 5A0F 194 B
931 B 87ms
32ms Document
text/html 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIyr5L2ogfMCFUqvUQodXIEKWA;src=8724567;type=allvi0;cat=halle0;ord=1;num=4147554302213;gtm=2wg9d0;auiddc=2031385354.1631720482;~oref=https%3A%2F%2Fwww.hallensteins.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Sep 2021 15:41:22 GMT
expires: Wed, 15 Sep 2021 15:41:22 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 campaigns Show response
webchannel-content.eservice.emarsys.net/customer/799606326/ 10 B
285 B 58ms
20ms XHR
application/json 34.117.30.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://webchannel-content.eservice.emarsys.net/customer/799606326/campaigns?url=https:%2F%2Fwww.hallensteins.com%2F&prev_url=&lang=en&ca=&uli=false

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.30.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.30.117.34.bc.googleusercontent.com

Software

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hallensteins.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 15:41:22 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: clear
x-frame-options: DENY
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK / Show response
recommender-eu.scarabresearch.com/merchants/1C8043B0378A9A25/ 213 B
775 B 66ms
8ms XHR
application/json 18.185.10.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender-eu.scarabresearch.com/merchants/1C8043B0378A9A25/?pv=478435747&f=f%3AWEBPERSONALIZATION%2Cl%3A50%2Co%3A0%7Cf%3AWP_NONCONTACT%2Cl%3A50%2Co%3A0&cv=1&ca=&cp=1&lang=en&vi=5819D5E66F408F27&fields=item%7Cc_campaign_id%7Cc_campaign_priority%7Cc_campaign_rank%7Cc_content_v3&t=ff93a64b7ec9c30fcce536e5c5824136&ta=%7B%22name%22%3A%22localtime%22%2C%22attributes%22%3A%7B%22localtime%22%3A1631720482738%7D%7D&url=https%3A%2F%2Fwww.hallensteins.com%2F
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.10.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-10-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 21bf4dbdc00525776a6430cc239ffa23f8a7c009b580315bd7aac11fa434b0dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 15:41:22 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Vary: Accept-Encoding, User-Agent
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.hallensteins.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 213
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2456165/ 147 B
322 B 136ms
39ms XHR
application/json 99.81.42.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2456165/visit-data?sv=7
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.42.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-42-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c

Request headers

Referer: https://www.hallensteins.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2456165 Show response
vc.hotjar.io/sessions/ 0
258 B 138ms
43ms XHR
text/plain 54.230.206.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2456165?s=0.25&r=0.19426361954466498
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-79.ham50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
via: 1.1 9fc99ee5c5f05c23e5f643dbb0f4aeb9.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: FTeIzOixk60xYNwN7GUWJvNNf2u8mKKGlCSKkI1FlTtOMMrLVsFvzw==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 214ms
214ms Ping
application/octet-stream 95.101.27.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hallensteins.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7a3753d8.1bd4efe7
date: Wed, 15 Sep 2021 15:41:23 GMT
x-cache-remote: TCP_MISS from a23-41-186-140.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-78.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 195,92.123.107.78
server-timing: cdn-cache; desc=MISS, edge; dur=138, origin; dur=57, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20210915154122010245015136404AEDEB
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 57,23.41.186.140
x-tt-trace-host: 01df3d80b276477d41655f0e56cb894fdfc1aec727ea1fd4e1938485162cb20fbe1d8436e2d99311d0060fc50e206c2bea6fe76f083fc03d843977a4dd0e24803ff7c30d933d9768c9553890198f679d8a35a8ea29fb65d3d67934dc6cb68c51df00b7864fdc439b36f03775569467e28c
expires: Wed, 15 Sep 2021 15:41:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 111ms
34ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=693440617384565&ev=PageView&dl=https%3A%2F%2Fwww.hallensteins.com%2F&rl=&if=false&ts=1631720482876&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1631720482875.615847054&it=1631720482546&coo=false&tm=1&rqm=GET

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 15 Sep 2021 15:41:22 GMT

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ Frame E4F1 43 B
964 B 1259ms
995ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2015%20Sep%202021%2015%3A41%3A22%20GMT&n=0&.yp=10160026&f=https%3A%2F%2F10770498.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJeB572ogfMCFZOH1QodvFMPpg%3Bsrc%3D10770498%3Btype%3Dbroad0%3Bcat%3Drt_ha0%3Bord%3D7397981708757%3Bgtm%3D2wg9d0%3Bauiddc%3D2031385354.1631720482%3Bu1%3D%252F%3Bu2%3Dhttps%253A%252F%252Fwww.hallensteins.com%252F%3Bu3%3D%3Bu4%3DNew%2520Zealand%3Bu15%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.hallensteins.com%252F%3F&e=https%3A%2F%2Fwww.hallensteins.com%2F&enc=UTF-8&yv=1.10.1&isIframe=1

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10770498.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 15:41:24 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 15 Sep 2021 15:41:24 GMT

POST
H/1.1 200
OK content Show response
ws19.hotjar.com/api/v2/sites/2456165/recordings/ 66 B
394 B 298ms
104ms XHR
application/json 34.250.121.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws19.hotjar.com/api/v2/sites/2456165/recordings/content
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.121.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-121-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f11b6f4f0bcb6e04746b62db381bd6d0b7a86ec37aed546de3f3561f5990813a

Request headers

Referer: https://www.hallensteins.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Wed, 15 Sep 2021 15:41:23 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 70ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=693440617384565&ev=Microdata&dl=https%3A%2F%2Fwww.hallensteins.com%2F&rl=&if=false&ts=1631720483378&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ%22%2C%22meta%3Adescription%22%3A%22Shop%20online%20at%20Hallenstein%20Brothers.%20New%20Zealand%27s%20home%20of%20menswear.%20Find%20the%20latest%20men%27s%20fashion%20trends%20in%20jeans%2C%20tees%2C%20t-shirts%2C%20and%20Tailoredwear.%20Afterpay%2C%20Laybuy%20%26%20Humm%20payment%20options%20available.%20Get%20Free%20Shipping%20on%20orders%20over%20%2460%20in%20New%20Zealand.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ%22%2C%22og%3Adescription%22%3A%22Shop%20online%20at%20Hallenstein%20Brothers.%20New%20Zealand%27s%20home%20of%20menswear.%20Find%20the%20latest%20men%27s%20fashion%20trends%20in%20jeans%2C%20tees%2C%20t-shirts%2C%20and%20Tailoredwear.%20Afterpay%2C%20Laybuy%20%26%20Humm%20payment%20options%20available.%20Get%20Free%20Shipping%20on%20orders%20over%20%2460%20in%20New%20Zealand.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.hallensteins.com%2Fcontent%2Fimages%2Fog_image.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.hallensteins.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1631720482875.615847054&it=1631720482546&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.hallensteins.com
URL: https://www.hallensteins.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hallensteins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:41:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 15:41:23 GMT

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
recommender.scarabresearch.com/merchants/1AE20C822AC62EDF	1969-12-31 23:59:59	Name: s Value: 6A3628FFC4CA4F9D
recommender-eu.scarabresearch.com/merchants/1C8043B0378A9A25	1969-12-31 23:59:59	Name: s Value: 252AF554024D5C79
www.hallensteins.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 02731aa2104710fd17177ac33f912a71
www.hallensteins.com/	1970-01-19 21:58:32	Name: pscartkey Value: ff93a64b7ec9c30fcce536e5c5824136
www.hallensteins.com/	1970-01-20 01:34:32	Name: bp_welcome Value: 6142142198ac9
www.hallensteins.com/	1970-01-19 21:59:10	Name: landedpage Value: %2F
www.hallensteins.com/	1970-01-19 21:15:24	Name: currentregion Value: 17
www.hallensteins.com/	1970-01-19 21:15:22	Name: csrftoken-ed6b967ce3 Value: 06bdfb403bae918f108212a39ff7560f
.hallensteins.com/	1970-01-20 06:00:56	Name: candid_userid Value: fd3085a7-eac6-4fe7-8364-45daf6412cd1
.hallensteins.com/	1970-01-19 23:24:56	Name: _gcl_au Value: 1.1.2031385354.1631720482
.hallensteins.com/	1969-12-31 23:59:59	Name: _dlt Value: 1
.hallensteins.com/	1970-01-20 14:46:32	Name: _ga Value: GA1.2.1126611507.1631720482
.hallensteins.com/	1970-01-19 21:16:46	Name: _gid Value: GA1.2.619473521.1631720482
.hallensteins.com/	1970-01-19 21:15:20	Name: _dc_gtm_UA-6541133-1 Value: 1
.bing.com/	1970-01-20 06:36:56	Name: MUID Value: 3A6B629A689161F50E06722969D3606D
.doubleclick.net/	1970-01-20 06:36:56	Name: IDE Value: AHWqTUkq2fOQ-PhhgbLU-QTopas3tWYM3DmLxoFG_E650g6V5ASfe3chsbgY8C3Krj0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: e8m7RsyW6lI
.youtube.com/	1970-01-20 01:34:32	Name: VISITOR_INFO1_LIVE Value: RLlNZOHEfH0
.quantserve.com/	1970-01-20 06:45:34	Name: mc Value: 61421422-8c594-7c3cd-48803
.hallensteins.com/	1970-01-19 21:16:46	Name: _uetsid Value: 60df7740163b11ecb9c68b1404a9acc5
.hallensteins.com/	1970-01-20 06:36:56	Name: _uetvid Value: 60dfcb70163b11ec9c425d045203c65c
recommender.scarabresearch.com/	1970-01-20 06:01:17	Name: cdv Value: 5819D5E66F408F27
.hallensteins.com/	1970-01-20 06:00:56	Name: scarab.visitor Value: %225819D5E66F408F27%22
.hallensteins.com/	1970-01-20 06:39:49	Name: __qca Value: P0-1010822934-1631720482559
.hallensteins.com/	1970-01-20 06:00:56	Name: _hjid Value: 1d09a651-7e76-4c06-ab47-ae992a3fe263
.hallensteins.com/	1970-01-19 21:15:22	Name: _hjFirstSeen Value: 1
www.hallensteins.com/	1970-01-19 21:15:20	Name: _hjIncludedInPageviewSample Value: 1
.hallensteins.com/	1970-01-19 21:15:22	Name: _hjAbsoluteSessionInProgress Value: 1
www.hallensteins.com/	1970-01-19 21:15:20	Name: _hjIncludedInSessionSample Value: 1
recommender-eu.scarabresearch.com/	1970-01-20 06:01:17	Name: cdv Value: 5819D5E66F408F27
.hallensteins.com/	1970-01-19 23:24:56	Name: _fbp Value: fb.1.1631720482875.615847054
www.hallensteins.com/	1970-01-19 21:15:21	Name: _dd_s Value: logs=1&id=5067aa8c-f1cf-4422-b631-df1dc584f999&created=1631720482226&expire=1631721383226
.yahoo.com/	1970-01-20 06:01:18	Name: A3 Value: d=AQABBCMUQmECEJkULj29QeimrXwYJaC1P3wFEgEBAQFlQ2FLYQAAAAAA_SMAAA&S=AQAAAp910Hvxy8kmB4VEyfUu9-4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10770498.fls.doubleclick.net
10770501.fls.doubleclick.net
8724567.fls.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.tiktok.com
api.getcandid.com
bat.bing.com
candid-io.site44.com
cdn.pushalert.co
cdn.scarabresearch.com
cfjump.hallensteins.com.au
connect.facebook.net
content-getcandid.netdna-ssl.com
in.hotjar.com
maxcdn.bootstrapcdn.com
p.typekit.net
pixel.quantserve.com
recommender-eu.scarabresearch.com
recommender.scarabresearch.com
rules.quantcount.com
s.yimg.com
script.hotjar.com
secure.quantserve.com
sp.analytics.yahoo.com
static.hotjar.com
static.scarabresearch.com
stats.g.doubleclick.net
t.cfjump.com
use.typekit.net
vars.hotjar.com
vc.hotjar.io
webchannel-content.eservice.emarsys.net
ws19.hotjar.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hallensteins.com
www.youtube.com
104.109.64.186
104.18.10.207
13.107.21.200
142.250.178.2
142.250.178.8
142.250.200.14
151.101.114.132
151.139.237.160
151.139.245.9
172.217.16.234
172.217.169.38
18.185.10.202
185.60.218.24
185.60.218.35
188.125.89.204
212.82.100.181
216.58.212.194
216.58.212.196
216.58.212.206
23.32.238.210
3.230.29.177
34.117.30.199
34.250.121.115
35.156.119.246
40.82.218.196
52.222.179.22
52.222.180.41
52.222.186.127
52.222.186.52
52.222.186.56
54.230.206.101
54.230.206.79
74.125.133.155
91.228.74.198
94.31.29.128
95.101.27.78
99.81.42.58
0157822689a0bcc41b8d7bf7db024cb2d2fb137677bd198c51543b01f92d330f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f648e56cb856fc4168c85c0ed18417523fe87dd923d4708cdb1114b8defb8d6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
149503d95b1791cc19746bb96055d090654d93a500de7da715ae2244e70558d8
15800534b81463417ec4f4292d0c1ccb7a31c3dd549e75948f31938baa1ab188
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18528d0b511e777346ea84e27ab52427091b56f52df6ce96028dc404593a799d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d58ec10678df035f4fd517509f207848056cc21dfb1066c40508368942cda9f
21bf4dbdc00525776a6430cc239ffa23f8a7c009b580315bd7aac11fa434b0dd
22ba7e618ed66aec977a8c983baf5e905c0910ec22c3e352241c3d2c31db88ad
237a2dc9f211a15d1ab64350b592da3f86a69e69103aad182b947944505de7fd
251d3356fd63a1395d963870890e7170f871d502bd4279d85d9cc71bbc8b159a
252db5ca3c86e63cca75583837273fc663e7a5dd8b130f23e78184663e34ea21
25c07f476b46d8cd9881341f65aadbb05b0ec83b1ad55dfc1a573165be1ed115
28467cbd6c05ce27d0463575d3b347584508cc2a549f42f2e437ffbb3eb7d534
2e42ab0aad2d026c47939544b40f3e3d98a753437e4492f078c2564c6a7a345a
2fea746535da5c2b49962de51d3cc58076fc1b0b6b30fea75dbf23b799d5acdd
306750573bcafebae85dbe9f61f7f5e84b11d68dd33684fafc8afe3a5bda3344
3208ccca3d8ab3ae7e5ad17495f56b4dc49ed51ab76c2a374b27e79c6af309b9
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
34dfa37b554c6989063f43167486e2089ef4c01c3614f9b9abdf696de5af4115
3758c900204958e3fe10d7195f28e32e85356be676c359192f0fe03a13688731
3a51c2073f0f18463b3c112f59b8610d9d1bdc3e0dec9fca7e83fc7cf8d41397
3bf352f9fc3b7c2c78fbb464808eb45e34416edfab3c3ef22b6c37517d70682b
3c1b76cec679e849c947bd9ea85ed8a8d911eb6578989e7d9fed68a0b33ef1e1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ecdeeb04d9cb6de9d76ebc9f8ab716a7f6b2f08a01f179a462e008debfcb07
479a88b36a9e0fd38bdfd22e19701576cd6cb01f36a21ce9935ad6a2d746e620
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
509bc045397670f0e752b2d1d0a0b56785a0d8110c66472c29876c2e50bb9dbb
56dc4c4ae3fbb32f792c424bad74b95f3ff0b4100778401303ecace1de61de4f
5805ce164c47e942df156a619dab2d1e99248d7797aca8d2ad6e93468916572d
597596d0c7eec4aa77fc4c84e278b9de7643ea0b3e2bf29255b5623bf86c9fbf
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60fb24964d309ec98fa46ae669047aad18e5b40607156cf656e0f7184568ca50
62d7bc5c73e98aa632102959d7542a4ac88b687fe4a58ee66af81fd4a30b0a5b
68feb7e27b5930a15b5523bdfe697322b10b27bf5c721dadf42a077197277e35
69885c352b73c062750dd828a00cb617eea070cd1053590cedd947a7b5d5b152
6a14645b125a6456184a0d31833d55ca3b8e70500c40b24fbda0ad031c8cf842
6bd24dd2eaeb72e59ad21d0604ec7810e2a61d267299cc606268897d8c5c42cd
6cc9016bb910517a41c6ccc36f8745a699a587adce4c1cb48c26f7007e4d027d
6d07f2bd9333a310ea876e4676048abd7ea845fa6181f3742603b8a2fe174b12
6d670e22647964b1b3663c0b34b6531a12a6f7d36dc232570af7d84b9458df0b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
77b49cb3f836bf6eae175661ca89bc6fecb86bf6e290cd22a3e142a1b35871f1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a119b1ed3613700098cbfecb98055a9d5dc77fd1381e688d8859475517699dd
7b6255c8f48581b79ce9bf5c5fffda31769e49218247a7ee429666c6c31ab786
805c36b8be51e1792fa216a1c3c9034da25da902d53508d7debd009d60cdb377
817bcc64027a521696b606d3eb7f7468aaf217b559285b32f7ba83c1758050c1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864b8e9543cceed89e765fb8cce04614ec76a992158cbbf2f77d0652bf7b7df3
87376e11fa53930e64bb71db963c806ba207d45b5fe529d0fec90e19be5cedaf
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8a9bac1202be4aa997a8bc74e78a38d2807e31cdfafad1e54ed0e9a7f2a394b6
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
9a2b45862d3f643ab36ae5d23caeaac01093f5058cad1cf19de46e056da174d7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a31198242402c51ca7411fe72e3b2cb71ed04df82c69538a64d8cd8d62dd6c27
a6948eb260426609402297550173c8ff43a00053d25730dcbd35c53239ac4798
b29ef11c14132a7dcc1bd0be024fdbf4075494a9cb7f19a4cf64b359d8d26cd7
b2c51471c32b6610d8ece9e3f4f7d4ad7df2ce71a207c44ab0d5c2f62cc9db00
b4761c3773fe75a5d98638d5c9b5c10b1fc0dbe8b293ecada93ea02d480f41bd
b568382d881699fdbebcaa0ce9f5b3bf62eceac86b9a03319fa96116863b64e2
b8ea381f3a7ffc635587e8379af22527db455f347de6107612b6521a924a692b
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bf114cd7fe5b2ca7fe0e4434ddb52bf75c0955ff3625ec749855938925c25c6d
c2047ef5f9c3c621a5fd0c4bd0c1e7cd9f2f2ff1d29a937a556cd0305a7bd327
c332b20131761788dc90a84ef0b7ab5572c691c92a2b47bb6ccb26cbb82578b0
c39f476b5b93c43dd02abeac4d545239963a4be1d5215d5c2a50567b9c4978d8
c73ebbcd436cf420db05cc8a0bd0352ab94f8140b92821b7626186b177885073
c9abd840adfc01f6174b8f42f398099fed751f0db27a13549b466f93e25d7204
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d49d3dc921021d1c55cb5830e061b93aabd3b7a25f20d96bef0271e6f1c58ce0
d4cebe52f763079c9cfdd8a90624a1f7996715dadd54ae07167868b6e9c9a82e
d5094dd1c902e23973f750d98b13d9c53bfdbd8a5c0664bbb0aec703cc459850
d59f2aa9ec1859fd55b207dc1868e133d037f8e1954b60d1b49296bb51a17d02
d89afc68e39edd5a4609fadecb276acfa3efbb327d8cd59efea20bef3089183d
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
dce4dd92f69c9fb964bc8f5eb8d082aa9018083d7005325dd35da6f073f49e05
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e374085b30db7ef3a22b1d1977759bea29e17df6fc91dcc8a7c06ee515152892
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6c192deb3bf5729d6ab241643b0ac735b6c65cfa62caf072e3b42e78862c16
edce1b919ae20aa8cc927cd1c7d55280bab15d34f6db2e40628aa8d507b8bb7d
edd4e02f687a6044c64d8a517022f54add7a03a5827d821c486395be73506d29
ee014c446ea4163ce669e5c96d2661761dd4d86f6b320b8f37c39aaef218a21e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11b6f4f0bcb6e04746b62db381bd6d0b7a86ec37aed546de3f3561f5990813a
f38ca9685fe215cddc0485c7bfa156f6cd2a271b0bd38e199ab8a2d277ed2b97
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f7ea415e3bee19d89ac67bee0fdf537e30b653af27fcf661b2ac233c42efe61e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87b71af65cc15195ae7c084a52db3f419f9f09c001a5be4bb58bcae96cc5d74
f99901005c46d58704c42d90749a7651bbd4d5cefabcbcee2eaf7016762c0c0e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff37e550740ba950e857ac9f385d4e4aa54f6354e06db92d72e8c63869be4295

www.hallensteins.com Open in urlscan Pro 151.101.114.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

0 %IPv6

29 Domains

42 Subdomains

38 IPs

7 Countries

4629 kBTransfer

8527 kBSize

33 Cookies

10 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hallensteins.com Open in urlscan Pro
151.101.114.132 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

0 %
IPv6

29
Domains

42
Subdomains

38
IPs

7
Countries

4629 kB
Transfer

8527 kB
Size

33
Cookies

117 HTTP transactions
3 data transactions